ja.helpr.me Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.helpr.me/
Effective URL:
https://ja.helpr.me/
Submission: On April 20 via manual (April 20th 2023, 2:12:53 am UTC) from JP — Scanned from NL

Summary HTTP 473 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 89 IPs in 7 countries across 80 domains to perform 473 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.helpr.me.
TLS certificate: Issued by GTS CA 1P5 on April 4th 2023. Valid for: 3 months.

This is the only time ja.helpr.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 71	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e4:... 2606:4700:e4::ac40:a602	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.1.195 151.101.1.195	54113 (FASTLY) (FASTLY)
1	185.177.94.108 185.177.94.108	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2606:4700:303... 2606:4700:3032::ac43:c960	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
6	2606:4700:e4:... 2606:4700:e4::ac40:a702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2010	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2600:9000:238... 2600:9000:238d:9a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
1	65.9.66.33 65.9.66.33	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.112.32 18.66.112.32	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.74 143.204.89.74	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2250:9c00:a:e047:752:b361	16509 (AMAZON-02) (AMAZON-02)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	35.190.39.111 35.190.39.111	15169 (GOOGLE) (GOOGLE)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2 9	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	63.32.147.164 63.32.147.164	16509 (AMAZON-02) (AMAZON-02)
3	178.250.1.11 178.250.1.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 7	216.52.2.39 216.52.2.39	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	18.197.163.138 18.197.163.138	16509 (AMAZON-02) (AMAZON-02)
5	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
5	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	52.213.87.210 52.213.87.210	16509 (AMAZON-02) (AMAZON-02)
9	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
1 3	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
1	107.21.13.225 107.21.13.225	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
18	161.47.17.28 161.47.17.28	() ()
5	2.19.228.187 2.19.228.187	() ()
2	2a00:1450:400... 2a00:1450:4001:810::2008	() ()
6	2a00:1450:400... 2a00:1450:4001:80f::200e	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::200a	() ()
6 8	15.197.193.217 15.197.193.217	() ()
4	2606:4700:440... 2606:4700:4400::6812:220a	() ()
1 1	2606:4700::68... 2606:4700::6813:9f13	() ()
8	2.18.235.93 2.18.235.93	() ()
1	151.101.1.108 151.101.1.108	() ()
4	104.109.78.125 104.109.78.125	() ()
1	141.95.98.64 141.95.98.64	() ()
1	185.64.189.115 185.64.189.115	() ()
6 8	142.250.185.66 142.250.185.66	() ()
10 16	198.47.127.18 198.47.127.18	() ()
9 10	198.47.127.20 198.47.127.20	() ()
9	52.210.241.143 52.210.241.143	() ()
6 6	213.19.147.45 213.19.147.45	() ()
2 3	34.111.113.62 34.111.113.62	() ()
6	23.35.228.23 23.35.228.23	() ()
1 1	2.19.35.65 2.19.35.65	() ()
2 2	193.0.160.130 193.0.160.130	() ()
2 3	2a02:fa8:8806... 2a02:fa8:8806:16::1400	() ()
2 2	185.29.132.245 185.29.132.245	() ()
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	() ()
2 2	178.250.7.11 178.250.7.11	() ()
1 1	70.42.32.127 70.42.32.127	() ()
2 2	3.122.1.235 3.122.1.235	() ()
1	35.244.174.68 35.244.174.68	() ()
7	2a00:1450:400... 2a00:1450:4001:80e::2003	() ()
9 15	185.64.190.80 185.64.190.80	() ()
5 6	185.64.189.110 185.64.189.110	() ()
2 2	213.155.156.167 213.155.156.167	() ()
1 2	52.94.222.140 52.94.222.140	() ()
1 1	85.114.159.118 85.114.159.118	() ()
1 1	34.195.128.39 34.195.128.39	() ()
4 4	54.228.67.66 54.228.67.66	() ()
1 1	185.86.139.93 185.86.139.93	() ()
2 2	151.101.66.49 151.101.66.49	() ()
1	35.186.193.173 35.186.193.173	() ()
1 1	195.5.165.20 195.5.165.20	() ()
1 1	35.214.153.92 35.214.153.92	() ()
1 2	2606:4700::68... 2606:4700::6812:18ad	() ()
1	72.251.245.179 72.251.245.179	() ()
1	52.214.145.221 52.214.145.221	() ()
1 2	34.111.129.221 34.111.129.221	() ()
1	35.204.158.49 35.204.158.49	() ()
2 2	37.157.5.142 37.157.5.142	() ()
1 1	3.75.62.37 3.75.62.37	() ()
1 2	2a05:d018:d29... 2a05:d018:d29:3602:f896:3671:b11a:dd53	() ()
3 3	52.29.58.65 52.29.58.65	() ()
1 1	51.68.39.188 51.68.39.188	() ()
1	98.98.134.242 98.98.134.242	() ()
1 1	34.102.253.54 34.102.253.54	() ()
1 1	185.89.210.153 185.89.210.153	() ()
1 1	134.122.57.34 134.122.57.34	() ()
10	2a00:1450:400... 2a00:1450:4001:813::2001	() ()
2	2a00:1450:400... 2a00:1450:4001:830::2006	() ()
1 3	69.173.144.138 69.173.144.138	() ()
2 2	69.173.144.139 69.173.144.139	() ()
5	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	() ()
12	213.19.147.42 213.19.147.42	() ()
4	147.75.84.158 147.75.84.158	() ()
4	104.18.25.185 104.18.25.185	() ()
473	89

71 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ja.helpr.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
helpr.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.helpr.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e4::ac40:a602 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.177.94.108 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
PTR: ip-185-177-94-108.ah-server.com

net17.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::ac43:c960 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ezojs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

helpr.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e4::ac40:a702 (United States)

ASN13335 (CLOUDFLARENET, US)

basher.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2620:116:800d:21:c5a4:625:6563:a5bb (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:238d:9a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

site2text-2021.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-33.fra56.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-32.fra56.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-74.fra50.r.cloudfront.net

signal-beacon.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2250:9c00:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com

esp.rtbhouse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:d::d (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.147.164 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-147-164.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 216.52.2.39 (United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.197.163.138 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-163-138.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.213.87.210 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-87-210.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.244 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.21.13.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-13-225.compute-1.amazonaws.com

hb.yellowblue.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 161.47.17.28 (None, )

ASN- ()

saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.saambaa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.228.187 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (None, )

ASN- ()

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 15.197.193.217 (None, ) 6 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:4400::6812:220a (None, )

ASN- ()

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9f13 (None, ) 1 redirects

ASN- ()

c3.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.18.235.93 (None, )

ASN- ()

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (None, )

ASN- ()

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.109.78.125 (None, )

ASN- ()

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.64 (None, )

ASN- ()

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 198.47.127.18 (None, ) 10 redirects

ASN- ()

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 198.47.127.20 (None, ) 9 redirects

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.210.241.143 (None, )

ASN- ()

sync-pm.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 213.19.147.45 (None, ) 6 redirects

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.113.62 (None, ) 2 redirects

ASN- ()

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.228.23 (None, )

ASN- ()

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c21lg-d.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (None, ) 1 redirects

ASN- ()

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.130 (None, ) 2 redirects

ASN- ()

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:fa8:8806:16::1400 (None, ) 2 redirects

ASN- ()

medianet-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (None, ) 2 redirects

ASN- ()

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.11 (None, ) 2 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.127 (None, ) 1 redirects

ASN- ()

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.122.1.235 (None, ) 2 redirects

ASN- ()

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.64.190.80 (None, ) 9 redirects

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.189.110 (None, ) 5 redirects

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.167 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.222.140 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (None, ) 1 redirects

ASN- ()

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.128.39 (None, ) 1 redirects

ASN- ()

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.228.67.66 (None, ) 4 redirects

ASN- ()

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (None, ) 1 redirects

ASN- ()

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (None, ) 2 redirects

ASN- ()

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (None, )

ASN- ()

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.5.165.20 (None, ) 1 redirects

ASN- ()

core.iprom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.153.92 (None, ) 1 redirects

ASN- ()

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.245.179 (None, )

ASN- ()

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.145.221 (None, )

ASN- ()

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (None, ) 1 redirects

ASN- ()

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.158.49 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.142 (None, ) 2 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (None, ) 1 redirects

ASN- ()

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:f896:3671:b11a:dd53 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.58.65 (None, ) 3 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.39.188 (None, ) 1 redirects

ASN- ()

dsp.nrich.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (None, )

ASN- ()

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.253.54 (None, ) 1 redirects

ASN- ()

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.153 (None, ) 1 redirects

ASN- ()

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.122.57.34 (None, ) 1 redirects

ASN- ()

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2001 (None, )

ASN- ()

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (None, ) 2 redirects

ASN- ()

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:2800:133:206e:1315:22a5:2006:24fd (None, )

ASN- ()

saambaa-static.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 213.19.147.42 (None, )

ASN- ()

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 147.75.84.158 (None, )

ASN- ()

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.25.185 (None, )

ASN- ()

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
73	helpr.me 1 redirects ja.helpr.me helpr.me cdn1.helpr.me	13 MB
54	pubmatic.com 33 redirects hbopenbid.pubmatic.com — Cisco Umbrella Rank: 729 ads.pubmatic.com image6.pubmatic.com image8.pubmatic.com image4.pubmatic.com simage2.pubmatic.com image2.pubmatic.com	195 KB
44	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 cm.g.doubleclick.net	515 KB
23	googlesyndication.com 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177 f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com	96 KB
19	rubiconproject.com 4 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 677 eus.rubiconproject.com secure-assets.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	39 KB
19	media.net prebid.media.net — Cisco Umbrella Rank: 1912 contextual.media.net hbx.media.net c21lg-d.media.net cs.media.net	40 KB
18	saambaa.com saambaa.com api.saambaa.com	392 KB
15	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	3 KB
14	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com targeting.unrulymedia.com	2 KB
14	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 942 sync-pm.ads.yieldmo.com	11 KB
14	criteo.com 4 redirects gum.criteo.com — Cisco Umbrella Rank: 442 mug.criteo.com — Cisco Umbrella Rank: 1686 dis.criteo.com	11 KB
11	googleapis.com storage.googleapis.com — Cisco Umbrella Rank: 625 fonts.googleapis.com — Cisco Umbrella Rank: 119 imasdk.googleapis.com	192 KB
10	ampproject.org cdn.ampproject.org	218 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	125 KB
10	google.nl adservice.google.nl — Cisco Umbrella Rank: 11490	2 KB
9	ezodn.com go.ezodn.com — Cisco Umbrella Rank: 12820 g.ezodn.com — Cisco Umbrella Rank: 15904 basher.ezodn.com — Cisco Umbrella Rank: 13245	201 KB
8	adsrvr.org 6 redirects match.adsrvr.org	5 KB
8	yahoo.com 2 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1822 ups.analytics.yahoo.com pr-bh.ybp.yahoo.com	19 KB
8	ezojs.com www.ezojs.com — Cisco Umbrella Rank: 60173	68 KB
7	lijit.com 1 redirects ap.lijit.com — Cisco Umbrella Rank: 883	6 KB
7	quantserve.com 1 redirects secure.quantserve.com — Cisco Umbrella Rank: 1478 pixel.quantserve.com — Cisco Umbrella Rank: 1327 cms.quantserve.com	29 KB
6	google-analytics.com www.google-analytics.com	40 KB
6	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1319 id5-sync.com — Cisco Umbrella Rank: 612	22 KB
6	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 359482	133 KB
5	azureedge.net saambaa-static.azureedge.net	140 KB
5	a-mo.net 1 redirects c3.a-mo.net prebid.a-mo.net	1 KB
5	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319 acdn.adnxs.com secure.adnxs.com	22 KB
5	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1651	5 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	195 KB
4	casalemedia.com htlb.casalemedia.com	1 KB
4	bidr.io 4 redirects match.prod.bidr.io	4 KB
4	1rx.io 4 redirects sync.1rx.io	3 KB
4	confiant-integrations.net cdn.confiant-integrations.net	195 KB
4	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 3166 google-bidout-d.openx.net — Cisco Umbrella Rank: 3148 us-u.openx.net	886 B
4	s-onetag.com get.s-onetag.com — Cisco Umbrella Rank: 4666 onetag-geo.s-onetag.com — Cisco Umbrella Rank: 5724 signal-beacon.s-onetag.com — Cisco Umbrella Rank: 6329	16 KB
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	dotomi.com 2 redirects medianet-match.dotomi.com pubmatic-match.dotomi.com	1 KB
3	tapad.com 2 redirects pixel.tapad.com	2 KB
3	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1550 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1323 sync.crwdcntrl.net	12 KB
3	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1291	2 KB
2	2mdn.net s0.2mdn.net	455 KB
2	adform.net 2 redirects c1.adform.net	2 KB
2	weborama.fr 1 redirects cr.frontend.weborama.fr	787 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	624 B
2	everesttech.net 2 redirects sync-tm.everesttech.net	1 KB
2	amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com s.amazon-adsystem.com Failed	1 KB
2	de17a.com 2 redirects d5p.de17a.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	turn.com 2 redirects ad.turn.com	1 KB
2	mathtag.com 2 redirects sync.mathtag.com	2 KB
2	rfihub.com 2 redirects p.rfihub.com	1 KB
2	a-mx.com 1 redirects id.a-mx.com	1 KB
2	googletagmanager.com www.googletagmanager.com	75 KB
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2474	24 KB
2	rtbhouse.com esp.rtbhouse.com — Cisco Umbrella Rank: 4649	315 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7108	1 KB
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	916 B
1	playground.xyz 1 redirects ads.playground.xyz	467 B
1	sitescout.com pixel-sync.sitescout.com	187 B
1	nrich.ai 1 redirects dsp.nrich.ai	927 B
1	simpli.fi um.simpli.fi	608 B
1	adgrx.com cm.adgrx.com	221 B
1	loopme.me 1 redirects csync.loopme.me	225 B
1	iprom.net 1 redirects core.iprom.net	903 B
1	ctnsnet.com ipac.ctnsnet.com	369 B
1	smartadserver.com 1 redirects rtb-csync.smartadserver.com	1 KB
1	stackadapt.com 1 redirects sync.srv.stackadapt.com	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com	885 B
1	rlcdn.com id.rlcdn.com
1	zemanta.com 1 redirects b1sync.zemanta.com	443 B
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com	398 B
1	yellowblue.io hb.yellowblue.io — Cisco Umbrella Rank: 4997	408 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 763	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 3353	8 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 3991	2 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 4083	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 474	1 KB
1	web.app site2text-2021.web.app — Cisco Umbrella Rank: 830353	415 B
1	net17.biz net17.biz	19 KB
0	linkedin.com Failed px.ads.linkedin.com Failed
473	80

	Domain	Requested by
41	ja.helpr.me	1 redirects ja.helpr.me www.ezojs.com
32	securepubads.g.doubleclick.net	ja.helpr.me securepubads.g.doubleclick.net www.googletagservices.com
18	cdn1.helpr.me	ja.helpr.me
16	image8.pubmatic.com	10 redirects ads.pubmatic.com
15	simage2.pubmatic.com	9 redirects ads.pubmatic.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ja.helpr.me 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com cdn.ampproject.org
14	saambaa.com	ja.helpr.me saambaa.com
14	helpr.me	ja.helpr.me helpr.me
12	targeting.unrulymedia.com	saambaa.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	image4.pubmatic.com	9 redirects ads.pubmatic.com
10	adservice.google.com	securepubads.g.doubleclick.net
10	adservice.google.nl	securepubads.g.doubleclick.net
9	sync-pm.ads.yieldmo.com	ads.yieldmo.com ads.pubmatic.com
9	fastlane.rubiconproject.com	go.ezodn.com saambaa.com
9	gum.criteo.com	2 redirects static.criteo.net ads.pubmatic.com contextual.media.net
9	fonts.googleapis.com	31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com ja.helpr.me saambaa.com securepubads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects ads.pubmatic.com
8	contextual.media.net	go.ezodn.com contextual.media.net eus.rubiconproject.com
8	match.adsrvr.org	6 redirects ads.pubmatic.com
8	www.ezojs.com	ja.helpr.me www.ezojs.com
7	fonts.gstatic.com	fonts.googleapis.com
7	ap.lijit.com	1 redirects saambaa.com
6	image2.pubmatic.com	5 redirects ads.pubmatic.com
6	www.google-analytics.com	saambaa.com ja.helpr.me
6	cdn.zx-adnet.com	ja.helpr.me cdn.zx-adnet.com
5	saambaa-static.azureedge.net	ja.helpr.me
5	ads.pubmatic.com	saambaa.com go.ezodn.com contextual.media.net ads.pubmatic.com
5	ads.yieldmo.com	go.ezodn.com ads.yieldmo.com
5	prebid.media.net	go.ezodn.com saambaa.com
5	c2shb.ssp.yahoo.com	go.ezodn.com
5	btlr.sharethrough.com	go.ezodn.com
5	id5-sync.com	cdn.id5-sync.com ads.pubmatic.com go.ezodn.com
5	www.googletagservices.com	ja.helpr.me securepubads.g.doubleclick.net saambaa.com
5	www.google.com	1 redirects tpc.googlesyndication.com ja.helpr.me
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ja.helpr.me
4	htlb.casalemedia.com	saambaa.com
4	prebid.a-mo.net	saambaa.com
4	match.prod.bidr.io	4 redirects
4	sync.1rx.io	4 redirects
4	eus.rubiconproject.com	go.ezodn.com eus.rubiconproject.com contextual.media.net
4	cdn.confiant-integrations.net	saambaa.com cdn.confiant-integrations.net
4	api.saambaa.com	saambaa.com
4	googleads.g.doubleclick.net	31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com ja.helpr.me
4	basher.ezodn.com	www.ezojs.com
4	go.ezodn.com	ja.helpr.me www.ezojs.com
3	pixel.rubiconproject.com	1 redirects
3	x.bidswitch.net	3 redirects
3	c21lg-d.media.net	contextual.media.net
3	pixel.tapad.com	2 redirects ads.yieldmo.com
3	ib.adnxs.com	1 redirects go.ezodn.com acdn.adnxs.com
3	mug.criteo.com
3	www.gstatic.com	ja.helpr.me 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
3	pixel.quantserve.com	ja.helpr.me
3	rules.quantcount.com	secure.quantserve.com
3	secure.quantserve.com	www.ezojs.com ja.helpr.me
2	token.rubiconproject.com	2 redirects
2	s0.2mdn.net	ja.helpr.me cdn.ampproject.org
2	pubmatic-match.dotomi.com	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects ads.pubmatic.com
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	sync-tm.everesttech.net	2 redirects
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	dis.criteo.com	2 redirects
2	cs.media.net	contextual.media.net
2	ad.turn.com	2 redirects
2	sync.mathtag.com	2 redirects
2	p.rfihub.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	id.a-mx.com	1 redirects
2	www.googletagmanager.com	saambaa.com
2	script.4dex.io	go.ezodn.com script.4dex.io
2	oajs.openx.net	1 redirects
2	esp.rtbhouse.com	invstatic101.creativecdn.com
2	onetag-geo.s-onetag.com	get.s-onetag.com signal-beacon.s-onetag.com
2	31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects ja.helpr.me
1	f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	match.adsby.bidtheatre.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pixel-sync.sitescout.com	ads.pubmatic.com
1	dsp.nrich.ai	1 redirects
1	ups.analytics.yahoo.com	1 redirects
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	cm.adgrx.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	csync.loopme.me	1 redirects
1	core.iprom.net	1 redirects
1	ipac.ctnsnet.com	ads.pubmatic.com
1	rtb-csync.smartadserver.com	1 redirects
1	sync.srv.stackadapt.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	1 redirects
1	id.rlcdn.com	contextual.media.net
1	b1sync.zemanta.com	1 redirects
1	us-u.openx.net	contextual.media.net
1	medianet-match.dotomi.com	contextual.media.net
1	secure-assets.rubiconproject.com	1 redirects
1	hbx.media.net	contextual.media.net
1	image6.pubmatic.com	ads.pubmatic.com
1	lb.eu-1-id5-sync.com	go.ezodn.com
1	acdn.adnxs.com	go.ezodn.com
1	c3.a-mo.net	1 redirects
1	imasdk.googleapis.com	saambaa.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	hb.yellowblue.io	go.ezodn.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	signal-beacon.s-onetag.com	get.s-onetag.com
1	get.s-onetag.com	ja.helpr.me
1	site2text-2021.web.app	storage.googleapis.com
1	storage.googleapis.com	cdn.zx-adnet.com
1	g.ezodn.com	ja.helpr.me
1	net17.biz	ja.helpr.me
0	s.amazon-adsystem.com Failed
0	px.ads.linkedin.com Failed
473	129

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
helpr.me
sv.helpr.me
es.helpr.me
nl.helpr.me
hr.helpr.me
iw.helpr.me
hu.helpr.me
lt.helpr.me
lv.helpr.me
pt.helpr.me
vi.helpr.me
ar.helpr.me
sr.helpr.me
bn.helpr.me
ca.helpr.me
hi.helpr.me
ta.helpr.me
te.helpr.me
tl.helpr.me
ur.helpr.me
it.helpr.me
id.helpr.me
ms.helpr.me
bg.helpr.me
th.helpr.me
ko.helpr.me
ru.helpr.me
tr.helpr.me
uk.helpr.me
de.helpr.me
fr.helpr.me
pl.helpr.me
da.helpr.me
sk.helpr.me
no.helpr.me
sl.helpr.me
el.helpr.me
cs.helpr.me
fi.helpr.me
et.helpr.me
zh-cn.helpr.me

Subject Issuer	Validity	Valid
*.helpr.me GTS CA 1P5	`2023-04-04` - `2023-07-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
username.digitalreceipt.co.ke GTS CA 1D4	`2023-03-10` - `2023-06-08`	3 months	crt.sh
net17.biz R3	`2023-03-09` - `2023-06-07`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.google.nl GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
web.app GTS CA 1D4	`2023-03-06` - `2023-06-04`	3 months	crt.sh
*.s-onetag.com Amazon RSA 2048 M01	`2023-02-23` - `2024-01-02`	10 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-02-28` - `2023-05-29`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cdn.prod.uidapi.com R3	`2023-02-25` - `2023-05-26`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-03-30` - `2023-06-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
esp.rtbhouse.com GTS CA 1D4	`2023-03-20` - `2023-06-18`	3 months	crt.sh
*.id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-09` - `2023-06-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
script.4dex.io Cloudflare Inc ECC CA-3	`2022-11-23` - `2023-11-22`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-12-27` - `2023-06-21`	6 months	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.yieldmo.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.yellowblue.io Amazon RSA 2048 M01	`2023-03-24` - `2024-04-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.saambaa.com Go Daddy Secure Certificate Authority - G2	`2023-04-03` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-03-27` - `2023-06-25`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2023-03-27` - `2024-04-26`	a year	crt.sh
*.eu-1-id5-sync.com R3	`2023-04-18` - `2023-07-17`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M02	`2023-02-10` - `2023-07-01`	5 months	crt.sh
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01	`2023-01-27` - `2024-01-27`	a year	crt.sh
*.ctnsnet.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-04` - `2023-11-06`	10 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-03` - `2024-03-31`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-07-11` - `2023-07-11`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.a-mo.net R3	`2023-04-13` - `2023-07-12`	3 months	crt.sh

This page contains 40 frames:

Primary Page: https://ja.helpr.me/
Frame ID: 067E81DFFE11D3D42C7E3BBE0AFE12B2
Requests: 190 HTTP requests in this frame

Frame: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 15221853DC11D43C87CC5217D0BD1BBE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4AC7ECFA8BC4E4FDA23BFA1087EC4812
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BDAD1C2E867746997A3245AAC7DC1B9
Requests: 2 HTTP requests in this frame

Frame: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A1FB77744177DEC082552B11CBA09B46
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%82%8B%E9%96%89%E3%81%98
Frame ID: 3C20746C34D9E3ABCC05563A219AC37B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D8114C5DB8D6BFAF9D84B8D8476ECD97
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ja.helpr.me&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: E78201161C80ED70ACB1666572B364F7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js
Frame ID: 471655C116587E3FB1F9294324D7E813
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6863C0D3FD86A6451BC663B3BEE34DB0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNxPbvymcOXTmX0URtuVpuqxT_dRbb1_Kso7L1feajMoj6r8YgJZUkdBUX_0Vy5KNyBxYiV05uYJzseZuUKiyWeWmBAK9rGMm13RLl3AbB3GS_UASsoG4eBWuuG9VonTUhWmQwAuYn69P-2SjTwcC1jBGthnJ1KWmTBNAko-U3JIBTkv0YDKZe_TwDLSU5zCkT8x_Rj47lpzd42NSwd8zYzarqJZwYJH843VLuLqj7e77-PDoOBJbnu5cuoE0C_YlD7c_arFwr39QbR24NEcQ0Vsotp_LGanzDeGo8cDYiY39BMX7VFZoQ0UxR78qaFf3eYoTfZBzaq_LUNBr1tB-hYz63UTuRFJo&sai=AMfl-YTj1_Iaz48vciq3JclHPqUtRy-Ix1RpktR__6odOdFIIOMd_657gSOyUr9xYvJismSlBB4nuAXn_6ySfvVkhPJXYF3OOoTjtcPnT066tWWhPRmsnhX1fINXKGk_t-E&sig=Cg0ArKJSzOL6icfNx10VEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 509767F2AB88332204F17EF035B2489D
Requests: 87 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswG_2ojChyFdwj2dJazNoJ5nHWot2qRMj50_azCIvm3Q5s9NjFZLu_1iaN2eoAWRZJOASCPLkhaXBbPAci4eqOh4CHbuCmiTafOUMGDuhXk2Rl66waZrUpsfzaBABf8Z6Y50UuAN2kEL5CxVonM-jqVj9wb-j3L9SI2PYiwdMXTlZdShw2FFIbbap5RwfF55xLqwesjg8G2JJhnGRjNkBL_sIxC72tFpquycaQx2cnAWRuAF540byDVWzIdRzbvW7UbYkLBgySwIO7_fbG_1ddama74GMCjCAv3qN31Ja2dxsmNJQSeCDLtPlzSAjBRUEKjNJoz6_Q_pnpc_lXRTs&sai=AMfl-YQCuFhiRs56sU5o2aNQRs5ve665SWaJ5YMtofNfnFBLQ7IvqOyk5knVZp4RJR91Cko3_iaHmiufVQvA8sWSN15WVzHJjO45FjmMG2NqBFC-ZUMV7WWpEPqg7gkrvEQ&sig=Cg0ArKJSzK8rzjSE1YCWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CDCA06AEA0BC52E9F24B41840C7D22AE
Requests: 44 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: DA166CAB001406B82AD30315E1BDE509
Requests: 19 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe
Frame ID: 681A8FBDA8EDBE4E185CAE8A22211746
Requests: 6 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Frame ID: 5812A06E130BB64F57416C603297D1AA
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E743406D047510235E73944ED48E00EC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 87EACF9DAC380F8E99F7268AF5C844C0
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: FECD9D6D6D235220706003ECCE1A09FF
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3249583720154755000V10&type=rkt&refUrl=&vid=19567721433249583720154755000V10&ovsid=5124322326016245052
Frame ID: 14DF12262C556B2D27A902FEB3E44149
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dpba%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3DPM_UID
Frame ID: 74A9236C3A8366A0220E2E9E028867D4
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 9C712DA639D3D30C78AEDD0132999214
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=0&gdpr_consent=
Frame ID: 9CD5A2DD2721AEAEB7EC62E634864D70
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: B1C569DED20F4DE8567818D923C487B9
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 384D88AB2CA1DE11BCDC7B8C3F015895
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 12014D18FCBF44B88D14CCAD0AA0A269
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&dcc=t
Frame ID: 0363979AE24F09C01DC38F4510D339C7
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 20B73C4332A7B5ADB5B4124A84680E65
Requests: 1 HTTP requests in this frame

Frame: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 4C1C0E7EDFE1A1A9B9F48A0656935116
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=09ub2-_eWGt_Mfb2eYE-sh_Mlms&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 4F0D9378F51DDE6EAEEBD34AD0EC0388
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWE07IgT8AACCc-1nxpQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 6BFFC9CA915261F2583A6F8F40001285
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZECfpAAEFDy9HABa&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&_test=ZECfpAAEFDy9HABa
Frame ID: A9E11FC1EB642FB316A3028A188A54CB
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CB61D8005EE916E24A04D91E575C7413
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 85ACB050E4CEC0A2005D816A35B01DEF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 793A23B3CBD39ACAFD56FDFF3C208020
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 2982BC536184F69F006A93F0937274B3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Frame ID: 42BFD2EE233806B4A8F1DFB31A772511
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zfzkj2zq6un
Frame ID: 034DBA4D0B8BDA484FDC4383EE02B033
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: D2829B772C64E765CF02309D6EE64592
Requests: 20 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs
Frame ID: 7348BE24B21B5860784F81474E7E4D44
Requests: 20 HTTP requests in this frame

Frame: https://f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2F13AB79AC3A8BF2EE0E0C205D244EA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

スターの秘密

Page URL History Show full URLs

http://ja.helpr.me/ HTTP 301
https://ja.helpr.me/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

473
Requests

82 %
HTTPS

35 %
IPv6

80
Domains

129
Subdomains

89
IPs

7
Countries

17256 kB
Transfer

23521 kB
Size

48
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

URL: https://helpr.me/

Search URL Search Domain Scan URL

URL: https://sv.helpr.me/

Search URL Search Domain Scan URL

URL: https://es.helpr.me/

Search URL Search Domain Scan URL

URL: https://nl.helpr.me/

Search URL Search Domain Scan URL

URL: https://hr.helpr.me/

Search URL Search Domain Scan URL

URL: https://iw.helpr.me/

Search URL Search Domain Scan URL

URL: https://hu.helpr.me/

Search URL Search Domain Scan URL

URL: https://lt.helpr.me/

Search URL Search Domain Scan URL

URL: https://lv.helpr.me/

Search URL Search Domain Scan URL

URL: https://pt.helpr.me/

Search URL Search Domain Scan URL

URL: https://vi.helpr.me/

Search URL Search Domain Scan URL

URL: https://ar.helpr.me/

Search URL Search Domain Scan URL

URL: https://sr.helpr.me/

Search URL Search Domain Scan URL

URL: https://bn.helpr.me/

Search URL Search Domain Scan URL

URL: https://ca.helpr.me/

Search URL Search Domain Scan URL

URL: https://hi.helpr.me/

Search URL Search Domain Scan URL

URL: https://ta.helpr.me/

Search URL Search Domain Scan URL

URL: https://te.helpr.me/

Search URL Search Domain Scan URL

URL: https://tl.helpr.me/

Search URL Search Domain Scan URL

URL: https://ur.helpr.me/

Search URL Search Domain Scan URL

URL: https://it.helpr.me/

Search URL Search Domain Scan URL

URL: https://id.helpr.me/

Search URL Search Domain Scan URL

URL: https://ms.helpr.me/

Search URL Search Domain Scan URL

URL: https://bg.helpr.me/

Search URL Search Domain Scan URL

URL: https://th.helpr.me/

Search URL Search Domain Scan URL

URL: https://ko.helpr.me/

Search URL Search Domain Scan URL

URL: https://ru.helpr.me/

Search URL Search Domain Scan URL

URL: https://tr.helpr.me/

Search URL Search Domain Scan URL

URL: https://uk.helpr.me/

Search URL Search Domain Scan URL

URL: https://de.helpr.me/

Search URL Search Domain Scan URL

URL: https://fr.helpr.me/

Search URL Search Domain Scan URL

URL: https://pl.helpr.me/

Search URL Search Domain Scan URL

URL: https://da.helpr.me/

Search URL Search Domain Scan URL

URL: https://sk.helpr.me/

Search URL Search Domain Scan URL

URL: https://no.helpr.me/

Search URL Search Domain Scan URL

URL: https://sl.helpr.me/

Search URL Search Domain Scan URL

URL: https://el.helpr.me/

Search URL Search Domain Scan URL

URL: https://cs.helpr.me/

Search URL Search Domain Scan URL

URL: https://fi.helpr.me/

Search URL Search Domain Scan URL

URL: https://et.helpr.me/

Search URL Search Domain Scan URL

URL: https://zh-cn.helpr.me/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.helpr.me/ HTTP 301
https://ja.helpr.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.helpr.me/;0.7570148038627087 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.helpr.me/;0.7570148038627087

Request Chain 124

https://oajs.openx.net/esp?url=https%3A%2F%2Fja.helpr.me%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fja.helpr.me%2F&rid=esp&cc=1

Request Chain 129

https://gum.criteo.com/sid/json?origin=publishertagids&domain=helpr.me&sn=ChromeSyncframe&so=0&topUrl=ja.helpr.me&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=sY44jnwyRFNCN2R6Z1FOdHJVcWoyWG5kWXZwR3hwbG54c0JDYmxYNTA4cVBHOUtzQkRrNUt2VG9xcWRsUVRicEtnUklxa3lGS2hhTjFPMTJIUEdjeHZlMmkrNWNDby9NOWRFdk5hZ2lDcDcyK0xGM0J4dFE0Y3cvN3U3bFhmZmVhZGk4OE8wRyt6ZFpCdEZnTzFSQTZ0MTVtTWNRbGg0aHhWTm9YTjdiMHRQZ05JclpLUk5jaVJLTnZINUd2Q0VWaVZXbVdnSkxaNHJNb3d5UUFualMydGJSNHd5RXdaVnNIdG1rSVJ2UWViTFg5NVJVNkJyaHE3LzJvbCtvVHFLTkN4YXFPSDBidjVxY1ZlbWJrcmcvLzc0cnhwUT09fA&cppv=2

Request Chain 130

https://ap.lijit.com/readerinfo/v2 HTTP 307
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 251

https://id.a-mx.com/sync/?tagId=&ref=null&u=https://ja.helpr.me/&v=7.42.0&vg=epbjs&us_privacy=null&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://c3.a-mo.net/b?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy=null&cb=https%3A%2F%2Fid.a-mx.com%2Fset%3Fuid%3D HTTP 302
https://id.a-mx.com/set?uid=a2e31e61-dfdc-4ad6-a923-b304a158a6be&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy=null

Request Chain 252

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.helpr.me%2F&domain=ja.helpr.me&bundle=BGl0JF9yc2ZraHl0Wm0zbXdYV2JHZ3JMeTd1WDltelFxRzE2UzRaZkIyakoxd3dZQ1ZZaUFZVXIxaEpkQk1RMXBLZiUyQlpVc2RleCUyQldhY3M0d0IxRHgwdDh0ajBORk52d293ZkZyOGtJM1h1cnV6djl2ZWpLVkFDVGhlOVhFam5sYmxtb3RQNmlyVDA0Z1hDQTY5cGNKdnZYUkdnJTNEJTNE&gdprString=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Et8iRnw1Z1BRQjhyZnpWVjFpZ2V3d2FpRjZkdHhQWmI4TkZOT0hQQ0lzM3dxeVRQNTRiSkZIczNGdnVIOEVMcTV3UXlySm1EUlFNVXg5QWZURzFVdm8zSUswc1AzbDd0UHlZVkdaVHNkUS9oTUl6eFJ4RmtXWm9BQjcvcytjK1JZdEorMHpOdEtZNEdKUzVDSTM4QVVTT2ExU085QlR4b0l4c01Vc281MkxabzNPMG9hVC9yL2NZSVNreWNBZ0J1WGVXV2JPVFZCYytud3pVRHJ3YWxzNC9uREJtMDhmL0FiSHgzNUJ5R2lyRzVDVG1nR3NkSkZtODh6K216TGExa3l0Q3NFTnlMK0VKS29CNXRoV2Z4NmgrSEQxaXpmSkUybXU0VXZFbDUzZkcyb3BSND18&cppv=2

Request Chain 262

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=c&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1&google_gid=CAESEOdDkTyPFGtyCawvDMbjWtQ&google_cver=1

Request Chain 263

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.yieldmo.com%252Fsync%253Fpn_id%253Dpub%2526id%253D%2523PMUID%2526gdpr%253DPM_GDPR%2526gdpr_consent%253DPM_CONSENT&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1&rdf=1 HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D-1%26gdpr_consent%3D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=-1&gdpr_consent=

Request Chain 264

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1681956772106&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 265

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e622d55f-b2b8-4268-83ea-4197aa29a6dd%252C%252C&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&ttd_puid=e622d55f-b2b8-4268-83ea-4197aa29a6dd%2C%2C

Request Chain 266

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://ads.yieldmo.com/v000/sync?tdid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a

Request Chain 274

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 275

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Drkt%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=3249583720154755000V10&type=rkt&refUrl=&vid=19567721433249583720154755000V10&ovsid=5124322326016245052

Request Chain 280

https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dmma%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=mma&refUrl=&vid=19567721433249583720154755000V10&ovsid=3ee46440-9fa5-4400-a37c-586cc049c7b9

Request Chain 281

https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dr1%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
https://ad.turn.com/r/cs?pid=45&rndcb=2910260464 HTTP 302
https://sync.1rx.io/usersync/turn/8820235461248501496?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dr1%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3DRX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003 HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=r1&refUrl=&vid=19567721433249583720154755000V10&ovsid=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003

Request Chain 282

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI0OTU4MzcyMDE1NDc1NTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMLlsZQbTZ5za1_Efp3-_CI&google_cver=1

Request Chain 283

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a33dfcfd-708d-49f1-a94d-b257fcfe0c2b

Request Chain 284

https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-XQsRc6xE2pnEsGigXe5ey.9g2HdXi856xQ4jtw--~A&expires=5&ssp=medianet&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=

Request Chain 285

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dzem%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3D__ZUID__ HTTP 302
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=zem&refUrl=&vid=19567721433249583720154755000V10&ovsid=__ZUID__

Request Chain 286

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3249583720154755000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3249583720154755000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=584fb6f4-bf97-467d-90ea-bf2947878d4d&cs=1

Request Chain 288

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a

Request Chain 302

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1126440-9fa5-4400-bd9d-7075720ede8f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 303

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685627191995583 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=0&gdpr_consent=

Request Chain 304

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 305

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&piggybackCookie=5659156922087364523 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 306

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=sqowO734PWip_2FptKwpO7f_YmmpqGBpsqgZoCV4 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 307

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&dcc=t

Request Chain 308

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=477910156417247956&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 309

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223949329032280215&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 310

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=09ub2-_eWGt_Mfb2eYE-sh_Mlms&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 311

https://match.prod.bidr.io/cookie-sync/pm?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 303
https://match.prod.bidr.io/cookie-sync/pm?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDV0UwN0lnVDhBQUNDYy0xbnhwUQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACWE07IgT8AACCc-1nxpQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://match.prod.bidr.io/cookie-sync?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5181620559778849871&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWE07IgT8AACCc-1nxpQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 312

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&_test=ZECfpAAEFDy9HABa HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZECfpAAEFDy9HABa&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&_test=ZECfpAAEFDy9HABa

Request Chain 314

https://core.iprom.net/cookiesync?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&piggybackCookie=380679759136556 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 315

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

Request Chain 316

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 318

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zfzkj2zq6un

Request Chain 319

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fk7xmnP5SvCdW34gdfQceA%3D%3D&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 321

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 307
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&bounce=1&random=2094155532

Request Chain 322

https://a.audrte.com/match?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=M1717054901&uid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWdtUENNWUx1aC1UekM3LVA1YnQxZi1LQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 323

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTY0RUYxOUEtNzNGOS00QUYwLTlENUItN0UyMDc1RjQxQzc4&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&piggybackCookie=CAESEPDLA3FzafpicIDLba06pbg&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 326

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&piggybackCookie=877183171005800489 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 327

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 328

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nGz0m6tE2uUV0_R9rXS3wY9AHFeW3qM-~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 330

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=283&user_id=3dede6f8-eaba-4795-be44-2d1f0c8c7b07&expires=1&user_group=5&ssp=pubmatic&bsw_param=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=

Request Chain 331

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=9b8c6753d1d244a&is_secure=true&networkId=17100&version=1&nuid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM5H7zxgwuBwMxDJX0AAAAAAA&expiration=1682043172&nuid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&is_secure=true&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 333

https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8820235461248501496&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 334

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=477910156417247956

Request Chain 335

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&piggybackCookie=uid:74ebe574-611c-4715-be0c-1bae087d201c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 356

https://token.rubiconproject.com/token?pid=36584&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGOHMSR3-1O-M1B1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 357

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&expires=30

Request Chain 358

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjYWU5MWRjNTFlODlmMWNiZjEwMTY0NWM5OWJlNmI0MWYxOGZjOA&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 359

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&dcc=t

Request Chain 360

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_0AycoEKTJCQjocK8po0vA&rk=usync-other&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1

Request Chain 362

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdPSE1TUjMtMU8tTTFCMQ==&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&google_gid=CAESEM-6pcXm5xa2Xn2xmTGDq2U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPSE1TUjMtMU8tTTFCMQ==&google_push=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 363

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/zw0PzvRvJDnJvhUdhBS_ucn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BJPUNHhE2oKVMt9tir5hMmXWlyOnMf7oQBOZ1w--~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Request Chain 390

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LGOHMSR3-1O-M1B1 HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGOHMSR3-1O-M1B1

473 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.helpr.me/
Redirect Chain

http://ja.helpr.me/
https://ja.helpr.me/

97 KB
25 KB

211ms
151ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.5
Resource Hash: 2eb6a411458f13d51a461c000c14c0304b4a1c0fd54b6d1753f197fc831e990c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7ba9dd2a5d4ab933-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 02:12:43 GMT
display: pub_site_sol
expires: Wed, 19 Apr 2023 02:12:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pagespeed: off
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlJYYN%2FsDjC8Kl2CglqNuOmjAqWTTXVw7z1ssYoYLvqbxDqQP6srUlL2SgnmoN2PuOGM0zvdOvskKxnVpnm3H%2Fi1pQsON4KSZuGG4p6grf%2FTuOALZSYLR9Wy%2FH1UkMhpbK%2BVDss1cp4d7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
response: 200
server: cloudflare
vary: Accept-Encoding,User-Agent
x-ezoic-cdn: Hit ds;mm;5f66bd8262c44a2a6f87d4e880e0a246;2-314757-5;fdcb6e3a-1d4f-4a85-4d22-525ae4859a96
x-middleton-display: pub_site_sol
x-middleton-response: 200
x-origin-cache-control
x-powered-by: PHP/8.1.5
x-sol: pub_site

Redirect headers

CF-RAY: 7ba9dd29bdb80a5d-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 20 Apr 2023 02:12:43 GMT
Expires: Thu, 20 Apr 2023 03:12:43 GMT
Location: https://ja.helpr.me/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0pzYqHCfW%2FY5frbNguaIuYpdTg5nUTCw0VU%2BQ4dbVz9UmGmVjuS05wIlhasFta6xGhqEIiPyBEbzmcPRHZ74hjff9JMik%2BF7sN%2F4Ri69whJcUHcUeUEvLX83qyI%2BK3X1TvBj8OZk9rgww%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 133ms
58ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3290d628906b29fc7145b10b6d24a21e91b7f568b7b78d0058c747cc7be5875a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25088
x-xss-protection: 0
server: cafe
etag: 849 / 19467 / 31074054 / config-hash: 11973378874502222792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 02:12:43 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 660 KB
192 KB 123ms
49ms Script
application/javascript 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Mar 2023 23:13:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1824684
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaVA2xF3qp2IvdIF%2BeQMvY1TzLHmTjuil1TmfoufZEe49Auy4Q%2FOyLw8fDpySfyZk3cP8aSlRimeFrBUfSHSnDDm%2FZn2KnDQ40iPyFOiVfYGhoxswVG9Yi9DNI0v2ZU0e%2BfA9a4p3oOnBBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 7ba9dd2cb9fe0a4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
ja.helpr.me/porpoiseant/ 8 KB
3 KB 47ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/fads.js?gcb=195-0&cb=8
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 02:12:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CY9FggHEhfGNf4uve9dZO18VsNv45a1pVTapilX2ALcsx%2B%2BGGcyJ0ywaUISdRTyGEE5UmPx%2B%2FuhoJq1H50%2BIx6BW6MpxBLPt20moBIYdGGmUYoP7w83RffrhDrv7IFc7%2Fyek2Dppu9kBzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd2c4e95b933-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 brmsl_19102402.js Show response
cdn.zx-adnet.com/adx/ 145 KB
20 KB 555ms
171ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bd10fa4ee1cd3b8fc26d592224ca0d6f2f955eb84e935431983de2592e4f2a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 20 Apr 2023 02:12:44 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19711
x-served-by: cache-ewr18139-EWR
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681956764.127261,VS0,VE74
etag: "9f87dc41b33ca8bb6de402d70f1dcc52209d835dea394be1972b00009ae4a10f-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H2 200 / Show response
net17.biz/ 18 KB
19 KB 225ms
25ms Script
application/javascript 185.177.94.108
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://net17.biz/?pu=hbsggmjrge5ha3ddf4ztkobw

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.177.94.108 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

ip-185-177-94-108.ah-server.com

Software

nginx /

Resource Hash

a1bc3a233171cdadc68f193a3a46c5c6343de4bff0809b7808257cb0eda0659d

Security Headers

Name	Value
Content-Security-Policy	img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 20 Apr 2023 02:12:43 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
server: nginx
content-type: application/javascript; charset=UTF-8

GET
H2 200 style.min.css
helpr.me/wp-content/themes/voice/css/ 100 KB
31 KB 59ms
38ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/style.min.css
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a15c4280b21640ceafba6316f59cfdb6f3d3c97fa89a1af112aad69487058a55

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1019970
x-ezoic-cdn: Hit ds;ds;d5a2adb7da6e59fe01a8976cfeb8248c;2-314757-5;c0d2ea89-347a-4b00-4846-17a2794222ff
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"19109-5bbb292802e00-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0Xz5EczTqLl%2B5icWDd0DJ12GNr6ST53MoBNZSZVUXx%2Bj6VxyP3D9O7jiMSbwdBwlfGT6Z51vc9Q%2BvoVUVKNlcIfBuaJpfBLiFkH9nOhzGo4fYnlXitzGj1f5pWU87rg9YN8Oe23%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2c6eafb933-AMS

GET
H2 200 css.css
helpr.me/wp-content/themes/voice/css/ 2 KB
789 B 82ms
61ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/css.css
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 068d6277a1545ce56803f5d3c54543ecbb01fee565a0051ec0efd030cbf88525

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1019970
x-ezoic-cdn: Hit ds;ds;b2d634f0f045c3ef51f697528d9ca127;2-314757-5;0ca491bd-645e-4729-5dca-a528bfb83f13
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"9e8-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BVQD8vWDsOnFrpZ1Gh7fY%2BEtQZDQXtqCMq1JdFshOfbel%2F0kyfWyJKEIptYB0x%2BWKSZ3TfvwthEMckk77tTFNdgMwSIoZMlSi%2B83f7BjFOPTeTjvvqIcqaH4Rr5QZwRxQFsO4GQcA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2c6eaeb933-AMS

GET
H2 200 min.css
helpr.me/wp-content/themes/voice/css/ 161 KB
30 KB 68ms
48ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/min.css
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 803dc63465511dc3412691e58678594ddcde0bcc7c5d29dc355804b43f515e3e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
x-sol: orig
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol, orig_site_sol
age: 1496430
x-ezoic-cdn: Hit ds;ds;99b8bbb7c138b08fe218b423699f16fc;2-314757-5;33e644cf-b794-4e26-7018-c8f9890cd92e
x-middleton-display: staticcontent_sol, orig_site_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: W/"284c7-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9rYApZRhTEvst3MIruIo8d8cQoOxrq0z9f3mZq8MgoVUaa41ZKnyZUvocycjBTtwUQRKObzGkHZIrDG8atP9QLk5bLqYfTFIDgTtdq74ce%2FtFp9PgaZwJ7weMezSQrVWUkjqDLXEA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2c6eadb933-AMS

GET
H2 200 jquery.js Show response
helpr.me/wp-content/themes/voice/js/ 95 KB
35 KB 81ms
61ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/jquery.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 812310
x-ezoic-cdn: Hit ds;mm;187266379d38bdad331282576de565f9;2-314757-5;f050db60-a373-454d-52f8-6bccd55202f2
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"17a69-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I7qVv0M2dM3T1uBegW9MhaW1kVSTsQrQ%2BX8tOsTJ%2BcLw1vEMNKs4M2uxnb4mFrzyKtUUr0LiMuEyd%2FCMP%2B5ICLFyj3cHVbqnGveHVOck1caWGG6fFKrjNy0Lz4HTKXLF3SW65%2BJfXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2c6eb1b933-AMS

GET
H2 200 jquery-migrate.min.js Show response
helpr.me/wp-content/themes/voice/js/ 10 KB
4 KB 56ms
36ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/jquery-migrate.min.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1019970
x-ezoic-cdn: Hit ds;ds;5cac779e6070c97267a4f747271754ac;2-314757-5;947c542e-aa7d-44ba-4278-23a984a487c8
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"2748-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G9cCBA75FUTfO%2BQvzaJV8nA9Dt0%2BN3cxyVhwN3SgJpuzTrcBJCKlULiH%2B5PtOegyyt%2BcuYkDi5p16%2FG8ovkZFV3KEujun3LZeNLTECUvp5CbnUFNa0TUfPMrtSJip%2BfD9co836Mxdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2c6eb3b933-AMS

GET
H2 200 v.js Show response
g.ezodn.com/cmp/v2/ 5 KB
2 KB 77ms
35ms Script
text/javascript 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Mar 2023 16:44:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2095
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfiN5dBPRnD8EYlFDH92ak3oz0anOCYd%2FXPZjXvMHQxqkg98mFPBoGiBdxaieyLRzRav2ryFlXpPCRTR6XiNyU%2F2p4vSrVq6Yeo5HV3s2%2BGR%2FVH1NrwcT4lYC%2BfCKyzuYFe5VsWabAGjcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=15780000
cf-ray: 7ba9dd2d7a980a4f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 LWONV4N6ZGpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/560/ 663 KB
664 KB 70ms
46ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/560/LWONV4N6ZGpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b623eda9e64020acbcce7043369c37798958346faf6ab307b3b005485906237c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 679366
last-modified: Sat, 29 Jan 2022 13:44:28 GMT
server: cloudflare
etag: "a5dc6-5d6b8c00da700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N61FoyzsrDGZ7C55Ma5tu3h7FkTkdmhmeuyVLJVSA5avKnWWgVZtDymlGRluBPxuGgp%2BruVTOucJC%2FNK2TFTieh0DKhNCiJ6Cehg6DqMKGJ%2B%2BGgVtDHNRsJXcXVnXJydBHq2BXsnULHR47Nl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d5f45b933-AMS

GET
H2 200 W7P8P3WZGUpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/562/ 1 MB
1 MB 71ms
47ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/562/W7P8P3WZGUpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cc118d7938d5bf18e341cb41a1417e7a329758c2f1615147262accd02517b12

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1187953
last-modified: Sat, 29 Jan 2022 13:44:40 GMT
server: cloudflare
etag: "122071-5d6b8c0c4c200"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzhfXbX%2FzzCUpL2EvpoXETlYdgVmaEOOn26pKZUkQOnD02oioNZNn0OjnncWH7TV8VrbdWgluAjGvv7EmjIEgwLGV9UXfUixcj9%2Fzlrr9hLJvWjFZ%2BBpfPkjmK9uE7PeZ1EoSGU2PU4YH%2F8p"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d5f43b933-AMS

GET
H2 200 CNELWYY9CKpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/561/ 300 KB
301 KB 70ms
47ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/561/CNELWYY9CKpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90af63469388eb727f117311c588de314c03919ce82d08058f7248f308ca9d5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 307134
last-modified: Sat, 29 Jan 2022 13:44:28 GMT
server: cloudflare
etag: "4afbe-5d6b8c00da700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PNJXcrUyrqgTCexukRwr5B619Qgs153RucRw3U9ETQRgxAKUbuEaG8mOJQYQVPc32LMTg80B6dROi6x2gDoqKOh3y%2BG9a9U1i7HX1JqndthrsCxP0%2BGRGGHZwY%2BtFCTqv5418v7D5i79bOIs"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d5f46b933-AMS

GET
H2 200 YJZRGTBUJ8pic.jpg
cdn1.helpr.me/wp-content/uploads/answers/565/ 108 KB
108 KB 70ms
46ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/565/YJZRGTBUJ8pic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 110508
last-modified: Sat, 29 Jan 2022 13:44:30 GMT
server: cloudflare
etag: "1afac-5d6b8c02c2b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXr9BWcOAckljywZm9XP4p%2Blbxy7DeuRHNh8Yd0aeyShFab71m8BdQh8Jf56htqsVaxMDvJaTwBKcMLCyGdPmblhHDJu6bDwojpYHMyor%2By7VQDkEFy8niAgZtb7P9mx%2BgOUeC0Ctly3uajm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d5f47b933-AMS

GET
H2 200 ADSNJMW1XNpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/566/ 6 MB
6 MB 56ms
32ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/566/ADSNJMW1XNpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fc5d1f5305043cfb61dc5e025b2181be1d790e8fe16246704ff8b27784c36b4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6122563
last-modified: Sat, 29 Jan 2022 13:44:34 GMT
server: cloudflare
etag: "5d6c43-5d6b8c0693480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZRgN8DgcJraZb2fu7DKBb5KpWrp5qbNa86t0OpV%2BTZx3TUv625cv%2FdBPe3Owk1h6Qq3%2F8oMCCEHZSqVBBEnNzpmNkjJih7BnkdCzbUYcUzizJmgXpUIpbM8E%2F72NfZFh%2BJXJspdWGH2EBrB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d5f42b933-AMS

GET
H2 200 K5CU6OYRC6pic.jpg
cdn1.helpr.me/wp-content/uploads/answers/563/ 182 KB
183 KB 69ms
46ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/563/K5CU6OYRC6pic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea3c944a4fa67cdb7009c6de5cb561faaa8bbcd6374d1a7d868753779b7754a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186565
last-modified: Sat, 29 Jan 2022 13:44:28 GMT
server: cloudflare
etag: "2d8c5-5d6b8c00da700"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJGFLT%2Bmz4ixYkS0YAMXYQNo3f%2FPoLuYBVatNv5UOws7NcQLaNBFGg%2Bu1J%2BRUAm7C15L9qyPnQHTWeNvA3DGbaPkJ5Opoy6yKesieebzkMQ9Nhwhwk1XgtqimBUeAACBOHjwej5DwjEUZB%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d5f44b933-AMS

GET
H3 200 UIL1VR8RY6pic.jpg
cdn1.helpr.me/wp-content/uploads/answers/567/ 224 KB
225 KB 92ms
91ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/567/UIL1VR8RY6pic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d25625c09836b07155bc4a38e51c9a9e8009ba7bcd865d5b8a16a47c97d7c5af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 229526
last-modified: Sat, 29 Jan 2022 13:44:30 GMT
server: cloudflare
etag: "38096-5d6b8c02c2b80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=liyfP9241xIYpwMOzgJ8iFg12RrkS6fBKXbZcyaLmHbpXJWhVAxreQluUEETJaFd23UzgqGXkdvP368mp%2FY2FqJBBJnWW5PhwKorMWsPUobirH9vcUeGud87cA4mfFMtZj%2FhZInpRxwxCAsT"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d8fa6b8e8-AMS

GET
H3 200 9GGB6FYNOPpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/568/ 372 KB
373 KB 51ms
49ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/568/9GGB6FYNOPpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0614b61992055782387549c84e194b6c1fded276033f60cad0dbfb04e8427fd6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 380971
last-modified: Sat, 29 Jan 2022 13:44:32 GMT
server: cloudflare
etag: "5d02b-5d6b8c04ab000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BkYJUuMKGCUdw9PYAE8qCRytN%2BiV49ngh7zc%2B5G85roHpAG2oA0qvXwSqckp198kqoD8Kq%2FhLrhgDnjAjt66l8Pm6XJmF5BczcoEAjJeBfwt2DOimslYdiLJ32fR8AVXx05lmMk8qfEO5Zd"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d8fa9b8e8-AMS

GET
H3 200 B3INSUTAITpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/570/ 137 KB
137 KB 1310ms
1309ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/570/B3INSUTAITpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc15c057426fd790c4838f7e7ec9393e21adc29ca7d2d6627cf14e19cdc2594a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 139966
last-modified: Sat, 29 Jan 2022 13:44:32 GMT
server: cloudflare
etag: "222be-5d6b8c04ab000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTop9oWzeGjNNnRnqWgozXPwEogzCb9AR4pWoqKz4bA9BBl9gKx6JXavZThnbnYO0ZpHsFAyFcuRzAxBwecSyc260hhADrj%2F0zBFiHbZKZ%2FUzEViA3wXJ5YK76ZsdbVGudxGEYXtz9HpVjjf"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d8faab8e8-AMS

GET
H3 200 R5EC29QIITpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/571/ 372 KB
373 KB 426ms
419ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/571/R5EC29QIITpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d78095c3afe19798df6d41d167a72b3a8d3eae51202885db3fd0db38c8a3aa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2856
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 380882
last-modified: Sat, 29 Jan 2022 13:44:32 GMT
server: cloudflare
etag: "5cfd2-5d6b8c04ab000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8WTa2vM5oO%2Fikw7td7aZXknoBIZf1vjg2GKBaelb3HpkWpZDzjzoaTKKlPtGExrnooqu5v%2FQxQ1XXR0X7Ay%2BZ43xIMshWFptBoHWsxwPOihNx2tbduzzenFus6bc%2FgLbKfJaU9bLfaP7p9a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fb0b8e8-AMS

GET
H3 200 JZSFZ8W6PUpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/573/ 127 KB
128 KB 1190ms
1181ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/573/JZSFZ8W6PUpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3abc18589050057902e9edcdde474b12fa736112152cba13129fa5fdb507697

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 13:44:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1fc0f-5d6b8c0693480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mHukDloh9Wb%2B0Moeolubow36fZJNV332wGPHz%2BFiw3iOex0ESaHDRWXHzMkskOIDWLM0EnWwjeqIH2%2FauxNg5l4EgFjzjepm4KKBNRMj8Xdc%2Bd6vp6lU8%2FmgIgPGkZDwulgO1QsgnG4npz%2BH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fb2b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 130063

GET
H3 200 7K4A20SR6Lpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/572/ 2 MB
2 MB 456ms
447ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/572/7K4A20SR6Lpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 018e34b7ddee8bb6fcd058f7bd6ff05d428e2cb3f475670cb7dc9d6f1ac74af0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 13:44:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1ac231-5d6b8c04ab000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FJDjd8m%2BGROlUkCTDcsLphGTsJ1VgWscawWDOT%2F8e8ob4sPwmG187InH%2FMVJy0iBqdL4G6SGOogKWRtxG6z11DbljWda4nMZ5OHgIniupJR89nzVE2C2u3V3n37czSmItkf4r%2Btez2wWQ2T"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fb3b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1753649

GET
H3 200 HONAG2VJW3pic.jpg
cdn1.helpr.me/wp-content/uploads/answers/575/ 313 KB
314 KB 457ms
447ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/575/HONAG2VJW3pic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e67995a8f081e2e50bedc8cdbc2b52b096b6e2ba7aa3d663c6c78acef1dd7473

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 13:44:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4e3e3-5d6b8c0693480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hki5stVSg8M9VIu2sNEw7CA8VTzsuagMaOdEMs7h56jVy%2BpxcL3%2FpQGGJADVIChI2hWp09%2FFdseE2wvSkOfCwl60uRIhpzyVw8x4MRUCCTZ0W57UQ%2BWFA7KtzfrTVxjjb47%2BPCl%2FQEg1WQ8f"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fb7b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 320483

GET
H3 200 GTFHNUABMSpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/569/ 1 MB
1 MB 458ms
448ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/569/GTFHNUABMSpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe6eda7328d20df4ecb995cf5a7219e061bf32ab3577fc50a48b284fa5f2305

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 13:44:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "13c13d-5d6b8c04ab000"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n9ZETrjzwMqaESA8LNp%2FmTg9ljXm44J9JNWIfQ8SnAi9UkyY5E4V7VczfGbZ%2FOFc67yX4bYuyvJZP9SxOqGZ7kLICPD%2FUOXxEIexQl5o8srNbpuNen%2BMXsRUBEe5JJK0TFGLnJTEl0QHtF4r"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fb9b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1294653

GET
H3 200 POVBO9N78Cpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/576/ 172 KB
172 KB 1735ms
1725ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/576/POVBO9N78Cpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8485359cd8d24b6223ae8bdb2839d904da8399f6cb30c02e13dbf1078c7d7c4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 13:44:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2ae0f-5d6b8c0693480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0FngNpXEHFsyMoilCvHXhgbQ5EtFhaxV4bIu%2FYRoVYSAfahN9IYzMlVF3kbTDAM7%2Fxgou82YajbQrIRRecsjJgftww0OSpx9rcO9fi1dCudRWbFG71g8RFybVTRk5Neq%2BVHZrSeGMEeywLUH"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fbab8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 175631

GET
H3 200 R74YNAZ20Bpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/574/ 353 KB
353 KB 1786ms
1776ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/574/R74YNAZ20Bpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21bd4aa6d7f861f9c210ddbe2405289b4227a556465fecd60ae7d04edd11f63c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
last-modified: Sat, 29 Jan 2022 13:44:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5836e-5d6b8c0693480"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rvCIECM6o3a8t5vQIFah8BKL7wnfoOTVSQlso8DbwPlyi7S%2BIbDz0laNPr3wP702sEulIXs7%2FlwJFGpG0lF6eGi4oIWrVx8Oa8XSsMlG8Z0qMjHibil30lpwI5vkraWTOsFSB7Cczf6KE5a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7ba9dd2d9fbbb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 361326

GET
H3 404 5B4IQLUBBEpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/560/ 0
0 1886ms
1876ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/560/5B4IQLUBBEpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 404 NRNAT64IEJpic.jpg
cdn1.helpr.me/wp-content/uploads/answers/561/ 0
0 1887ms
1877ms Image
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.helpr.me/wp-content/uploads/answers/561/NRNAT64IEJpic.jpg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 lazyload.min.js Show response
helpr.me/wp-content/themes/voice/js/ 7 KB
4 KB 58ms
45ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/lazyload.min.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 813239
x-ezoic-cdn: Hit ds;ds;151bcea10282dc711ff526f74330d6d8;2-314757-5;a1151d36-390a-491c-5680-81c95306628f
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"1a80-59ee0cb0c5800-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkbSaRHb%2FpNmqbzNLBLxrP50IGLBTpziMqJb1ECWvbD3lhnR1YCy4FGEDt8ulv6aeUnOPHdkJfFX6Nx%2FAqx0e3V89GmRTXoc4y7kKWvicG3ckQFcuNj00WvQOSIdQHz9gWB8Vg2I4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2d3f6db8e8-AMS

GET
H3 200 min.js Show response
helpr.me/wp-content/themes/voice/js/ 95 KB
28 KB 60ms
42ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/min.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae47cb8abefb03db2c51af13f5d2f6da22a81e23417e5bbf1f65facac360a6b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1035553
x-ezoic-cdn: Miss
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 06 Apr 2023 14:50:17 GMT
server: cloudflare
etag: W/"17b98-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGTlYxZzU6Uy0I%2B4ej1PwVUXhwbI8gI4N6R3hRqOF2XHo6vHHxSiznSiZ1Y2KSBZLdG8Fs2V2y6c1mHj6dS9x%2FG2yr9d3NZX%2BTHqhsKMMjlCC9d5D5zZ9LVd1Tnr8C7G7v8BiRvLeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2d4f75b8e8-AMS

GET
H3 200 q2w3-fixed-widget.min.js Show response
helpr.me/wp-content/themes/voice/js/ 4 KB
2 KB 109ms
91ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/q2w3-fixed-widget.min.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 159415
x-ezoic-cdn: Hit ds;ds;c4f8c0e04c4c0caba597773092ce03a2;2-314757-5;48a60535-1089-4e5e-61b2-6cd6059020b8
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"1108-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVVLiyag7evzHTO%2FXmht9V5%2B%2FhdgcfseynaKUTGkHteJnTQzVuP178XlqcL%2FT5XTfxteaA%2FmHVASAkk89b6dL%2Bi2MXo9zlYn%2F4nRAhprl87Sr2pBIjQbufVoLqdDCHQ%2B%2FeTGyQIMCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2d4f77b8e8-AMS

GET
H3 200 wp-embed.min.js Show response
helpr.me/wp-content/themes/voice/js/ 1 KB
1 KB 57ms
39ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/wp-embed.min.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 1497338
x-ezoic-cdn: Hit ds;ds;927388159e6f8a1677d4229c5e778ebb;2-314757-5;3fb15087-bd87-4643-4b2c-cfbe22681d6e
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Wed, 29 Mar 2023 21:34:36 GMT
server: cloudflare
etag: W/"59a-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCSNmVELLE3SPtPH17x%2FhhkNHvO%2Bc%2Fs3Axa9w11HodsKExnMuHDD5kWIezFDFE%2BFtj0wOgMEKnb%2FAkUnNc9iGfT8gC4eY79TF%2FzJo9i3nDx9coUrlWOukfh853gBs%2BUEwxxVKpOsHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2d4f78b8e8-AMS

GET
H3 200 form.js Show response
helpr.me/wp-content/themes/voice/js/ 700 B
948 B 53ms
38ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/js/form.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
age: 2147848
x-ezoic-cdn: Hit ds;ms;ef7ab95e59f1f8dab75ea7022db1293d;2-314757-5;2abf0284-d710-4826-6ac8-1a9623d78c38
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Wed, 22 Mar 2023 16:44:07 GMT
server: cloudflare
etag: W/"2bc-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBv1UlAhrjLc9G1m7%2FwG%2BpUUVsLjYoHSnrVT6BEP7IA5UTegvWbCipEe3%2BmCrP1CnaI1tltxigFn%2ByG%2B2UvA7u18Ss8ljcWY2X%2Bhfd3q2vwyeLLaiIgmYSLxdtySZ%2B9odJ%2FBSqucKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2d4f7ab8e8-AMS

GET
H3 200 augusta.js Show response
ja.helpr.me/detroitchicago/ 2 KB
1 KB 105ms
90ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/augusta.js?cb=24
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 20 Apr 2023 02:12:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPsmIZ4Ll2TYX5Mq3btfqXcWb88an3oI7DeKdmjc48yznjyo5%2FBJK5wBMguxNSzYx3TYmu0vS45%2BqpE5sv5hcjeJKogCv2bX%2BQJvsZxF03EaaZ19x%2F%2FXig1GEXV7ggvAWKsZ5O%2FclfQ%2BiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd2d4f7bb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 fads.js Show response
www.ezojs.com/porpoiseant/ 8 KB
3 KB 233ms
50ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/porpoiseant/fads.js?gcb=195-0&cb=8
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c99af258943f5efe5689a6803d0470de89dbb21bc19eaf3259a47bc07d2a88

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2903872
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 17 Mar 2023 11:32:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zWGmD%2FwmUDQIjeqrN%2F%2BTUnz8usCikcXJPuyFXevhlVcyfx50OnE%2FGIT5ZttuLZxuuhkbr0RoiM3XOrj%2BFaJ5KLPL5kUOTvm4CdKBpF2l3aVjlrTK4mw7iW8v78FLM4gaTIZM2Wq3vu64kgd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd2e6c73b718-AMS

GET
H2 200 banger.js Show response
www.ezojs.com/porpoiseant/ 55 KB
15 KB 197ms
94ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=212&v=74&PageSpeed=off
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124751881ec1faad71532322ef7eabc6732d9e6702975d7837be16be75cf9af4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 786540
cf-polished: origSize=56540
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 10 Apr 2023 23:41:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KeAWgI13iDUMw2wyGT3mEkZwYuGRs7NIGJ%2B524tY80TlU0zjTx3KMcAEIxZkyiJnMjY1uPFkNWThSU3niZiWnmqG45hQEDAnFlTE4epEiU0JfXbrWnMRbIjzI2wzy%2BfQ%2BJFs4h8%2B64niGYSE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd2e6c74b718-AMS

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
9 KB 490ms
217ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.5340692910431533

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-ewr18139-EWR
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 20 Apr 2023 02:12:44 GMT
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681956764.127570,VS0,VE117
etag: "5291f663321e7e3f6bfff9a37feadf115ecea3ab57d443f46f5035c626a0edda-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
helpr.me/wp-content/themes/voice/css/ 8 KB
8 KB 254ms
79ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by: Host: helpr.me
URL: https://helpr.me/wp-content/themes/voice/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c

Request headers

Referer: https://helpr.me/wp-content/themes/voice/css/css.css
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;00ba351c94567a11271248dc784a7296;2-314757-5;d2024fb1-5056-4e58-7d67-90984d2e1d3f
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"1edc-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhKH0V%2FtMLBRu0UahPnDUFRFJ8AuANn00ZUXe1FqNejjfg%2BXVAqOE6B1OY%2F%2F3szK3lz%2BkUn3EZytMrWo%2BOlaF0J7atS5TuIQVRJtY3gh7a21K8SMgwRzU4OkiHknu%2F669GeFGSP6vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2e6c95b73d-AMS

GET
H2 200 cmbv2.js Show response
www.ezojs.com/detroitchicago/ 57 KB
17 KB 129ms
52ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 293e7cd31bbd00be5b32a22174d1b564980b991dfb1d203ec9e8f4fc429ec336

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 89858
cf-polished: origSize=58639
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 23:59:46 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkxiioy1WpQhvnuOsqWbr6SN5y3maNXNI7UeAm5DJLhcgABrAQeJGk2tB9WNoI4SOFHVt%2FQpNk%2FP%2FwG7F%2FsPqvlO6qzYozEERnl4%2Fu2dSPv4Gv%2BFuvGFYMr2l1cwFv8oFpOzdjToghSbuKIL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd2e6c75b718-AMS

GET
H3 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
helpr.me/wp-content/themes/voice/css/ 8 KB
8 KB 232ms
88ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by: Host: helpr.me
URL: https://helpr.me/wp-content/themes/voice/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b

Request headers

Referer: https://helpr.me/wp-content/themes/voice/css/css.css
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;81ecbfd2293ffd58a43b85505a0d18c7;2-314757-5;fadb7bb0-3191-48b9-73b0-b6f581aaeebd
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"1f34-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6SBsmz98AMbLGcLjaA4zPLLkyaH2S%2FqNUpmSuKsMR6HK5teUhxgyiEP0QvA3yphfKkRu8Rn0FA8UcUaJIZebTxDX7JpBCxHTUt0PoJD4OYN%2FUbCqMAQxdeOJReZtHdi5dXSER6lADQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2e6c94b73d-AMS

GET
H3 200 fontawesome-webfont.woff2
helpr.me/wp-content/themes/voice/css/ 70 KB
71 KB 254ms
110ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/fontawesome-webfont.woff2
Requested by: Host: helpr.me
URL: https://helpr.me/wp-content/themes/voice/css/min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://helpr.me/wp-content/themes/voice/css/min.css
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;6b813474a55b1cfb6a55a9e02f747e18;2-314757-5;ca3da796-56fa-4086-40e5-a27a266ee1a2
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"118d8-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FlY9T%2By%2FTdKC1IaFrdlJ4gzwYykNhJX5gGoax27VpbTxYAcoJ3qtdmVjzKZpTYPJHQ2Zmp98o6KMvF%2BAdF0WJx55niBycvO806TSS%2BbmJuuA9gvlstsP0ICWXq4Xj1xi4jhrPOgObQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2e6c91b73d-AMS

GET
H3 200 pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
helpr.me/wp-content/themes/voice/css/ 8 KB
8 KB 340ms
224ms Font
font/woff2 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://helpr.me/wp-content/themes/voice/css/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by: Host: helpr.me
URL: https://helpr.me/wp-content/themes/voice/css/css.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491

Request headers

Referer: https://helpr.me/wp-content/themes/voice/css/css.css
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-ezoic-cdn: Hit ds;mm;7590b7caf7e915f891bcecbdcd460f35;2-314757-5;893ac8c6-f2cc-45fd-7cea-0bb177bda65b
x-middleton-display: staticcontent_sol
x-middleton-response: 200
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
response: 200
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: W/"1e60-5bbb0682d7100-gzip"
x-origin-cache-control
vary: Accept-Encoding,User-Agent,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NE502XJMH4JD4szdkPt20VR5PDQizMw2Kbtiha3pHfLK42HVR1yVX%2FMp0l3w6KdnnNrpq53epE2H0m5%2FMYHeoFpScFuvjhSNuR%2Bkh7NPF0%2B6nkfEu1kB2SMs3dBb0dvrVmOEN2%2FOsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=2592000
cf-ray: 7ba9dd2e6c93b73d-AMS

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ezoic.png
go.ezodn.com/utilcave_com/img/ 1 KB
2 KB 81ms
65ms Image
image/png 2606:4700:e4::ac40:a602
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezodn.com/utilcave_com/img/ezoic.png
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a602 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:43 GMT
cf-cache-status: BYPASS
x-sol: middleton
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
display: staticcontent_sol
x-middleton-display: staticcontent_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1181
last-modified: Thu, 13 Apr 2023 19:17:03 GMT
server: cloudflare
etag: "49d-5d9576f862e00-gzip-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbRrAX76QRzGUyLRWkZz%2BVDGDawoMYiT00qZ52YU0toAIZ9KQGLzg6bJLidYw0OzDMznEDdLlMu5HgNYLqW0QvYyQQpOz6ez725frlE5rC%2B2BLU1uSz%2Fc45fok0EIpltajujAyo1WlnOzZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 7ba9dd2e3b330a4f-AMS
expires: Thu, 27 Apr 2023 02:12:43 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 400 KB
124 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 780
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127052
x-xss-protection: 0
server: cafe
etag: 14196522953641333499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 19 Apr 2024 01:59:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 789 B
390 B 243ms
108ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe2a11c057f5d56d3cc09d4f3047aefe9c9f1e6356fc18197e1c0d931d21934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Thu, 20 Apr 2023 02:12:44 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//ja.helpr.me/;0.7570148038627087
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.helpr.me/;0.7570148038627087

43 B
528 B

69ms
69ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.helpr.me/;0.7570148038627087

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 02:12:44 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Tue, 19 Apr 2022 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 02:12:44 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//ja.helpr.me/;0.7570148038627087
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Tue, 19 Apr 2022 21:00:00 GMT

OPTIONS
H2 200 /
basher.ezodn.com/ Frame 0
0 170ms
30ms Preflight
application/json 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=314757&bf=220&dc=1254144
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7ba9dd315f120e3d-AMS
content-length: 0
content-type: application/json
date: Thu, 20 Apr 2023 02:12:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TcSPK%2Fr0GS%2BZy6w1Js0qeNEHiey0YomGuEa6J2GIkifscfk3z8gknmz93JYFXSm04obMt2cHCMXqCybdmxkAWuYTO1qSDCu0PZPd9VNUvPFmNacQX0MVFuFY2qz%2Fs89vqZ79v4gxYO8A7He4i9V"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

GET
H2 200 nmash.js Show response
www.ezojs.com/porpoiseant/ 21 KB
7 KB 57ms
55ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/porpoiseant/nmash.js?v=212
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=212&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4b6cfc681c92695b0d2cc772e274d478238274edc5d562810e4fb608e061af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 20 Apr 2023 02:12:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKBZoSNXJkRDiaWlzPZwpkiY%2F29devOef5NcIUjGvcRsov0nkhtsCNw3bIc4glZszHwN6dDcEE1s8gItfezP9yPl%2BQKYKnd769jvO4YRRkC7v0eFyiRXdCNOwzY%2Fc2YnV5Ud3WSawJ4Wrkvp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-middleton-display: sol-js
cache-control: public, max-age=14400
x-robots-tag: noindex
cf-ray: 7ba9dd307de0b718-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
basher.ezodn.com/ 3 KB
2 KB 34ms
33ms XHR
application/json 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=314757&bf=220&dc=1254144
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=212&v=74&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1369c2b65501181b124fd3e1987ccb6f1737afdb07888b0a5a2d7b90e7457532

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPG%2BbcLWfA224VMgtnEpO8zmyY3c4oa%2BHNcJHlh3cZ0oui9iITZTkG9xcRJMERCPjgpoysHkAlvksXp9zkAT%2FHMFL8uP1YY%2B4H%2BqiAg7CxnohfTPJ5eaRvWoG%2FnR6MPZP%2B1L8Equ15%2F5HR9qoffz"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7ba9dd318f350e3d-AMS
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 imp.gif
ja.helpr.me/detroitchicago/ 43 B
647 B 1418ms
1418ms Ping
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/imp.gif?e=%7B%22ab_test_id%22%3A%22mod13%22%2C%22ad_cache_level%22%3A2%2C%22ad_count_adjustment%22%3A1%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A1%2C%22ad_location_ids%22%3A%226%2C39%2C38%2C5%2C4%2C1%22%2C%22adx_ad_count%22%3A5%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Rotterdam%22%2C%22country%22%3A%22NL%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A2%2C%22domain_id%22%3A314757%2C%22domain_test_group%22%3A20230806%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A2%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221004%2C1006%2C1100%2C1103%2C1975%2C1976%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22749de0bd-968b-4828-750b-a0b176399916%22%2C%22position_selection_id%22%3A46%2C%22postal_code%22%3A%223044%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A42514%2C%22response_time_orig%22%3A3%2C%22serverid%22%3A%22i-027ac633e099b3e19%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221006%2C1100%2C1103%2C1280%2C1975%2C1976%22%2C%22t_epoch%22%3A1681956763%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fja.helpr.me%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A26%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kHDnYxj1upiNeiExfgLKKqJ8%2FXY9iDFz77CsAENRIfuXS6NbiHTYrsyBkG6OC3vufwGcb4yFRFZ69oenLPMtCCkUNNZv%2FHO7oY5pEMyA93PlViIQIQOs%2FxLnzR2FlUV84%2Fb2WHi6BmNxEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
vary: Accept-Encoding
cf-ray: 7ba9dd30796bb8e8-AMS
access-control-allow-headers: Content-Type
expires: Wed, 19 Apr 2023 02:12:46 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 167ms
31ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Apr 2023 02:12:44 GMT

GET
H2 200 cmbdv2.js Show response
www.ezojs.com/detroitchicago/ 41 KB
11 KB 32ms
32ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1c-5y62-22&cmbcb=136&sj=x03x0cx1cx62&abt=EdgeHostDomain
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ea8055f444ec3842d9708b362a3cce75256183bf50260a5dc9f43c089a3028

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 94576
cf-polished: origSize=42210
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 23:54:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNcx2i7Pe2FrsR82zjgRJ7dSDAontH2IEH7J9jfC37IPBlmIcEX7zbZ0uPwsiRoNScv8nYYIzlW5IpX3zcJCogZbbCJOCu%2BhxcAGOAT09vWrEUXBwbR7XyLI3j3IfjCuggmjuM6fLPRAh6TW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd307de6b718-AMS

GET
H2 200 kenai.js Show response
www.ezojs.com/detroitchicago/ 3 KB
1 KB 33ms
33ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/kenai.js?gcb=0&cb=5
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f181cdb050654407e8679ee762b6b40c59d731bd11154f9decf9a7b1c44b972c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2448815
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 22 Mar 2023 17:57:19 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EayttRXIsVfZ13gfk%2BSdCscrVFXkhpXIksW1beH0fpAstD%2FAI1EjOfrCxbJcv0u%2FeC6p5ZXJ9k81ShrGQWFxc6eHLkTsEpNXphMPN%2FunY281smp9GlzxDcPIurbrIE7qGe87941y9TmD2XwC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd307de7b718-AMS

GET
H2 200 portland.js Show response
www.ezojs.com/detroitchicago/ 29 KB
10 KB 34ms
33ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/portland.js?gcb=0&cb=2
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73531d638270a6d89faa7f7d34271a8650ca40051ac537f327c04fefe157c97a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 90747
cf-polished: origSize=29963
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 18 Apr 2023 23:53:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80F63CBP16Y8DCp84lr0QHcl3r7fNgtokFFN8m3Mepso7b35LeKcktseJe9IGOaFd1gfrtzi9qpmQGvBPTdrHHbBQYRhM%2Bqk7y8g90zCO9EJnfYzx0KKF71CnweD5km3RJsNXk6ciySZ3lRE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd308de8b718-AMS

GET
H2 200 sidebarwall.js Show response
www.ezojs.com/detroitchicago/ 9 KB
3 KB 34ms
33ms Script
application/javascript 2606:4700:3032::ac43:c960
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ezojs.com/detroitchicago/sidebarwall.js?gcb=0&cb=19
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c960 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1388120
x-middleton-display: sol-js
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Apr 2023 00:28:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82cuQUbRIFlEdcVQlbFlV5H%2FUWLmP3MIFAvDHUGkTRYgXxB9S6n%2BltL4EvdaLjMeQtIIjCdcgSzodUkyer9u9Avp4WZQ30k6D5amtCqV8WWS4lOt0WJU77CtNrk7kEB260Y7rWkDyZunUvp3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-robots-tag: noindex
cf-ray: 7ba9dd308debb718-AMS

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
531 B 128ms
40ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 120ms
41ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 mr.js Show response
storage.googleapis.com/s2t-images/ 23 KB
5 KB 216ms
142ms Script
application/javascript 2a00:1450:4001:812::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/s2t-images/mr.js?0.1065036118000422
Requested by: Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:44 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtBlF1SSFrQ-mcmKAbhAz4tn09V4hNoDJv-ozMwJpn96ld6QeU9shQaRGVbIwaZJ2eyj4JxCNxLst2u-Ho08Zoj
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4449
last-modified: Tue, 24 May 2022 13:22:38 GMT
server: UploadServer
etag: "115f5664d494ea5e45aad8061e45949d"
vary: Accept-Encoding
x-goog-generation: 1653398558715037
content-type: application/javascript
x-goog-hash: crc32c=1nfj4g==, md5=EV9WZNSU6l5FqtgGHkWUnQ==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 4449
accept-ranges: bytes
expires: Fri, 19 Apr 2024 02:12:44 GMT

GET
H2 200 abs.js Show response
cdn.zx-adnet.com/adx/ 220 B
222 B 156ms
155ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/adx/abs.js?0.9129827945940321

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/brmsl_19102402.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 20 Apr 2023 02:12:44 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 107
x-served-by: cache-ewr18139-EWR
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681956765.597583,VS0,VE45
etag: "5fef2687ef3b38d2357073d43abb64a2f46b34fce9295b7d515ee95b7d79cfdb-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600,public
accept-ranges: bytes
x-robots-tag: noindex, nofollow, noarchive
x-cache-hits: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
680 B 472ms
472ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=3933348798482842&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=1254144%3A22563361973%2Chelpr_me-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1655635150&didk=3321897871&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D6549509167808904%26eid%3D6549509167808904%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dhelpr_me-box-2-6549509167808904%26eb_br%3Daf063c244089b52ec5a0423a258f1f8e%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D140%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1681956764554&lmt=1681956764&dlt=1681956763546&idt=744&adxs=650&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=1140x250&msz=300x250&fws=4&ohw=1600&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77bed2bf311ba2a0a56a8c99d5d2323a66b6602c7b53082cfdd7ea9f531f8ea0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 650
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1522 6 KB
3 KB 157ms
39ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:44 GMT
expires: Fri, 19 Apr 2024 02:12:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
617 B 582ms
582ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=1157007441607573&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=1254144%3A22563361973%2Chelpr_me-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=1881753728&didk=2407522699&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D4014522301795941%26eid%3D4014522301795941%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dhelpr_me-medrectangle-2-4014522301795941%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D180%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1681956764573&lmt=1681956764&dlt=1681956763546&idt=744&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964fbf47690bb02bb532a4e3261360d8822761b79dbd42dc21cf78722ba48db2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 587
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
611 B 475ms
474ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=3966246845613483&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=3&adks=508159336&didk=8345239&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D8482662349773264%26eid%3D8482662349773264%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dhelpr_me-edge-2-8482662349773264%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D220%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1681956764579&lmt=1681956764&dlt=1681956763546&idt=744&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb2f91a5e81b7ee88bf4873be9c372c88b89014060448123ebdc00ca10450d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 581
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
613 B 613ms
613ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=3697156374925645&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=4&adks=2422952176&didk=8338828&sfv=1-0-40&prev_scp=a%3D%257C0%257C%26iid1%3D4487854767803634%26eid%3D4487854767803634%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dhelpr_me-edge-1-4487854767803634%26eb_br%3D43aa1607a0c08c74b14a9039e7b909b4%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D220%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1681956764582&lmt=1681956764&dlt=1681956763546&idt=744&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26d05f70230de4b369f46f860486636cfd84de359adcfc9f1f76cb67439c5f0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 583
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 341 KB
66 KB 219ms
218ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.5340692910431533

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-ewr18139-EWR
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 20 Apr 2023 02:12:44 GMT
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681956765.655869,VS0,VE94
etag: "903d4e9708a69e8cc899413e10c8bd8c12ff0e8553c05df46fc83d843518567b-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 67057
x-cache-hits: 0

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 160 B
631 B 77ms
24ms Script
application/javascript 2600:9000:238d:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:44:53 GMT
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 1672
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:41:49 GMT
server: AmazonS3
etag: "af15ecfe46737cb2a37226fd060f23a6"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 5cop0IGVZ0BeguTsGqibw5tzILAP1kOYLvBW3RNKidOjMc_0Tf22fw==

GET
H2 200 pixel;r=1252677415;labels=Domain.helpr_me%2CDomainId.314757;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fja.helpr.me%2F;uht=2;fpan=1;fpa=P0-2035593922-1681956764595;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-202...
pixel.quantserve.com/ 35 B
371 B 42ms
32ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1252677415;labels=Domain.helpr_me%2CDomainId.314757;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fja.helpr.me%2F;uht=2;fpan=1;fpa=P0-2035593922-1681956764595;pbc=;ns=0;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;ref=;d=helpr.me;dst=0;et=1681956764684;tzo=0;ogl=locale.ja-JA%2Ctype.article%2Ctitle.%E3%82%B9%E3%82%BF%E3%83%BC%E3%81%AE%E7%A7%98%E5%AF%86%2Cdescription.%E8%AA%87%E5%BC%B5%E3%81%AA%E3%81%97%E3%82%BB%E3%83%AC%E3%83%96%E7%94%9F%E6%B4%BB%2Curl.https%3A%2F%2Fja%252Ehelpr%252Eme%2F%2Csite_name.helpr%2Cimage.%2Cimage%3Awidth.810%2Cimage%3Aheight.540;ses=e7a10a8c-a6ac-46fb-8392-749702c1e574

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 checkabuse Show response
cdn.zx-adnet.com/ 56 B
350 B 197ms
196ms Script
text/html 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/checkabuse?surl=https%3A%2F%2Fja.helpr.me%2F

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/adx/abs.js?0.9129827945940321

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: gzip
date: Thu, 20 Apr 2023 02:12:44 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65
x-served-by: cache-ewr18139-EWR
server: Google Frontend
x-timer: S1681956765.758307,VS0,VE85
etag: W/"38-qno2VtKrKGrEkeWyGeNb55UMVvo"
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html; charset=utf-8
x-cloud-trace-context: b0347dda80734a31a22028bbdcab2e84
cache-control: max-age=3600,public
function-execution-id: aa6ql1k90pra
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H2 200 gw_251221.js Show response
site2text-2021.web.app/ 0
415 B 847ms
503ms Script
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://site2text-2021.web.app/gw_251221.js?0.9911461594860578

Requested by

Host: storage.googleapis.com
URL: https://storage.googleapis.com/s2t-images/mr.js?0.1065036118000422

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 20 Apr 2023 02:12:45 GMT
x-cache: MISS
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 0
x-served-by: cache-bom4738-BOM
server: Google Frontend
x-timer: S1681956765.197017,VS0,VE345
vary: cookie,need-authorization, x-fh-requested-host, accept-encoding
content-type: text/html
x-cloud-trace-context: dafa9682ea7c1a7f57f1f242e6bc629b
cache-control: private
function-execution-id: 235b849slo0m
accept-ranges: bytes
x-orig-accept-language: nl-NL,nl;q=0.9
x-country-code: NL
x-cache-hits: 0

GET
H3 200 ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js Show response
cdn.zx-adnet.com/consent/ 230 KB
37 KB 99ms
98ms Script
text/javascript 151.101.1.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/ui-gdpr-en.feda0fd8c5f2191f5c4b299585520859048f3705.js

Requested by

Host: cdn.zx-adnet.com
URL: https://cdn.zx-adnet.com/consent/sdk.feda0fd8c5f2191f5c4b299585520859048f3705.js

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.1.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-served-by: cache-ewr18129-EWR
strict-transport-security: max-age=31556926
content-encoding: br
date: Thu, 20 Apr 2023 02:12:45 GMT
last-modified: Tue, 17 Jan 2023 17:33:04 GMT
x-timer: S1681956765.025402,VS0,VE2
etag: "dad5947af947c84745a29032a526f3e68afd9ce38af7f41ee281defb94b29c84-br"
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=315000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 37832
x-cache-hits: 1

GET
H3 200 / Show response
basher.ezodn.com/ 3 KB
2 KB 32ms
32ms XHR
application/json 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=314757&bf=220&dc=1254144
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/nmash.js?v=212
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1369c2b65501181b124fd3e1987ccb6f1737afdb07888b0a5a2d7b90e7457532

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-PINGBACK: pingpong
Content-Type: application/json

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
access-control-max-age: 86400
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gkqSWMIE%2BkwqevJdHI7AXOIdoGQ%2BLHzXsAb1EzHB2NSOsR4E69PkdcTWKnTY6rKsAtExOJ4VhmQ5Uq7%2FMrXVBaSzY3Lnx4gKaQRi2hW5Z%2B42Zy1P48O%2BUcA%2Bn7u6YDhAphiYKjpbAMzLcwP56wiF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: public, max-age=84400
cf-ray: 7ba9dd35dbdbb8cc-AMS
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 /
basher.ezodn.com/ Frame 0
0 31ms
31ms Preflight
application/json 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://basher.ezodn.com/?did=314757&bf=220&dc=1254144
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-pingback
Access-Control-Request-Method: GET
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-pingback
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 7ba9dd35abb2b8cc-AMS
content-length: 0
content-type: application/json
date: Thu, 20 Apr 2023 02:12:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyI8nRepuUz%2BhpxLQp1uQMwYmcgqX7oDwcPFqEwhVQhyew0Ev5dMcVa%2BZBEBYMKCXiuDHheu0Fru3ddUqpOksqJBqZgehGVNFlFt0ATzvB63PF%2FWDwiOPVQggaLCbi2f4nvER8ub3jixSU2MnLQr"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Accept-Encoding

POST
H3 204 greenoaks.gif
ja.helpr.me/detroitchicago/ 0
532 B 529ms
528ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidF9lcG9jaCI6MTY4MTk1Njc2MywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInRfZXBvY2giOjE2ODE5NTY3NjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInRfZXBvY2giOjE2ODE5NTY3NjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidF9lcG9jaCI6MTY4MTk1Njc2MywiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxNTQzIn1dfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcLH%2F510tG9N7vw%2B%2FFhIUi3xBma2JkQst0cejtTqtbKhjRGOdDU1%2FaicoapgwPNRVR43Zp5shnRHnq0sUHKPvn10VqLHAXIN2H7vjwrlcop5SfQVnMYDSU6KTABSld%2FqwB1ZXd8G%2BxXPWw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd360cd0b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:44 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
530 B 528ms
528ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTU0MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXHvOxaBoZNB4ME06grS0W%2FqfkUqzPGpGTWPVULPLQjC8Cbv4mxm3bjkL7GMnmqRa4Z2jB0xPmjWRpdap9aERthoAlo5DhzAN6QsH3aG8ZBV1F1jVcuiZ%2FP9To%2BIk4fRmfJBqfDLESSyHA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd360cd2b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:47 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
532 B 524ms
524ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODQ4MjY2MjM0OTc3MzI2NCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE1NDkifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Q8J%2FkpLrmZzfucvLZkw7sw4rD8Rgu0wl%2BVxRSOniobEBGKMUq1CCl7RCTG0McQTItR%2BcGVggkJze3cL1FlQAFca8t2Sb09EYXQ1f%2FPc%2FMIRjWHbCc25K76d3ugjt6hD2%2FdbHADNMC3nqg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd361cdab8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:44 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
527 B 417ms
416ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMTY1NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7nzsm0fLndrAOvmzlkr1vvU2NPrdCb6V58fPzm7lNOCSkibtdxbiLkDh4ftAVDe%2BeYyrP6yoCG7PQQ4W51oxZOFfa30WticPgzaPfRXRoseW4JY%2B%2BqkH2gj31cKmaEBt3XLWtilyX7KHA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd36cd5ab8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:44 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
528 B 411ms
410ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQ4Nzg1NDc2NzgwMzYzNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE2NjMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCBdOR0tewL8yXktd0%2BBpyCzv3eFmg9U5whLS4%2Bt9YFfJ605ofB4Gs4MHP6JNpL8NLpSHuxzn6zzmT%2BB4WxjQsRBwN7lneAZpOnBVKi9yMUpn4aIpwS35HdylmkbBbR01nuyLherTWsHdg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd36cd62b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
165 B 43ms
40ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 42ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 150 KB
44 KB 1064ms
1063ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=3784138755738636&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&adks=150040298&didk=1051136126&sfv=1-0-40&ists=1&fas=8&prev_scp=eb_br%3D3530fcb6bcc13dc3c1712eaef7d92700%26al%3D1006%26ic%3D1%26ezoic%3D1%26tap%3Dhelpr_me-pixel1-1200598753786445%26bvr%3D8%26bra%3Dmod13%26ap%3D9999%26reft%3Dn%26br1%3D160%26ga%3D2497208%26iid1%3D1200598753786445%26d%3D314757%26br2%3D120&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956765244&lmt=1681956765&dlt=1681956763546&idt=744&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

808dc23a7e506d11a2923f56f033196f6879f003ffe3f911644a7ab6b1d2f05b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45150
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ 33 KB
12 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl_page_level_ads.js?cb=31074054

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36b51237a514c8362d64d43c17abd3d4fd2e3a586c8a55c32bfde0c0e1c114aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 13:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45291
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11860
x-xss-protection: 0
server: cafe
etag: 7680045872876739953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Apr 2024 13:37:54 GMT

POST
H3 204 greenoaks.gif
ja.helpr.me/detroitchicago/ 0
531 B 41ms
40ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSa9v1ev0v%2BWy6rG16Ce2fHtc%2FWeHj5461QZniBJxtKwZC4KSOzA2mtmtujl%2B%2FdoKI%2BYzp3MOiC3kOMGh37d7igiOWVVLh2FKFBMHkYnUHf19Rewd4Tkfejh527gsF6juzKZ%2F2T7Oeb42g%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd395f03b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:45 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/ 18 KB
6 KB 144ms
33ms Script
text/javascript 65.9.66.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-33.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: SHNpl_8wt2p1PJfKLDG5Nc7BxQDTckiK
content-encoding: gzip
via: 1.1 7e513424eee237ee26467e8fd5656ec0.cloudfront.net (CloudFront)
date: Wed, 19 Apr 2023 03:56:07 GMT
last-modified: Wed, 19 Oct 2022 18:09:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 80198
x-amz-server-side-encryption: AES256
etag: W/"32d4340999995f7e75434869149ee50c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=86400
x-amz-cf-id: vp6PbU2Ifn5FmBmdqj2MyIDKb7W2bSfnzumtQZC_Duv40VuGA78EKQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 165ms
83ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304190101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8203d352db1b99c99a4b5ef4cc8a880bd1c96b2cf3c689d8f5ce82bcd1b47333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11270
x-xss-protection: 0

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
962 B 240ms
140ms Fetch
application/json 18.66.112.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-32.fra56.r.cloudfront.net
Software: /
Resource Hash: c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 47f04331-500a-4b20-9ad2-3f0f1f462ac3
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Dp3guHvwCYcFZoQ=
content-length: 555
x-amz-cf-id: -yij1z9K2IRJmmNvt31RQU0Un7-2BT_63FPNVjlKgnQbqNgVqw3VzQ==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 22 KB
7 KB 143ms
32ms Script
application/javascript 143.204.89.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/48e9aff7-e1fb-417c-a320-ed101cdab11f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.74 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-74.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: h0jfx2_ld0LSppgdK5454e6x8dlC_h3s
content-encoding: gzip
via: 1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
date: Thu, 20 Apr 2023 01:28:09 GMT
last-modified: Wed, 01 Mar 2023 12:13:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
age: 2677
x-amz-server-side-encryption: AES256
etag: W/"fd89ceeda84b55780ed4e8f97b752a7a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: P4XXaY0Vjtfh_Ty8wtHnXYgNYhrEvBypwSpyzU7tYSQv5syVf7--Qg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 203ms
75ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 20 Apr 2023 02:12:45 GMT

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
961 B 89ms
89ms Fetch
application/json 18.66.112.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-32.fra56.r.cloudfront.net
Software: /
Resource Hash: c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:45 GMT
via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6, FRA56-P5
x-amzn-requestid: 47f04331-500a-4b20-9ad2-3f0f1f462ac3
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: Dp3guHvwCYcFZoQ=
content-length: 555
x-amz-cf-id: VmTG2A8SiCXC2zQMp6P2yxli4ZjLv08LvnKMbIfRQy6y8uqszQWRwQ==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4AC7 13 KB
5 KB 61ms
60ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 26387
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 19 Apr 2023 18:52:59 GMT
expires: Thu, 18 Apr 2024 18:52:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9BDA 783 B
1 KB 113ms
41ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf7e40f904b55ac62a0e13527f83e0ecf0b6f98931f9873fae72f3c06450bc60

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-D0ECepN38ZicCKTXHDdIrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-D0ECepN38ZicCKTXHDdIrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:46 GMT
expires: Thu, 20 Apr 2023 02:12:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AC7 36 KB
14 KB 154ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 18:53:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BDA 0
0 170ms
100ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304190101&jk=1383399687511908&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4AC7 0
10 B 32ms
31ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lN_vPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 94ms
37ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 27074
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7027-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVqNfTylbu4Bw8%2BIH5GK3jodQu04xqbUhAR2qmbv3yPWOwNQESmUq8sAgr1CHJB039adY93htlOvTOxVDQfAF9EhCzQhX5dJxdN2oyq00NvChRPtrUcRVM6A3Le3jCmbdPQ9v%2Bd5R0897npnrjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ba9dd3e2e2f1ca2-AMS

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 59 KB
17 KB 94ms
38ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 06 Apr 2023 12:00:04 GMT
server: cloudflare
x-amz-request-id: 88M83THS7457PZRP
age: 1954
etag: W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7ba9dd3e2da70b44-AMS
x-amz-id-2: FXyEY0sLmDASLU0U8C6U3fnYmyxWhO3HEuFt3JM6bATKAYjBtz3y4G/vcYrZGe7xu66Uk5TfM1FKQ3Va2Ku/eg==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
2 KB 86ms
26ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:20:21 GMT
via: 1.1 google
age: 3145
x-guploader-uploadid: ADPycdtaz3XkmSWerwCpJfkeVE7Z5ek-laL82jfkYVau9GLftAGLusA1iy8TWu_F_Bxp7JaGBMA14DhAm-R8ToGFxmWBJoM8ZjtN
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1258
last-modified: Fri, 29 Jul 2022 16:55:09 GMT
server: UploadServer
etag: "f5bc066f146e3dbb049aa6c86c7012e6"
x-goog-generation: 1659113709880056
x-goog-hash: crc32c=6QojvA==, md5=9bwGbxRuPbsEmqbIbHAS5g==
content-type: text/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 1258
accept-ranges: bytes
expires: Thu, 20 Apr 2023 02:20:21 GMT

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 37 KB
11 KB 112ms
36ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:38:06 GMT
content-encoding: gzip
via: 1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified: Wed, 22 Mar 2023 22:36:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 84881
x-amz-server-side-encryption: AES256
etag: W/"4fd6c99ca40fed5d11cbd9e1b76a92f1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: wvgvGtrGDFcf3_HfWWYacvfHbenjOg_DvFDsWZKf6mK0BdWqhXW3hA==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 2 KB
2 KB 111ms
31ms Script
text/javascript 2600:9000:2250:9c00:a:e047:752:b361
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:9c00:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 19 Apr 2023 03:09:51 GMT
Via: 1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Jan 2023 04:07:36 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 82976
x-amz-server-side-encryption: AES256
ETag: "aded621b17723f487b3c9d0e43cf2f94"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1859
X-Amz-Cf-Id: pPZujNq38y6KWfDO26NDQUvSTueq6kAMs5Rhz2fC0TQQChyo7N_bjg==

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 86ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 09:23:47 GMT
content-encoding: gzip
age: 492539
x-guploader-uploadid: ADPycdsZpqcXnZbcmGzZ_V0Z5SXxoKERKqpat2gPCWV6UK4ng_R3UkKKHmHCrp3gmKdGIC5-LWDD6uDpAPhYcYwhc878ZRcPAknG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Sat, 13 Apr 2024 09:23:47 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 39 KB
13 KB 100ms
48ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-9c21"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 21 Apr 2023 02:12:46 GMT

GET
H2 200 container.html Show response
31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A1FB 6 KB
3 KB 32ms
31ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:44 GMT
expires: Fri, 19 Apr 2024 02:12:44 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 greenoaks.gif
ja.helpr.me/detroitchicago/ 0
528 B 70ms
69ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInRfZXBvY2giOjE2ODE5NTY3NjMsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjE1MSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiMzAxIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIxMSJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI4NzMifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI4ODUifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMjI0MyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInRfZXBvY2giOjE2ODE5NTY3NjMsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjY0MCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInRfZXBvY2giOjE2ODE5NTY3NjMsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiNjQwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidF9lcG9jaCI6MTY4MTk1Njc2MywiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fZWZmZWN0aXZlX3R5cGUiLCJ2YWwiOiI0ZyJ9XX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aELHhXBo%2BcuB3S2ypBiuNcREFBR0dVckoQ6YhXImywVdM%2BqGvGJX07wImr9d1a8oLkaWTXJFgM%2FcJNwZ0w9Ugm7b5bIROY2NOAZiBz9Rjg4iZLJLKh1dAHc4difnxppy5l23oR6oc83hoA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd3dd9b2b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

POST
H3 204 greenoaks.gif
ja.helpr.me/detroitchicago/ 0
524 B 70ms
69ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuOCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInRfZXBvY2giOjE2ODE5NTY3NjMsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjI3OTIifV19XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xu35qYXv6xj10B7XXm6DrwMOISbI32zq4hI3lpJiihpUasZXtKpizl6LgDFI4SbfPoraPkgbyBwNUva2QxXoIkNMIbQ9fiWlfSVgvKZ1lfgGPtg2MJqcHlpCQGs2heaCmwUvrm1Cp3viJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd3dd9b3b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
532 B 68ms
66ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIwMDU5ODc1Mzc4NjQ0NSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJoZWxwcl9tZS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEyMDA1OTg3NTM3ODY0NDUiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiaGVscHJfbWUtcGl4ZWwxIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6IjM1MzBmY2I2YmNjMTNkYzNjMTcxMmVhZWY3ZDkyNzAwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMjAwNTk4NzUzNzg2NDQ1IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImhlbHByX21lLXBpeGVsMSIsInRfZXBvY2giOjE2ODE5NTY3NjMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEyMDA1OTg3NTM3ODY0NDUiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiaGVscHJfbWUtcGl4ZWwxIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDM0NDg2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMjAwNTk4NzUzNzg2NDQ1IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImhlbHByX21lLXBpeGVsMSIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nPCGPnnrJo%2BQPyX3COKEmxHw3EPiqMBOlUvDWe9F4xUxYDATc1P8LRX1ftuKdvGGGTctvIWtvZvEm%2BzxYeZ8pXvZwXFnHw2mR2eSDi4hbUZGxwKCtpxv9VzKmqU0HzRmD8ZUYJDOQj%2BruA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd3dd9b4b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
525 B 68ms
67ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIwMDU5ODc1Mzc4NjQ0NSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJoZWxwcl9tZS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wNC0yMCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjIifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNCJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ni4q5HUol0aCFib7uc4mpbReK3luuIv4aTSK2ffOquXyJp3Zt0rNu28H0gFOYMu0Xh5lT8%2BzjbCgtqXnMRq0GXAPS4eVTheDPr5ENfXwADcOOcRUq5EkYW65ekhVHzb6IrONZNYkUAoSg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd3dd9b5b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
533 B 65ms
64ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTIwMDU5ODc1Mzc4NjQ0NSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJoZWxwcl9tZS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhdWN0aW9uX2Vwb2NoIjoxNjgxOTU2NzY2LCJhZF9wb3NpdGlvbiI6OTk5OSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImJpZF9mbG9vcl9pbml0aWFsIjoxNjAsImJpZF9mbG9vcl9wcmV2IjpudWxsLCJiaWRfZmxvb3JfZmlsbGVkIjoxNjAsImF1Y3Rpb25fY291bnQiOjEsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjExMTQsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7YNUuo5y2RPechk%2FmANCOFbnlv5z5uw1sz%2FG7vD6Ymv%2FhZy7K20aeYnZeu4evIOG8TqwgbLCTyNGGbNGcf64sV7tMXJYbkQe6NMAGWQjXlOSjP5u1F%2Byb59j%2BTov2gp2%2B8EP5XyDnG5jA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd3dd9b6b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
530 B 70ms
69ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIwMDU5ODc1Mzc4NjQ0NSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJoZWxwcl9tZS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiYWRfbG9hZF90aW1lIiwidmFsIjoiMjc5MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vc0A1lpbaILeWTHLL55pK3i9z6dTtl%2B4PQ52HnsdGyZYN4gxCSjcn1%2BTkawojIzFawWnt7PDn8HwZO8upRjWQ7dZuQB3Px%2FAojdZamdgiZAoBy%2BMAFfRv6DrdjnIZx3Nd4btZwcukk38mg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd3dd9b7b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame A1FB 4 KB
705 B 119ms
45ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
URL: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:44:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3C20 249 B
675 B 108ms
44ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto%20Sans%20JP%3A400&text=%E3%82%8B%E9%96%89%E3%81%98

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3a4f88e910ae8c02a8ea28994983972195bab4636486d751b1820ae8880969f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:37:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3C20 8 KB
966 B 142ms
79ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:40:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:46 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 3C20 2 KB
765 B 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:31:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:31:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/ Frame 3C20 22 KB
9 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/abg_lite_fy2021.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8756
x-xss-protection: 0
server: cafe
etag: 5179999606349116156
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 3C20 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/window_focus_fy2021.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:52:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26397
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 18:52:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/ Frame 3C20 20 KB
8 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 16:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35234
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8509
x-xss-protection: 0
server: cafe
etag: 3034682829645713766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 16:25:32 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3C20 0
0 40ms
39ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRo9kYZgmzYHPOurM4u0FbO2q7RpUSrWq6y4wPM8YFdZO3XQmiIeSuoa528dtqR_842MFs1ZY7dtbjTjPpJ5TFJXBfkMQ
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3C20 159 KB
49 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 02:12:46 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 3C20 33 KB
14 KB 111ms
33ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 01:43:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 01:43:07 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/ Frame A1FB 19 KB
8 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230417/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
URL: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 17:46:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8167
x-xss-protection: 0
server: cafe
etag: 3140062999518874537
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 03 May 2023 17:46:35 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A1FB 205 B
294 B 116ms
43ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
URL: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:25:11 GMT
x-content-type-options: nosniff
age: 6455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Apr 2024 00:25:11 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame A1FB 604 B
1 KB 105ms
32ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
URL: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 00:31:56 GMT
x-content-type-options: nosniff
age: 6050
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 19 Apr 2024 00:31:56 GMT

POST
H2 200 encrypt Show response
esp.rtbhouse.com/ 221 B
315 B 42ms
39ms Fetch
application/json 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Requested by: Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 325907e8dc512f0521e0d9d8f0007ccb6aeeb16db234e1fa7a6db8dad492275a

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
via: 1.1 google
server: Google Frontend
content-type: application/json
access-control-allow-origin: *
x-cloud-trace-context: 6992828b64e47ac25885b82e31b53fe3
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 221

OPTIONS
H2 200 encrypt
esp.rtbhouse.com/ Frame 0
0 170ms
103ms Preflight
text/plain 35.190.39.111
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://esp.rtbhouse.com/encrypt
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 111.39.190.35.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 20 Apr 2023 02:12:46 GMT
server: Google Frontend
vary: Origin
via: 1.1 google
x-cloud-trace-context: 70e8e36bd3b2d963151b906a9720cd72

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fja.helpr.me%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fja.helpr.me%2F&rid=esp&cc=1

85 B
203 B

126ms
125ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fja.helpr.me%2F&rid=esp&cc=1
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: ffa682c3929427d6a36a8a21075a01eaa646357bf9f5634d5971ca48ef7c0441

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-FT8PNX9Uri/NZoVw40IQ4cGSYyM"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 20 Apr 2023 02:12:46 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://ja.helpr.me
location: /esp?url=https%3A%2F%2Fja.helpr.me%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
320 B 193ms
39ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D811 143 B
383 B 195ms
61ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
URL: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 967
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 01:56:39 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E782 15 KB
6 KB 144ms
45ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=ja.helpr.me&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 353419
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 235 B
689 B 169ms
70ms XHR
application/json 63.32.147.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.147.164 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-147-164.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 91b133ad0518dbeed5d6f09f0e1338966ec706dcf23ec5a28821cc5bc25cfb6f

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:46 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache
x-server: 10.45.9.65
access-control-allow-credentials: true
content-length: 235
expires: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame E782
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=helpr.me&sn=ChromeSyncframe&so=0&topUrl=ja.helpr.me&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=sY44jnwyRFNCN2R6Z1FOdHJVcWoyWG5kWXZwR3hwbG54c0JDYmxYNTA4cVBHOUtzQkRrNUt2VG9xcWRsUVRicEtnUklxa3lGS2hhTjFPMTJIUEdjeHZlMmkrNWNDby9NOWRFdk5hZ2lDcDcyK0xGM0J4dFE0Y3cvN3U3bF...

419 B
647 B

395ms
27ms

Fetch
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sY44jnwyRFNCN2R6Z1FOdHJVcWoyWG5kWXZwR3hwbG54c0JDYmxYNTA4cVBHOUtzQkRrNUt2VG9xcWRsUVRicEtnUklxa3lGS2hhTjFPMTJIUEdjeHZlMmkrNWNDby9NOWRFdk5hZ2lDcDcyK0xGM0J4dFE0Y3cvN3U3bFhmZmVhZGk4OE8wRyt6ZFpCdEZnTzFSQTZ0MTVtTWNRbGg0aHhWTm9YTjdiMHRQZ05JclpLUk5jaVJLTnZINUd2Q0VWaVZXbVdnSkxaNHJNb3d5UUFualMydGJSNHd5RXdaVnNIdG1rSVJ2UWViTFg5NVJVNkJyaHE3LzJvbCtvVHFLTkN4YXFPSDBidjVxY1ZlbWJrcmcvLzc0cnhwUT09fA&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4cc5ffc6994a090798953604b113622bdbdb9373546a8dee4dddc7d118771520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:47 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1395730
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:45 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=sY44jnwyRFNCN2R6Z1FOdHJVcWoyWG5kWXZwR3hwbG54c0JDYmxYNTA4cVBHOUtzQkRrNUt2VG9xcWRsUVRicEtnUklxa3lGS2hhTjFPMTJIUEdjeHZlMmkrNWNDby9NOWRFdk5hZ2lDcDcyK0xGM0J4dFE0Y3cvN3U3bFhmZmVhZGk4OE8wRyt6ZFpCdEZnTzFSQTZ0MTVtTWNRbGg0aHhWTm9YTjdiMHRQZ05JclpLUk5jaVJLTnZINUd2Q0VWaVZXbVdnSkxaNHJNb3d5UUFualMydGJSNHd5RXdaVnNIdG1rSVJ2UWViTFg5NVJVNkJyaHE3LzJvbCtvVHFLTkN4YXFPSDBidjVxY1ZlbWJrcmcvLzc0cnhwUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 297977
content-length: 0
expires: 0

GET
H/1.1

200
OK

v2 Show response
ap.lijit.com/readerinfo/
Redirect Chain

https://ap.lijit.com/readerinfo/v2
https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

41 B
459 B

26ms
26ms

Fetch
application/json

216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 07eb8d28fab53222d5db607d52ab36de4824b00a46c386ca310330072ae1e1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 02:12:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ja.helpr.me
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 61

Redirect headers

Date: Thu, 20 Apr 2023 02:12:46 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://ap.lijit.com/readerinfo/v2?sovrn_retry=true
Access-Control-Allow-Origin: https://ja.helpr.me
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D811
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
307 B

40ms
39ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
URL: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:46 GMT
expires: Thu, 20 Apr 2023 02:12:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4716 36 KB
14 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qQ9mw0ckdUnCcE_fRg-2epoMaLUurlOMv3TU4-E81-A.js

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 18:53:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 26386
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 10:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Apr 2024 18:53:00 GMT

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6863 0
176 B 104ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 20 Apr 2023 02:12:46 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
68ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304190101&jk=1383399687511908&bg=!4-Cl4LTNAAZA7GLoYOw7ADkAdvg8WkBHXrjS272C_iH755LzJVU7Z73zWcdCmA0Rv6Ocr9kGwjyA3jZx0zOFY5cDGdYUycbF2YECAAAAZFIAAAACaAEHmQLyjTkBDiFJAjwRBF9SzKwWHt_WJc4wuiGu5_pUBak6QutK0iK2FaWgZU5vp53831QZWVVQEBlpEuddKIOWiDhypiB84bX_YL6P2gLgyg9bddnxT8i-mnW99ITivK34gnFHEhOdiRIY2c9ZpwcHC6MI1YDYp2P7p68xT7x_bW1CZoz1WRzZ5uQzW8KU6503fiO8C4QiYwm8dW2RTevLbmCc57Ap59gMLP4DfjUqzTQJWproFF5YWZESjkn9-HqL7oItZxoc4JCTbZfGe9oLwwtVlbWgWWLMBXUJLVr6pOXKXBG3Gf82-VV6cEsNerOBkbN3p2rgFUhho_jPqmGlEefatRNvfMImWEYWXEICc4jUzmQtJaEGlCrCsDcYawqKvjtQDy1SuGnBO9OSTuE9SqX1P7VHbveumGmnLlGUmwL49u6aPbUBsgJEnvjJbG3yZDMaPzShz8J3MQPn9s8gO4gZxhmWNGASAhqIw9Nd1Irn3yTJqOxPcqKxP6sfKGYenyZbOAHAF3A0kDmTr5Jt4NuQQ8aoFK7IxPwKO_-3cdOLWwgUXM-sujxi6KPF3smdMq3JYI0iINK5WHwDGbVrdZNQeQNNvzSu296wjqD7-OyeYrLj2rdeFWm1nWxULMzWA9Qca4DLhUmRUpdRlo5KMPl8r2BuRNbKrZ8BVes79RG5IZpaiqT2PY3OOJ7rr18ojrELGtC6IVH6M1nIwRPdP-PVaaWzda7yLsxx1pnmZ_FOtMRrSmZSm8aoKGX9g_MHn1g3mj0F-PB8i8ZfLGWe_FsGQ4GpigQEZdMOUIXWMPutCvBfNagc86nSJcpOp5SS1MdmvdAlapJwZCzbkPdYz0Kpa5SsZNPvxWhSyLxzdUjhB5qN4xV93qN3dkuU_H1Bcbi7JBogDfL9fFfTo3bVTnaY2GCDxS5Qug7l4nTkuI3W_SB_zagYvhOFL1duMvZmsBxqW_EKBPPDhWuRJEYydd96eVyzlMZnfEDVZAiNBQAzeZFGzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
528 B 48ms
48ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIwMDU5ODc1Mzc4NjQ0NSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJoZWxwcl9tZS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMTYwMCwxMjAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTIwMDU5ODc1Mzc4NjQ0NSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJoZWxwcl9tZS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEyMDA1OTg3NTM3ODY0NDUiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiaGVscHJfbWUtcGl4ZWwxIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQtCZjX1gWX2WnKp8W1Mv7WOoFAjc1%2Fhyq7f6G%2B0mUuBHoqSRsO14VOr7PS9y7xIaBEOElwedGBKnSOjewdrXcluzjjcNFYdy2rpD%2BQs52ihxT2awokA7wH8G2jXa9eURuLtQBTsKAkC9w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd473f84b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 69ms
68ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
41ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
472 B 384ms
383ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=156303199982790&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=6&adks=2422952176&didk=8338828&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D4487854767803634%26eid%3D4487854767803634%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dhelpr_me-edge-1-4487854767803634%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%26lb%3D220%26reqt%3D1681956768047&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956768057&lmt=1681956768&dlt=1681956763546&idt=744&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e95bd13d1e11b89ee282c1b0974782931c08851a0d31cf0ca655b88220fe248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
477 B 599ms
598ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=4316632233067949&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=7&adks=1881753728&didk=2407522699&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D4014522301795941%26eid%3D4014522301795941%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dhelpr_me-medrectangle-2-4014522301795941%26eb_br%3Db355e9227b551c119a30a68852723b62%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D90%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C19%2C2351%2C2610%2C2688%2C3044%26lb%3D180%26reqt%3D1681956768053&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956768063&lmt=1681956768&dlt=1681956763546&idt=744&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48eedf1f08475955b4ab2ddf940838700d3fee5a27e08fa17cba13f79447c6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
470 B 396ms
395ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=1005908316764434&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=8&adks=508159336&didk=8345239&sfv=1-0-40&ris=3&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D8482662349773264%26eid%3D8482662349773264%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dhelpr_me-edge-2-8482662349773264%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%26lb%3D220%26reqt%3D1681956768066&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956768072&lmt=1681956768&dlt=1681956763546&idt=744&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f805f3327bf2c1b226316ab617a4773d997e48963c986193d483a26d52fba06e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 441
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
469 B 457ms
457ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=3988505081681210&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&adks=1655635150&didk=3321897871&sfv=1-0-40&ris=4&rcs=1&prev_scp=a%3D%257C0%257C%26iid1%3D6549509167808904%26eid%3D6549509167808904%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dhelpr_me-box-2-6549509167808904%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D70%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C19%2C2610%2C2688%2C3045%26lb%3D140%26reqt%3D1681956768068&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956768077&lmt=1681956768&dlt=1681956763546&idt=744&adxs=650&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=1140x250&msz=300x250&fws=4&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5712ba7d3ed78eb1d49d0c8982ea8aa5bdc53c54cdcd84bcf8e166ae8711d45b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 440
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK localstore.js Show response
script.4dex.io/ 483 B
1022 B 102ms
33ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 02:12:48 GMT
Content-Encoding: br
CF-Cache-Status: HIT
Last-Modified: Wed, 23 Nov 2022 15:43:18 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Age: 547349
ETag: W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jC7Mp%2Ft%2FF14Uv%2BigYOHOjrp%2Bm0THVi1XyrKnAJZJ%2BJImrc3y54n1yQbgnlm2bTSJ2XU7vmC7DHNM5YdVUsGzIT1Ii78xhdTscEVQky7NpSWZ0jzuUsimXkFA8YhM1ANhlZnCrbf60hsIEIUS"}],"group":"cf-nel","max_age":604800}
Cache-Control: public, max-age=1800
Connection: keep-alive
CF-RAY: 7ba9dd4c5b050bd5-AMS

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 1 KB
974 B 209ms
102ms XHR
application/json 18.197.163.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.163.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-163-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 04f2990372c89f6ab2b405b62ab69b27236230a16dae2c5f8e6bead0a1039e7a

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 608

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 1 KB
938 B 233ms
127ms XHR
application/json 18.197.163.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.163.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-163-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 553583e026ffbb43a7b0dc8c1bc4556b509803c22b02df2b5be87d927ae4b543

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 573

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 1 KB
967 B 241ms
134ms XHR
application/json 18.197.163.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.163.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-163-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 3d75783322363933cc37701a1005efd314c44fa5a3cdfdc2ade4ea3745393dd9

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 601

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 2 KB
1 KB 233ms
127ms XHR
application/json 18.197.163.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.163.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-163-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 9fe2da28a064822c24ec89b3af1fdbf3602ebed1fe71e915f226f37b102f7aa6

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 781

POST
H2 200 v1 Show response
btlr.sharethrough.com/universal/ 666 B
908 B 235ms
129ms XHR
application/json 18.197.163.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.197.163.138 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-197-163-138.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: b6cc2d01180352016fde66a57dd28ec5466fbb12994c928ff81fcc1df0ba0219

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
x-openrtb-version: 2.5
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 543

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
3 KB 266ms
161ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidcrwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba&eidpubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954&secure=1&gdpr=1&euconsent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: d5fcd012456b8cfe64ca66586e63ecf32f389b7b6ba4d8b9241fb5ca6b190e93

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 3203

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
3 KB 295ms
191ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e221125d9d01b3&cmd=bid&eidcrwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba&eidpubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954&secure=1&gdpr=1&euconsent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 156770747a691d972e24ba7d68545fa30a4cae29d9c4f2baf852fe71848d3e16

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 3201

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
3 KB 294ms
190ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidcrwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba&eidpubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954&secure=1&gdpr=1&euconsent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 3e97922b8d6d6d5a7d1f437e8eb0223f3bfaa65238b97003871501dd96ebb723

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 3217

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
3 KB 264ms
160ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9699b701747420431021125b3b0010&cmd=bid&eidcrwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba&eidpubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954&secure=1&gdpr=1&euconsent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 238b216c50362dd4399fb6ae2471f4dc953af4e6ab2d421ed9dc4c9f9ac2f260

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 3191

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 7 KB
4 KB 263ms
159ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691b20174742046e2210bface012a&pos=8a9691b20174742046e2211258fd01b2&cmd=bid&eidcrwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba&eidpubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954&secure=1&gdpr=1&euconsent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 2e3f605d16afcee3819297e332b625f4d7820c622eff38fb08786634c3c38257

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 3191

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 2 KB
1 KB 228ms
167ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUBCB617
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3f2df3b6c31cd31b124253a8f3dee1e603f193588d9723f914d1ceadf24939ba

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 20 Apr 2023 02:12:48 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ 0
222 B 281ms
131ms XHR
text/plain 52.213.87.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=7.42.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-helpr_me-edge-2-0%22%2C%22callback_id%22%3A%2220c92c60cda718b%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%2247092ca1-d914-4ecf-86d5-9f44e280ceff%22%2C%22auctionId%22%3A%22f4856789-bfdf-40c0-934a-a638128d06d2%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-helpr_me-edge-1-0%22%2C%22callback_id%22%3A%22210e7b10c021d7a%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%22462bf7d1-2d00-4379-89b2-0b89a8e9ca4e%22%2C%22auctionId%22%3A%22f4856789-bfdf-40c0-934a-a638128d06d2%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-helpr_me-medrectangle-2-0%22%2C%22callback_id%22%3A%22226c0e7f56b2d9e%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%2241f8acfb-5670-42d1-bbdb-58860120ac7e%22%2C%22auctionId%22%3A%22f4856789-bfdf-40c0-934a-a638128d06d2%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-helpr_me-medrectangle-1-0%22%2C%22callback_id%22%3A%2223bd8af73c7c5f5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B468%2C60%5D%2C%5B250%2C250%5D%2C%5B300%2C250%5D%2C%5B336%2C280%5D%2C%5B970%2C250%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%22307c239b-efd0-48dc-9bfe-a6b5378e6897%22%2C%22auctionId%22%3A%22f4856789-bfdf-40c0-934a-a638128d06d2%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-helpr_me-box-2-0%22%2C%22callback_id%22%3A%22241d7c20d89fcf1%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222834942196124164132%22%2C%22tid%22%3A%222bd6926c-8990-488a-811e-59ca6e157260%22%2C%22auctionId%22%3A%22f4856789-bfdf-40c0-934a-a638128d06d2%22%7D%5D&page_url=https%3A%2F%2Fja.helpr.me%2F&bust=1681956768627&dnt=false&description=&userConsent=%7B%22gdprApplies%22%3Atrue%2C%22cmp%22%3A%22CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA%22%7D&us_privacy=&pr=&scrd=1&title=%E3%82%B9%E3%82%BF%E3%83%BC%E3%81%AE%E7%A7%98%E5%AF%86&w=1600&h=1200&pubcid=1e7ee197-d6fa-4f2b-9209-7169a3916954&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%224c17931480a6db0e82037aa65746f8c9%22%2C%22domain%22%3A%22ja.helpr.me%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22crwdcntrl.net%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2245e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221e7ee197-d6fa-4f2b-9209-7169a3916954%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.87.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-87-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 295 B
1013 B 239ms
110ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=9&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&rp_schain=1.0,1!ezoic.ai,4c17931480a6db0e82037aa65746f8c9,1,,,ja.helpr.me&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=47092ca1-d914-4ecf-86d5-9f44e280ceff&l_pb_bid_id=26699534365e806&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4168877915481255
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7adc3d0bed512fd2217547448018a620ce6407227e98499d17997f6f21f68678

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 295 B
1012 B 243ms
115ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=9&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&rp_schain=1.0,1!ezoic.ai,4c17931480a6db0e82037aa65746f8c9,1,,,ja.helpr.me&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=462bf7d1-2d00-4379-89b2-0b89a8e9ca4e&l_pb_bid_id=276e5d70d01c549&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8890884446533736
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 7cacf828756357d17879273d4ffb12f21aaa9504f72817f119bbdc089f0e9be4

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 295 B
1 KB 237ms
109ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=2&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&rp_schain=1.0,1!ezoic.ai,4c17931480a6db0e82037aa65746f8c9,1,,,ja.helpr.me&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=41f8acfb-5670-42d1-bbdb-58860120ac7e&l_pb_bid_id=2886320503f4843&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8297336535966653
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 98419c48a16e303f04fcb197b8f711006129540fd04fa18133d79abb83eff44e

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 246ms
118ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&alt_size_ids=2%2C1%2C14%2C16%2C55%2C57&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&rp_schain=1.0,1!ezoic.ai,4c17931480a6db0e82037aa65746f8c9,1,,,ja.helpr.me&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=307c239b-efd0-48dc-9bfe-a6b5378e6897&l_pb_bid_id=29cec0984d5f331&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5676447929055317
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 018e53af1545ff47e724b476aa4f8ac5278639f1d953819a05a9ce2246a029b2

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 296 B
1013 B 239ms
111ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21150&site_id=351284&zone_id=1868548&size_id=15&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&rp_schain=1.0,1!ezoic.ai,4c17931480a6db0e82037aa65746f8c9,1,,,ja.helpr.me&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=1e7ee197-d6fa-4f2b-9209-7169a3916954%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tk_flint=pbjs_lite_v7.42.0&x_source.tid=2bd6926c-8990-488a-811e-59ca6e157260&l_pb_bid_id=300fba308e91131&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9677819847000404
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fe9c1438202b0793620084b3aa72aaeb35e7f82a750e20cc2131abdbbd7bc26e

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:48 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 606 B
1 KB 198ms
138ms XHR
application/json 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2d4faf0d5e9feb082bf1172808d8ed5842e5f9ee7c58cfca5862bb633decdbbe

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Apr 2023 02:12:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.107; 31.204.150.107; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed3511de-26f2-45a1-a12d-14e14cae74ae
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ja.helpr.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 hb-multi Show response
hb.yellowblue.io/ 105 B
408 B 329ms
107ms XHR
application/json 107.21.13.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.yellowblue.io/hb-multi
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.21.13.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-21-13-225.compute-1.amazonaws.com
Software: /
Resource Hash: ced84efcde489ad14ae9873f040f5b8bcd97eecb0fe6af40f1d21d7e39d3aaca

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
x-reason: maxmind hosting provider
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://ja.helpr.me
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF, X-Requested-With
content-length: 105

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
113 B 178ms
102ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK adagio.js Show response
script.4dex.io/ 74 KB
23 KB 176ms
125ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 02:12:48 GMT
Content-Encoding: br
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 15:43:17 GMT
Server: cloudflare
ETag: W/"c56b6332dacf72f135afcd153ae22448"
Vary: Origin, Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQ%2BxqIq4SGTYmRDjIXTZ1BJnpsLzXxQQ1k1XctqpTNg7lxbgy3qk0%2Fn9u%2FRn7nM6poe3XgVo9DL7SqV6ypdqdGD5Yfzg%2FXtUdqqKJJsvsEXoq3rifjVu0cF51n9U7mdGbYnwh1YYJG3d9q%2Bl"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: public, max-age=1800
CF-RAY: 7ba9dd4ceecc0e90-AMS

POST
H3 200 bluemonkey.gif Show response
ja.helpr.me/detroitchicago/ 43 B
693 B 52ms
51ms XHR
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJob2xsYW5kY2FzaW5vLm5sIiwiZnJvbV9jYWNoZSI6MCwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJhdWN0aW9uX2lkIjoiZjQ4NTY3ODktYmZkZi00MGMwLTkzNGEtYTYzODEyOGQwNmQyIiwiYWRfdW5pdF9jb2RlIjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1ib3gtMi0wIiwiYWRhcHRlcl9jb2RlIjoib25lbW9iaWxlIiwib3JpZ2luYWxfY3BtIjowLjAyNCwiY3BtIjowLjAyNCwiYWRqdXN0bWVudCI6MSwibWVkaWFfdHlwZSI6ImRpc3BsYXkiLCJ0aW1lX3RvX3Jlc3BvbmQiOjI2OCwicmVzcG9uc2Vfc2l6ZSI6IjMwMHgyNTAiLCJyZXF1ZXN0X3NpemUiOiIzMDB4MjUwIiwiZG9tYWluX2lkIjozMTQ3NTcsImZvcm1fZmFjdG9yX2lkIjoxLCJwb3NpdGlvbl90eXBlIjoxLCJzdGF0X3NvdXJjZV9pZCI6MTEyOTMsInJlZnJlc2hfY291bnQiOjAsInNvdXJjZSI6ImNsaWVudCIsImFiX3Rlc3RfaWQiOiJtb2QxMyJ9
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wtDsKke4iwoOfFCS%2FSmejfo%2FfBLZ7WxZYxgMDYOaPAOxVtE4S9IUV1r373XdHN1L4giLo%2BdGWD4jWQuHBm1FpX0GotSVBzcYEfGcPEQ8YDYpybrrj965f312AnYspqT40P3EM9Zpe47lA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7ba9dd4dbb59b8e8-AMS
access-control-allow-headers: Content-Type
expires: Wed, 19 Apr 2023 02:12:48 GMT

POST
H3 200 bluemonkey.gif Show response
ja.helpr.me/detroitchicago/ 43 B
694 B 52ms
51ms XHR
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJob2xsYW5kY2FzaW5vLm5sIiwiZnJvbV9jYWNoZSI6MCwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJhdWN0aW9uX2lkIjoiZjQ4NTY3ODktYmZkZi00MGMwLTkzNGEtYTYzODEyOGQwNmQyIiwiYWRfdW5pdF9jb2RlIjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTItMCIsImFkYXB0ZXJfY29kZSI6Im9uZW1vYmlsZSIsIm9yaWdpbmFsX2NwbSI6MC4wNCwiY3BtIjowLjA0LCJhZGp1c3RtZW50IjoxLCJtZWRpYV90eXBlIjoiZGlzcGxheSIsInRpbWVfdG9fcmVzcG9uZCI6MjczLCJyZXNwb25zZV9zaXplIjoiMTYweDYwMCIsInJlcXVlc3Rfc2l6ZSI6IjE2MHg2MDAiLCJkb21haW5faWQiOjMxNDc1NywiZm9ybV9mYWN0b3JfaWQiOjEsInBvc2l0aW9uX3R5cGUiOjM5LCJzdGF0X3NvdXJjZV9pZCI6MTEyOTMsInJlZnJlc2hfY291bnQiOjAsInNvdXJjZSI6ImNsaWVudCIsImFiX3Rlc3RfaWQiOiJtb2QxMyJ9
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1DAC3x54pX3jNiGiSncxJmIETUttnHAJFrRHZmeGfeVaDAj3p0zyBpuZF0%2FCXUNYApboSjJPwxuuP%2Fqw85P3fe2XnqN0ytEhHD6bXZBx3Ilkz5X3qGiGO7J6Hf37n0%2FbbRSbb4Esf8Js3w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7ba9dd4dbb5bb8e8-AMS
access-control-allow-headers: Content-Type
expires: Wed, 19 Apr 2023 02:12:48 GMT

POST
H3 200 bluemonkey.gif Show response
ja.helpr.me/detroitchicago/ 43 B
695 B 50ms
50ms XHR
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJob2xsYW5kY2FzaW5vLm5sIiwiZnJvbV9jYWNoZSI6MCwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJhdWN0aW9uX2lkIjoiZjQ4NTY3ODktYmZkZi00MGMwLTkzNGEtYTYzODEyOGQwNmQyIiwiYWRfdW5pdF9jb2RlIjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1tZWRyZWN0YW5nbGUtMi0wIiwiYWRhcHRlcl9jb2RlIjoib25lbW9iaWxlIiwib3JpZ2luYWxfY3BtIjowLjA0LCJjcG0iOjAuMDQsImFkanVzdG1lbnQiOjEsIm1lZGlhX3R5cGUiOiJkaXNwbGF5IiwidGltZV90b19yZXNwb25kIjoyOTcsInJlc3BvbnNlX3NpemUiOiI3Mjh4OTAiLCJyZXF1ZXN0X3NpemUiOiI3Mjh4OTAiLCJkb21haW5faWQiOjMxNDc1NywiZm9ybV9mYWN0b3JfaWQiOjEsInBvc2l0aW9uX3R5cGUiOjUsInN0YXRfc291cmNlX2lkIjoxMTI5MywicmVmcmVzaF9jb3VudCI6MCwic291cmNlIjoiY2xpZW50IiwiYWJfdGVzdF9pZCI6Im1vZDEzIn0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YObKegs7Wcav5%2BQ6eVLAzx4zCd4cIQT16st7S%2FJtsxQslw16jk8Gye9qPhozuvUXO0pfFzvF%2F9H7HhEd0Ha%2BrHuHDkgbE%2BhjNZGoAibV93uImNXRRPHVm7s2fkpCOd0FXmaR0npIGhOLpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7ba9dd4ddb6db8e8-AMS
access-control-allow-headers: Content-Type
expires: Wed, 19 Apr 2023 02:12:48 GMT

POST
H3 200 bluemonkey.gif Show response
ja.helpr.me/detroitchicago/ 43 B
695 B 54ms
53ms XHR
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiJob2xsYW5kY2FzaW5vLm5sIiwiZnJvbV9jYWNoZSI6MCwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJhdWN0aW9uX2lkIjoiZjQ4NTY3ODktYmZkZi00MGMwLTkzNGEtYTYzODEyOGQwNmQyIiwiYWRfdW5pdF9jb2RlIjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTEtMCIsImFkYXB0ZXJfY29kZSI6Im9uZW1vYmlsZSIsIm9yaWdpbmFsX2NwbSI6MC4wNTYsImNwbSI6MC4wNTYsImFkanVzdG1lbnQiOjEsIm1lZGlhX3R5cGUiOiJkaXNwbGF5IiwidGltZV90b19yZXNwb25kIjoyOTksInJlc3BvbnNlX3NpemUiOiIxNjB4NjAwIiwicmVxdWVzdF9zaXplIjoiMTYweDYwMCIsImRvbWFpbl9pZCI6MzE0NzU3LCJmb3JtX2ZhY3Rvcl9pZCI6MSwicG9zaXRpb25fdHlwZSI6MzgsInN0YXRfc291cmNlX2lkIjoxMTI5MywicmVmcmVzaF9jb3VudCI6MCwic291cmNlIjoiY2xpZW50IiwiYWJfdGVzdF9pZCI6Im1vZDEzIn0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-middleton-display: imp_sol
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tATgXveJnAaqWgRywEYSCjiOBEdpoGIq4Uf2NAsT3Qhqo64DPj%2BdFGQAcJcMc%2FuRUURf8am9AIl%2F6BU%2FR5lmrTvyDL4sN0M8cs7vMGrF8G0qyH9FoRtUYRyiHCSBBzGUpb2qLX0qf86HXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray: 7ba9dd4deb6eb8e8-AMS
access-control-allow-headers: Content-Type
expires: Wed, 19 Apr 2023 02:12:48 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 68ms
68ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
471 B 605ms
604ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=1329397139619708&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=10&adks=2422952176&didk=8338828&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D4487854767803634%26eid%3D4487854767803634%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dhelpr_me-edge-1-4487854767803634%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D80%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%26lb%3D120%26reqt%3D1681956768563&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956769568&lmt=1681956769&dlt=1681956763546&idt=744&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dcd851c16eac07dfeb10c15839ace215538cc83a9a6b5a2637b1167f8f1e58c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 442
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 71ms
71ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
472 B 346ms
346ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=4359231585867663&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=11&adks=508159336&didk=8345239&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D8482662349773264%26eid%3D8482662349773264%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dhelpr_me-edge-2-8482662349773264%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D80%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%26lb%3D120%26reqt%3D1681956768639&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956769645&lmt=1681956769&dlt=1681956763546&idt=744&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18dc46619c607cb7bda5b44e8a7459207cb2377bb77ed717a6b0e1124a59a206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
469 B 609ms
608ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=1330858052396445&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=12&adks=1655635150&didk=3321897871&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D6549509167808904%26eid%3D6549509167808904%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dhelpr_me-box-2-6549509167808904%26eb_br%3Da928cf2c3ad36f5e9ed2d90f655c1dc9%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D44%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%26lb%3D70%26reqt%3D1681956768639&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956769648&lmt=1681956769&dlt=1681956763546&idt=744&adxs=650&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=1140x250&msz=300x250&fws=4&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8868a1b5553493d5bc361fe46795f78b254cc2a5c061aff46b6b116b9bd0320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 440
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
477 B 648ms
647ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=2417729543892159&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=13&adks=1881753728&didk=2407522699&sfv=1-0-40&ris=2&rcs=2&prev_scp=a%3D%257C0%257C%26iid1%3D4014522301795941%26eid%3D4014522301795941%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dhelpr_me-medrectangle-2-4014522301795941%26eb_br%3D3ba982fc4238dd4197b1d51b345478dc%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D50%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C19%2C2351%2C2610%2C2688%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C3044%2C3045%2C4276%26lb%3D90%26reqt%3D1681956768676&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956769694&lmt=1681956769&dlt=1681956763546&idt=744&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d38f93e0cc2e944ef855fdf26cdc339d65cea8ea45de2037014ffa6aa3fffa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 68ms
68ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 41ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
472 B 355ms
354ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=4233090521377591&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=14&adks=508159336&didk=8345239&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D8482662349773264%26eid%3D8482662349773264%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dhelpr_me-edge-2-8482662349773264%26eb_br%3Dee685f77592ce296910ee91457d66ba3%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D40%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C4276%26lb%3D80%26reqt%3D1681956770149%26hb_bidder%3Donemobile%26hb_adid%3D49a0edfe69690a5%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.04%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956770157&lmt=1681956770&dlt=1681956763546&idt=744&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ad86962f28516649fe92336bf23f8fb3eb3fd06dcfa27215b8aa3b00b2a319d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
472 B 576ms
576ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=1604777312365349&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=15&adks=2422952176&didk=8338828&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D4487854767803634%26eid%3D4487854767803634%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dhelpr_me-edge-1-4487854767803634%26eb_br%3Dee685f77592ce296910ee91457d66ba3%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D40%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C4276%26lb%3D80%26reqt%3D1681956770177%26hb_bidder%3Donemobile%26hb_adid%3D514af884d74497b%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.05%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956770181&lmt=1681956770&dlt=1681956763546&idt=744&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e93605957ed22d8200ed2843ed29be8a9310f8d43575b3491ef77445fecb2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 443
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 70ms
70ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 593ms
592ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=505141480939642&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=16&adks=1655635150&didk=3321897871&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D6549509167808904%26eid%3D6549509167808904%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1103%26sap%3D1103%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Dhelpr_me-box-2-6549509167808904%26eb_br%3D1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26acptad%3D1%26br1%3D22%26br2%3D70%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C193%2C0%2C4%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C19%2C2610%2C2688%2C3045%2C19%2C2610%2C2688%2C2693%2C3045%2C4276%2C18%2C19%2C1428%2C2610%2C2688%2C2693%2C3045%2C3053%2C4276%26lb%3D44%26reqt%3D1681956770263%26hb_bidder%3Donemobile%26hb_adid%3D4777ea856a45e9a%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.02%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956770268&lmt=1681956770&dlt=1681956763546&idt=744&adxs=650&adys=230&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=1140x250&msz=300x250&fws=4&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e818352ba74f382ae94145bfa8d6dceaa1e2f76fdc34cbce9ff269500014f17b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9990
x-xss-protection: 0
google-lineitem-id: 6209766183
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138421003856
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 69ms
69ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 40ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
10 KB 422ms
421ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=2470232949838718&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=17&adks=1881753728&didk=2407522699&sfv=1-0-40&ris=1&rcs=3&prev_scp=a%3D%257C0%257C%26iid1%3D4014522301795941%26eid%3D4014522301795941%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D2%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Dhelpr_me-medrectangle-2-4014522301795941%26eb_br%3D1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D5%26bvm%3D0%26bvr%3D5%26avc%3D71%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D22%26br2%3D90%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D157%2C131%2C0%2C192%2C0%2C193%2C196%2C20%2C71%2C201%2C192%2C31%2C902%2C903%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C1794%2C2310%2C2339%2C2526%2C2527%2C2761%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C3933%2C4184%2C4185%2C4186%2C4605%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C19%2C2351%2C2610%2C2688%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C3044%2C3045%2C4276%2C17%2C18%2C19%2C1428%2C2351%2C2610%2C2688%2C2693%2C3044%2C3045%2C3053%2C4276%26lb%3D50%26reqt%3D1681956770353%26hb_bidder%3Donemobile%26hb_adid%3D50d06f439f3ba0b%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.04%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956770357&lmt=1681956770&dlt=1681956763546&idt=744&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42f641ab2dcc12e5e87b4409200c833564211390e354a7df86d63aec58d46937

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10013
x-xss-protection: 0
google-lineitem-id: 6209766183
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138421653466
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
529 B 50ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQ4Nzg1NDc2NzgwMzYzNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQwMTQ1MjIzMDE3OTU5NDEiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjQ3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NDgyNjYyMzQ5NzczMjY0IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iz3sOb7UyouWmiBSVUtWv4y0sAkwgJVPn2OWzoNYqjSrsqJt6GhMw25qXtZTz2Z4K2FTPE8Cozh7ng8aU7An2s9GG8sDnzuu%2BXWTO4Pf8jUJKuSJbs%2BdNPn5d2zL56MFFsR%2BaMDDVOCEDw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd58aa21b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:50 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
532 B 48ms
48ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiI2NTAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjIzMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0ODc4NTQ3Njc4MDM2MzQiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTA0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NDgyNjYyMzQ5NzczMjY0IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxNDQwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIzMDAifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EzvjxSta9zKuZXDVDDVfy3YMK%2FMXvi3izY6QrMTF3qTuJ8jHVV%2BgcT1SG6Q7wS2b1WFP4ouiv%2F96JF4MK42XSmKV6NP6YuSjMGg085BLZbaGsqcmEJC6%2FcyEyNJ7mc8nMbOaCNuEbzB5jg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd58aa23b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:56 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5097 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvNxPbvymcOXTmX0URtuVpuqxT_dRbb1_Kso7L1feajMoj6r8YgJZUkdBUX_0Vy5KNyBxYiV05uYJzseZuUKiyWeWmBAK9rGMm13RLl3AbB3GS_UASsoG4eBWuuG9VonTUhWmQwAuYn69P-2SjTwcC1jBGthnJ1KWmTBNAko-U3JIBTkv0YDKZe_TwDLSU5zCkT8x_Rj47lpzd42NSwd8zYzarqJZwYJH843VLuLqj7e77-PDoOBJbnu5cuoE0C_YlD7c_arFwr39QbR24NEcQ0Vsotp_LGanzDeGo8cDYiY39BMX7VFZoQ0UxR78qaFf3eYoTfZBzaq_LUNBr1tB-hYz63UTuRFJo&sai=AMfl-YTj1_Iaz48vciq3JclHPqUtRy-Ix1RpktR__6odOdFIIOMd_657gSOyUr9xYvJismSlBB4nuAXn_6ySfvVkhPJXYF3OOoTjtcPnT066tWWhPRmsnhX1fINXKGk_t-E&sig=Cg0ArKJSzOL6icfNx10VEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 smb-dispad_728x90.js Show response
saambaa.com/widget/gpt/728x90/assets/ Frame 5097 34 KB
12 KB 662ms
256ms Script
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 50a0d2d310ced6791f7e8b4e5d001db70220b6e268bb798899c5599d7b88c878

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 22:58:09 GMT
server: Microsoft-IIS/8.5
etag: "80d6f73f926dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 12138

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5097 159 KB
49 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 02:12:50 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
532 B 51ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjE2NTM0NjYsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjE2NTM0NjYsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxZTkxM2U5OWI4MDY0MGZkNWI4NmE1MzllNWI5N2M5NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAyMiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDIyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA1LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjE2NTM0NjYsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDE0NTIyMzAxNzk1OTQxIiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NjIwOTc2NjE4MywiY3JlYXRpdmVfaWQiOjEzODQyMTY1MzQ2NiwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4NDIxNjUzNDY2In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDE0NTIyMzAxNzk1OTQxIiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NjIwOTc2NjE4MywiY3JlYXRpdmVfaWQiOjEzODQyMTY1MzQ2NiwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNjIwOTc2NjE4MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KuqimOHzBWaKg70BJtlzbvP7Xti4i4XNM%2BDxb%2FUn9d6Aab51dVfh9niLDpUb926BjdTA8pqb0PVqo6KEaj0FwIoKIGhXvRxCfk0%2BfEGOJnfmL47hHGhTNi%2FBw%2BjwpCo690X%2BDDAQRp8EoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd599a95b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:51 GMT

GET
H3 200 6209766183 Show response
go.ezodn.com/dac/ 0
594 B 60ms
59ms XHR
text/plain 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/6209766183
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=212&v=74&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Thu, 20 Apr 2023 02:12:50 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCDdON5EVXVrKnP%2Fqc2Wf2aAwNxjG%2BiWRsU%2BMh1znUbXdpvpObmUEM0K3zzBPquqhCLG4Kerf2xMK2Vm5RxC7rAjKnKXoEbOa4PAkGcMA%2FloG4pdeLckODme6%2B6bF8c3HQqXEcPWlHVrWGU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7ba9dd599d4ab8cc-AMS
access-control-allow-headers: Content-Type

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
536 B 49ms
49ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjE2NTM0NjYsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA0LTIwIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2HWg%2FxbZJX%2FsHL5gT8%2BHESo0xdqZsqB%2FRt6a1mxwUciBc5gfjvBIuQLRN1n%2BqSkqQ76xIJFqrLsVF2rS5vb3suXOTGYeFgkY9%2BWDCLbH0VTH6cohe95KsdV%2BN6Ftqc%2BXz9pCSw5yGfAYA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd599a96b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:50 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
528 B 50ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhdWN0aW9uX2Vwb2NoIjoxNjgxOTU2NzcxLCJhZF9wb3NpdGlvbiI6MTEwMCwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImJpZF9mbG9vcl9pbml0aWFsIjoxODAsImJpZF9mbG9vcl9wcmV2Ijo1MCwiYmlkX2Zsb29yX2ZpbGxlZCI6MjIsImF1Y3Rpb25fY291bnQiOjQsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQzOSwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo2MjA5NzY2MTgzfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecIw2NbtM%2BsCBzbBM2SbKe1Nm2Qv1WxnZXY%2FCGsvjnnRtZsEjAI4rMKHVj9xpAaCv5USeC3uc7AnLbMQ4nv5avrNL2QbRtSiygsPdTBR%2FIF8ecGCFOmVLjs05gym2bTWEu1lXHjlBiTS2w%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd599a97b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:56 GMT

GET
DATA 200
OK truncated
/ Frame 5097 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ad23fc828ded4dce577a950d75e5facbba404ee0c3d5e5150e71b206cb2f988

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CDCA 0
0 71ms
70ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswG_2ojChyFdwj2dJazNoJ5nHWot2qRMj50_azCIvm3Q5s9NjFZLu_1iaN2eoAWRZJOASCPLkhaXBbPAci4eqOh4CHbuCmiTafOUMGDuhXk2Rl66waZrUpsfzaBABf8Z6Y50UuAN2kEL5CxVonM-jqVj9wb-j3L9SI2PYiwdMXTlZdShw2FFIbbap5RwfF55xLqwesjg8G2JJhnGRjNkBL_sIxC72tFpquycaQx2cnAWRuAF540byDVWzIdRzbvW7UbYkLBgySwIO7_fbG_1ddama74GMCjCAv3qN31Ja2dxsmNJQSeCDLtPlzSAjBRUEKjNJoz6_Q_pnpc_lXRTs&sai=AMfl-YQCuFhiRs56sU5o2aNQRs5ve665SWaJ5YMtofNfnFBLQ7IvqOyk5knVZp4RJR91Cko3_iaHmiufVQvA8sWSN15WVzHJjO45FjmMG2NqBFC-ZUMV7WWpEPqg7gkrvEQ&sig=Cg0ArKJSzK8rzjSE1YCWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 smb-dispAd_300x250_single.js Show response
saambaa.com/widget/gpt/300x250/assets/ Frame CDCA 43 KB
15 KB 566ms
256ms Script
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a29b448bb296139b0ed6d98f3a706565ce5f94227e9014647fcce2b13c2b4782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
content-encoding: gzip
last-modified: Wed, 12 Apr 2023 23:40:45 GMT
server: Microsoft-IIS/8.5
etag: "807c7633986dd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 14806

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CDCA 159 KB
49 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 02:12:50 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
531 B 51ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxZTkxM2U5OWI4MDY0MGZkNWI4NmE1MzllNWI5N2M5NCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAyMiwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDIyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA0NCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo2MjA5NzY2MTgzLCJjcmVhdGl2ZV9pZCI6MTM4NDIxMDAzODU2LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODQyMTAwMzg1NiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjYyMDk3NjYxODMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a%2FkrxjA8MoLoDu6QQsM6LNUAslI000VqHb3eY0hhS%2BalLDgF3Dcs%2BcGZA9HbE6IRUZ73i%2BaqL814sLaUQeMJMXpFTXuCx3f28BQHtPpxklsXVx%2FuO4MQLK81zTj2LKdYxxI4CVbvCmqDA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd5a3aefb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:50 GMT

GET
H3 200 6209766183 Show response
go.ezodn.com/dac/ 0
593 B 32ms
30ms XHR
text/plain 2606:4700:e4::ac40:a702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/dac/6209766183
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=212&v=74&PageSpeed=off
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e4::ac40:a702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
last-modified: Thu, 20 Apr 2023 02:12:50 GMT
server: cloudflare
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/plain
access-control-allow-origin: https://ja.helpr.me
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPag868jn4kgxt4UTE8BCIk%2BzFwsyvRL%2Fni1%2BLKTXbBGTXwUG7uy7JjeqATnmfiPIYZiqVNfdQfa5oeqbCA9hLMembxH%2F4YQ2hkcWcpq2KoEvCxemkxWb7QG8yOpaKNYwdfFpasiKIq%2Bd68%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=14400
access-control-allow-credentials: true
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges: bytes
cf-ray: 7ba9dd5a3da7b8cc-AMS
access-control-allow-headers: Content-Type

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
534 B 48ms
47ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIzLTA0LTIwIn0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMiJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jt4MhsrytHQPt5R%2F2N5Ds1b%2BDh0Z3fxYH%2BjxJvKl4QWhS5XV2UuATujGKLAWqsNYQhD14zxOIXhB5r%2BVdM%2FuoVmwHoO5mu%2FoGZtTBakl8fUSgyJek0dAiMKadqW4ZfOPpfIE0pU%2FjiiEJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd5a3af3b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:56 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
530 B 49ms
49ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhdWN0aW9uX2Vwb2NoIjoxNjgxOTU2NzcxLCJhZF9wb3NpdGlvbiI6MTEwMywiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImJpZF9mbG9vcl9pbml0aWFsIjoxNDAsImJpZF9mbG9vcl9wcmV2Ijo0NCwiYmlkX2Zsb29yX2ZpbGxlZCI6MjIsImF1Y3Rpb25fY291bnQiOjQsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjYyNCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo2MjA5NzY2MTgzfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUMnc9VkMuwMRq%2ByYtRoMXW9HD34ngdmA6lECmye0B0yTUc4akzZw8h7gcbge0F2ayFsjqOXnw42W3N3KfN2C4mYtRqz%2BYGfREO6IvnxHI9dA95UTX9oqUELZP%2BGuZPZKKjyjCdQSGaa6A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd5a3af4b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:56 GMT

GET
DATA 200
OK truncated
/ Frame CDCA 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c12d75d9c6ebfdda1532d3898106f7a57e47d711010bee3dc794e30983e107d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 5097 6 KB
765 B 46ms
43ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:44:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2 200 select.css
saambaa.com/widget/gpt/728x90/assets/ Frame 5097 1006 B
783 B 128ms
125ms Stylesheet
text/css 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/select.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
content-encoding: gzip
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
etag: "02525d0cceed21:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 645

GET
H2 200 smb-dispAd_728x90.css
saambaa.com/widget/gpt/728x90/assets/ Frame 5097 11 KB
3 KB 128ms
126ms Stylesheet
text/css 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispAd_728x90.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 2687a4d845c445c6cfbc1473dba8865d5ee092edc8f910e91867893b7963ccfd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 01:07:39 GMT
server: Microsoft-IIS/8.5
etag: "807f7c37da4bd91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2978

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame 5097 214 KB
66 KB 121ms
36ms Script
application/javascript 2.19.228.187

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: f93788fadf08a63fe91f2df0eb2c31e2e1ca26355d1f0420f78af4dee8382212

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:14:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=30512
accept-ranges: bytes
content-length: 66997
expires: Thu, 20 Apr 2023 10:41:23 GMT

GET
H2 200 0 Show response
api.saambaa.com/properties/widgetconfig/728x90/partner/helpr.me/platform/ Frame 5097 4 KB
1 KB 255ms
246ms Script
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/properties/widgetconfig/728x90/partner/helpr.me/platform/0?callback=__smbcfgldr565078
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0b7d61449e3a4bdbb007299599a75f28d010589184924c8108199728d7a8b6a0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5097 75 KB
25 KB 448ms
447ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e584899df7b1439dfaa1404ed9fae0384272a57efe40d12dba9e1d932812016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25400
x-xss-protection: 0
server: cafe
etag: 391 / 19467 / 31073972 / config-hash: 11973378874502222792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2 200 saambaa_prebid.js Show response
saambaa.com/assets/js/ Frame 5097 373 KB
116 KB 129ms
127ms Script
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/assets/js/saambaa_prebid.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f67aeaa72f3d47e55fb2b4d3ae23a5635be6c480cea318e99ae1c820a1ff1819

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 22:44:40 GMT
server: Microsoft-IIS/8.5
etag: "07c09fa027d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 118327

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5097 96 KB
38 KB 190ms
58ms Script
application/javascript 2a00:1450:4001:810::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b67887ff45ab4add12045686e435d16a521d1b8e66375fd47c73d7ae097ff100

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38366
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5097 49 KB
20 KB 107ms
31ms Script
text/javascript 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:35:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5828
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 02:35:43 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CDCA 6 KB
742 B 43ms
41ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:36:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2 200 select.css
saambaa.com/widget/gpt/300x250/assets/ Frame CDCA 1006 B
688 B 249ms
248ms Stylesheet
text/css 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/300x250/assets/select.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
content-encoding: gzip
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
etag: "02525d0cceed21:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 645

GET
H2 200 smb-dispVidAd_300x250s.css
saambaa.com/widget/gpt/300x250/assets/ Frame CDCA 11 KB
3 KB 250ms
248ms Stylesheet
text/css 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250s.css
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dc244e5235c74f867c9e22e46a234ffd6b37bcb282a09ef9152e51638c94e689

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:46 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 02:18:47 GMT
server: Microsoft-IIS/8.5
etag: "809d73ec2afad81:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 3064

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161763/8209/ Frame CDCA 214 KB
66 KB 115ms
36ms Script
application/javascript 2.19.228.187

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: f93788fadf08a63fe91f2df0eb2c31e2e1ca26355d1f0420f78af4dee8382212

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:14:01 GMT
server: Apache
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=30512
accept-ranges: bytes
content-length: 66997
expires: Thu, 20 Apr 2023 10:41:23 GMT

GET
H2 200 0 Show response
api.saambaa.com/properties/widgetconfig/300x250/partner/helpr.me/platform/ Frame CDCA 4 KB
1 KB 250ms
246ms Script
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/properties/widgetconfig/300x250/partner/helpr.me/platform/0?callback=__smbcfgldr300x250756349
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: bef32774efac186b8a10d135d1bfe1612401396e841c36078e6f3dee8f7993dc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
content-length: 1438
vary: Accept-Encoding
content-type: application/javascript

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CDCA 74 KB
25 KB 618ms
617ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c64f6ce78bcc68cdeaaf3a95e65da839ab4fe46ae5846ad17824ba4d4da1221d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25088
x-xss-protection: 0
server: cafe
etag: 891 / 19467 / 31074054 / config-hash: 11973378874502222792
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H2 200 saambaa_prebid.js Show response
saambaa.com/assets/js/ Frame CDCA 373 KB
116 KB 249ms
248ms Script
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://saambaa.com/assets/js/saambaa_prebid.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: f67aeaa72f3d47e55fb2b4d3ae23a5635be6c480cea318e99ae1c820a1ff1819

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
content-encoding: gzip
last-modified: Fri, 13 Jan 2023 22:44:40 GMT
server: Microsoft-IIS/8.5
etag: "07c09fa027d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 118327

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame CDCA 49 KB
20 KB 131ms
60ms Script
text/javascript 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 20 Apr 2023 00:35:43 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5828
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 20 Apr 2023 02:35:43 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame CDCA 96 KB
38 KB 220ms
93ms Script
application/javascript 2a00:1450:4001:810::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bb0295f2b3718cefa4f2c1c646cdc670b16724a4f881f1d7bf397f22cc72d98f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38364
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CDCA 361 KB
121 KB 211ms
59ms Script
text/javascript 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123683
x-xss-protection: 0
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H/1.1 200
OK sovrn_standalone_beacon.js Show response
ap.lijit.com/www/sovrn_beacon_standalone/ Frame CDCA 6 KB
3 KB 27ms
26ms Script
text/javascript 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/www/sovrn_beacon_standalone/sovrn_standalone_beacon.js?iid=13401719
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 02:12:51 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Apr 2020 20:06:40 GMT
Server: nginx
ETag: W/"5e8cdd50-17e9"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Methods: GET
Cache-Control: max-age=604800, must-revalidate
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 27 Apr 2023 02:12:51 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 71ms
69ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 42ms
40ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
15 KB 503ms
502ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=3834793232572604&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=18&adks=508159336&didk=8345239&sfv=1-0-40&ris=2&rcs=4&prev_scp=a%3D%257C0%257C%26iid1%3D8482662349773264%26eid%3D8482662349773264%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1976%26sap%3D1976%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Dhelpr_me-edge-2-8482662349773264%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D14%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C4276%2C17%2C18%2C19%2C1428%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D40%26reqt%3D1681956770660%26hb_bidder%3Donemobile%26hb_adid%3D49a0edfe69690a5%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.04%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956771677&lmt=1681956771&dlt=1681956763546&idt=744&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFdMP2bqvPIy9YyQ0hs0er0UhAjfGrQoICVt9JSRpnivyYaMZWJ_Oi8bpo7dnbpxUjLtHgvPMO1ID9a0%2CAHQMDFe9lflDGA__W2GE3yn9Fegn%2CAHQMDFdLgWMWuHIzwGPoUCZ5xLqKz41ZA0WmVJdqusAwhPIKzRNXfwVNHMru0zLWAOvUBerR14SsC1SipupM&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32ff3e30d6dcf78ec11be5efa25737f62e02ee4ac43ae5e2f9adf862ed823b42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15561
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 122ms
41ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Apr 2023 02:12:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 262109
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame CDCA 2 B
369 B 43ms
41ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 355727
expires: 0

POST
H/1.1 200 1274.json Show response
id5-sync.com/g/v2/ Frame CDCA 216 B
621 B 126ms
36ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1274.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

199699dac3dc19f4fd2a9d8eee629ee5188bb21bb5326a57669f605bcce8cb7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame CDCA 63 B
387 B 140ms
46ms XHR
application/json 15.197.193.217

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a2113dc2161b0e699b96ba82bce465ef27c236467b4b36dd275a4c2f0f6595a

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 20 May 2023 02:12:51 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 106ms
41ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Apr 2023 02:12:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 278191
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 5097 2 B
369 B 43ms
42ms XHR
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 323717
expires: 0

POST
H/1.1 200 1274.json Show response
id5-sync.com/g/v2/ Frame 5097 216 B
621 B 146ms
35ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/1274.json

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

95c66e3c0f3017f8e7a6bbed95f3efc3a8c5870a1f73bcd163a7fafc298b2a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 5097 63 B
386 B 129ms
47ms XHR
application/json 15.197.193.217

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/161763/8209/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a2113dc2161b0e699b96ba82bce465ef27c236467b4b36dd275a4c2f0f6595a

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.helpr.me
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 20 May 2023 02:12:51 GMT

GET
H3 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
122 B 69ms
68ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 43ms
43ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 61 KB
15 KB 472ms
471ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1383399687511908&correlator=672888510687816&eid=31073678%2C31074054%2C44789126&output=ldjh&gdfp_req=1&vrg=202304190101&ptt=17&impl=fifs&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&addtl_consent=1~7.12.35.62.66.70.89.93.108.122.144.149.153.162.167.184.196.221.241.253.259.272.311.317.323.326.338.348.350.415.440.448.449.482.486.491.494.495.540.571.574.585.587.588.590.725.733.780.817.839.864.867.932.938.981.986.1031.1033.1051.1092.1097.1126.1127.1170.1171.1186.1201.1204.1205.1211.1215.1230.1232.1236.1248.1276.1290.1301.1313.1344.1364.1365.1415.1419.1428.1449.1451.1509.1558.1564.1570.1577.1591.1651.1669.1712.1716.1720.1721.1725.1733.1753.1765.1799.1810.1834.1842.1870.1878.1889.1896.1911.1922.1929.2012.2072.2078.2079.2109.2177.2202.2253.2290.2299.2316.2357.2373.2526.2531.2571.2572.2575.2628.2663.2677.2776.2778.2779.2985.3033.3052.3154&iu_parts=1254144%3A22563361973%2Chelpr_me-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600&ifi=19&adks=2422952176&didk=8338828&sfv=1-0-40&ris=2&rcs=4&prev_scp=a%3D%257C0%257C%26iid1%3D4487854767803634%26eid%3D4487854767803634%26t%3D134%26d%3D314757%26t1%3D134%26pvc%3D0%26ap%3D1975%26sap%3D1975%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D2497208%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Dhelpr_me-edge-1-4487854767803634%26eb_br%3Dad0061a38dd7c6f7bcb692aee88dfda4%26eba%3D1%26ebss%3D10017%2C10061%2C10015%2C10063%2C11307%26bv%3D2%26bvm%3D0%26bvr%3D6%26avc%3D78%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D14%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C3676%2C2030%2C4751%2C17%2C2351%2C2610%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C4276%2C17%2C18%2C19%2C1428%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C3052%2C3053%2C3856%2C4276%26lb%3D40%26reqt%3D1681956770762%26hb_bidder%3Donemobile%26hb_adid%3D514af884d74497b%26hb_format%3Dbanner%26hb_ssid%3D11293%26hb_opt%3D0.05%26hb_rt%3Dclient&eri=1&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956771771&lmt=1681956771&dlt=1681956763546&idt=744&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.helpr.me%2F&frm=20&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AHQMDFdMP2bqvPIy9YyQ0hs0er0UhAjfGrQoICVt9JSRpnivyYaMZWJ_Oi8bpo7dnbpxUjLtHgvPMO1ID9a0%2CAHQMDFdLgWMWuHIzwGPoUCZ5xLqKz41ZA0WmVJdqusAwhPIKzRNXfwVNHMru0zLWAOvUBerR14SsC1SipupM%2CAHQMDFe9lflDGA__W2GE3yn9Fegn&ga_vid=123685623.1681956765&ga_sid=1681956765&ga_hid=880250002&ga_fc=false&a3p=EloKDWNyd2RjbnRybC5uZXQSQDQ1ZTY0NGI1MDRmZWIwMTE4YWMzYmRkYTE0NjE0OTQ1YTcwMjI4MTNiZjM3MWU3MzNiZTFlYTY4MDg0OWUzYmEYvYe-4_kwSAASGQoKcHViY2lkLm9yZxjshb7j-TBIAFICCGoSwgEKCHJ0YmhvdXNlEqwBUUZzbDZ2U0VrazlqaXFNYjd3TG9iT2Eyd1U2bHBxVm1BZ3VnMnR4QWxGTGdhNm51NkRxVnJjOWFKMzdTdWUrSCsrTkJrOVl6ajRuTGI5OWozS01pSUlNdWs5dlpGcXFOWEJOM2hUd1REM3VYdUxlTFdWeUM0YzVoTDRmTndkMVBJME5DNWtnZDhwa3E3bC9tcldUd21LNmZ6eVJ1elF2UWVTSnRxdVlFaVRJPRjDh77j-TBIABIdCg5lc3AuY3JpdGVvLmNvbRiKhb7j-TBIAFICCGQSGQoKdWlkYXBpLmNvbRiKhb7j-TBIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pWWxSTUt6TnlNamhUTVN0cU5HcDNRWGgzVVV0UmR6MDlJbjA9GLiIvuP5MEgAEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGo.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30d72e77e56e40cf7f53e15920e896c5d74b428fca2cf7a636b32902194573cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15537
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
524 B 60ms
57ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjE2NTM0NjYsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=79Wik6ZgGwWEP7ty4Ba6G5BL7AGCdidYnGRJrZbiuNrmb7e1eQ61gkdlivjHhpkqiiBMhiFO7ZJLtnYmTb59nyPBq9IcDt1nQAy0T61KIouuCGvzu%2BMQ0yMsLOvo36ibrnGIfeK2BIe63A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd5fee75b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:53 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
535 B 51ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MCwiYWRfcG9zaXRpb24iOjExMDMsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjAsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WijAx81ulAdkp6EWjZC0E9uLuByCx%2B3MhEJfK%2FLNDznF%2B9DnfHStaawyS7ho5Eyxgx1lO5EHYBxvAR%2FcbKB%2FVIFYNnCzCawQmglxAaU9FjuDfYNkqyoerdW%2BNZ2%2Fmq4G9elAeGfuqqJuFA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd607ecfb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:51 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/ Frame 5097 400 KB
124 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

92cf292bcd6f8b25608682634dbcbfb6b426097b95f1ca7ffc4eb03faaab6bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 11:16:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53759
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126869
x-xss-protection: 0
server: cafe
etag: 16445823330670953753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 18 Apr 2024 11:16:52 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 5097 789 B
390 B 95ms
94ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.helpr.me

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe2a11c057f5d56d3cc09d4f3047aefe9c9f1e6356fc18197e1c0d931d21934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 5097 22 KB
9 KB 33ms
33ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Apr 2023 02:12:51 GMT

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame 5097 106 KB
24 KB 101ms
36ms Script
text/javascript 2606:4700:4400::6812:220a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:220a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3d21f75e40679d602330e34b3308db7af348b0d7ef9b483b293b51486e2769

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Apr 2023 02:04:37 GMT
server: cloudflare
x-amz-request-id: 2YK8E8WGEK6JQPD1
age: 337
etag: W/"23f3a7ab3bbf43216dedd3305c51924b"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7ba9dd614e8f1c94-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6lQQcY/xYhrq+7I6G6oWa1Fcs4KXcgpe4cWqx2+7WRkQBrLh7HvMK7E7tXht1yi2D/jolad1Uko=

GET
H2 200 0 Show response
api.saambaa.com/post/storyboard/11689/market/ Frame 5097 1 KB
808 B 549ms
128ms XHR
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/post/storyboard/11689/market/0
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/728x90/assets/smb-dispad_728x90.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 591

GET
H2 200 collect
www.google-analytics.com/ Frame 5097 35 B
91 B 35ms
33ms Image
image/gif 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2135375630&t=pageview&_s=1&dl=https%3A%2F%2Fja.helpr.me%2F&dp=widget%2Fgpt%2F728x90%2Fhelpr.me&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aEAAAAABEAAAAAACIE~&cid=1338461827.1681956772&tid=UA-234198072-32&_gid=937218024.1681956772&z=169810420

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:05:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 451
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 5097 35 B
193 B 32ms
31ms Image
image/gif 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=2135375630&t=pageview&_s=1&dl=https%3A%2F%2Fja.helpr.me%2F&dp=widget%2Fgpt%2F728x90%2Fhelpr.me&dh=ja.helpr.me&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=728x90&je=0&_u=aMAAAAABEAAAAAACIE~&cid=7d01963b-9528-478e-94ac-319f298ad905&tid=UA-55160257-4&_gid=156980485.1681956772&z=1617502557

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:05:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 451
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo-saambaa.png
saambaa.com/assets/image/ Frame 5097 2 KB
2 KB 127ms
126ms Image
image/png 161.47.17.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/logo-saambaa.png
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
last-modified: Mon, 02 Oct 2017 18:02:46 GMT
server: Microsoft-IIS/8.5
etag: "39e0e3a6a83bd31:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2412

GET
H2 200 loader-dots.gif
saambaa.com/widget/gpt/728x90/assets/ Frame 5097 33 KB
33 KB 127ms
126ms Image
image/gif 161.47.17.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/widget/gpt/728x90/assets/loader-dots.gif
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
etag: "02525d0cceed21:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 33406

GET
DATA 200
OK truncated
/ Frame 5097 690 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 41ms
41ms Preflight
application/json 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.helpr.me%2F&domain=ja.helpr.me&bundle=BGl0JF9yc2ZraHl0Wm0zbXdYV2JHZ3JMeTd1WDltelFxRzE2UzRaZkIyakoxd3dZQ1ZZaUFZVXIxaEpkQk1RMXBLZiUyQlpVc2RleCUyQldhY3M0d0IxRHgwdDh0ajBORk52d293ZkZyOGtJM1h1cnV6djl2ZWpLVkFDVGhlOVhFam5sYmxtb3RQNmlyVDA0Z1hDQTY5cGNKdnZYUkdnJTNEJTNE&gdprString=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Apr 2023 02:12:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 274813
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

set Show response
id.a-mx.com/
Redirect Chain

https://id.a-mx.com/sync/?tagId=&ref=null&u=https://ja.helpr.me/&v=7.42.0&vg=epbjs&us_privacy=null&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd...
https://c3.a-mo.net/b?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZK...
https://id.a-mx.com/set?uid=a2e31e61-dfdc-4ad6-a923-b304a158a6be&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHc...

99 B
478 B

31ms
31ms

XHR
application/json

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/set?uid=a2e31e61-dfdc-4ad6-a923-b304a158a6be&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy=null
Protocol: H2
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c979dd9c2767c5f380c6a2b55bc4ace9177ff3880618650ca6fbca4ee9936c1c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n6KDQzk3C1aCaVc%2FPrLFwYoakLxtD306XPC%2BM6bLsJ7OkyQ4RNdZEO3kf%2F6Mew0kML6fmh9EER3Rk5BQb7i0KRtt4agkgiZeaFmGbCsj88l0TQqmNLvNCADHezTKpC1QHjHHBsGWdPFYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
cf-ray: 7ba9dd62bc1e0c33-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Thu, 20 Apr 2023 02:12:52 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
location: https://id.a-mx.com/set?uid=a2e31e61-dfdc-4ad6-a923-b304a158a6be&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy=null
access-control-allow-origin: null
access-control-allow-credentials: true
cf-ray: 7ba9dd622c5e0b87-AMS
content-length: 0

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.helpr.me%2F&domain=ja.helpr.me&bundle=BGl0JF9yc2ZraHl0Wm0zbXdYV2JHZ3JMeTd1WDltelFxRzE2UzRaZkIyakoxd3dZQ1ZZaUFZVXIxaEpkQk1RMXBLZ...
https://mug.criteo.com/sid?cpp=Et8iRnw1Z1BRQjhyZnpWVjFpZ2V3d2FpRjZkdHhQWmI4TkZOT0hQQ0lzM3dxeVRQNTRiSkZIczNGdnVIOEVMcTV3UXlySm1EUlFNVXg5QWZURzFVdm8zSUswc1AzbDd0UHlZVkdaVHNkUS9oTUl6eFJ4RmtXWm9BQjcvcy...

439 B
705 B

29ms
28ms

XHR
application/json

178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Et8iRnw1Z1BRQjhyZnpWVjFpZ2V3d2FpRjZkdHhQWmI4TkZOT0hQQ0lzM3dxeVRQNTRiSkZIczNGdnVIOEVMcTV3UXlySm1EUlFNVXg5QWZURzFVdm8zSUswc1AzbDd0UHlZVkdaVHNkUS9oTUl6eFJ4RmtXWm9BQjcvcytjK1JZdEorMHpOdEtZNEdKUzVDSTM4QVVTT2ExU085QlR4b0l4c01Vc281MkxabzNPMG9hVC9yL2NZSVNreWNBZ0J1WGVXV2JPVFZCYytud3pVRHJ3YWxzNC9uREJtMDhmL0FiSHgzNUJ5R2lyRzVDVG1nR3NkSkZtODh6K216TGExa3l0Q3NFTnlMK0VKS29CNXRoV2Z4NmgrSEQxaXpmSkUybXU0VXZFbDUzZkcyb3BSND18&cppv=2

Protocol

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1658b9dd0584c18d10c2e8f07c22c0a8d35dddb911522cd3c40f1c9eb449f71f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1004629
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
access-control-allow-methods: GET
location: https://mug.criteo.com/sid?cpp=Et8iRnw1Z1BRQjhyZnpWVjFpZ2V3d2FpRjZkdHhQWmI4TkZOT0hQQ0lzM3dxeVRQNTRiSkZIczNGdnVIOEVMcTV3UXlySm1EUlFNVXg5QWZURzFVdm8zSUswc1AzbDd0UHlZVkdaVHNkUS9oTUl6eFJ4RmtXWm9BQjcvcytjK1JZdEorMHpOdEtZNEdKUzVDSTM4QVVTT2ExU085QlR4b0l4c01Vc281MkxabzNPMG9hVC9yL2NZSVNreWNBZ0J1WGVXV2JPVFZCYytud3pVRHJ3YWxzNC9uREJtMDhmL0FiSHgzNUJ5R2lyRzVDVG1nR3NkSkZtODh6K216TGExa3l0Q3NFTnlMK0VKS29CNXRoV2Z4NmgrSEQxaXpmSkUybXU0VXZFbDUzZkcyb3BSND18&cppv=2
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 375363
content-length: 0
expires: 0

POST
H/1.1 200 prebid Show response
id5-sync.com/api/config/ 135 B
540 B 35ms
35ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/config/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame DA16 16 KB
6 KB 32ms
32ms Document
text/html 2.19.228.187

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=37665
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 20 Apr 2023 02:12:51 GMT
expires: Thu, 20 Apr 2023 12:40:36 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 pbcas Show response
ads.yieldmo.com/ Frame 681A 3 KB
2 KB 42ms
42ms Document
text/html 52.213.87.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.87.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-87-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 5aa7972fb47e02eaf8e57d570eea034a5b411f2388aa12be8177317a2bf41660

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
pragma: no-cache
vary: accept-encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 5812 38 KB
13 KB 129ms
52ms Document
text/html 2.18.235.93

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

1648395d6807abe0c0bd28652b40dc98afd41c09ce5d14fbe2281c9262cdf54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 12540
content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Sat, 22 Apr 2023 02:12:52 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame E743 52 KB
17 KB 329ms
102ms Document
text/html 151.101.1.108

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 -, , ASN (),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 68307
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 20 Apr 2023 02:12:52 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 29 Mar 2023 07:13:44 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 2, 226123
X-Served-By: cache-lga13626-LGA, cache-ewr18178-EWR
X-Timer: S1681956772.263379,VS0,VE0

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 87EA 281 B
554 B 127ms
33ms Document
text/html 104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Apr 2023 02:12:52 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 rules-p-TWKb6gH_3MnFX.js Show response
rules.quantcount.com/ Frame 5097 160 B
633 B 25ms
25ms Script
application/javascript 2600:9000:238d:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:45 GMT
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 1867
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:10:08 GMT
server: AmazonS3
etag: "60b74b47b16486dd7914c1bc3fe2b29f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4g8GxbqpJDRxPrYwkwqg0_3Di4E-F-3C0iF4ZiyGNWFKSFAJTYOTwA==

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
398 B 115ms
35ms XHR
application/json 141.95.98.64

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 -, , ASN (),

Reverse DNS

Software

Resource Hash

ac2496757a27b4f4fa13ada1c0c545565b513ba62bfc274ad46982118a0c5330

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame DA16 16 KB
16 KB 112ms
27ms Script
text/html 185.64.189.115

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65333453&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25fd80e76ad57b33e1b806dadb29d572f4e8b16629022754b6923c01b6bf5c4d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 20 Apr 2023 02:12:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 681A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_cm&pn_id=c&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu...
https://ads.yieldmo.com/v000/sync?pn_id=c&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...

43 B
586 B

45ms
45ms

Image
image/gif

52.213.87.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=c&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1&google_gid=CAESEOdDkTyPFGtyCawvDMbjWtQ&google_cver=1
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe
Protocol: H2
Server: 52.213.87.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-87-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.yieldmo.com/v000/sync?pn_id=c&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=1&google_gid=CAESEOdDkTyPFGtyCawvDMbjWtQ&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 703
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame 681A
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://image8.pubmatic.com/AdServer/ImgSync?p=160648&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160648%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync-pm.ads.y...
https://image4.pubmatic.com/AdServer/SPug?p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D-1%26gdpr_consent%3D
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=-1&gdpr_consent=

43 B
826 B

184ms
43ms

Image
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=-1&gdpr_consent=
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe
Protocol: H2
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=-1&gdpr_consent=
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 681A
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_...
https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&zcc=1&cb=1681956772106&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBA...
https://sync.targeting.unrulymedia.com/csync/RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd...
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4m...

43 B
708 B

50ms
41ms

Image
image/gif

52.213.87.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe
Protocol: H2
Server: 52.213.87.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-87-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8ef3fdca32bc445c8eb6310c5dfbcd26003
content-type: text/html

GET
H3

200

receive
pixel.tapad.com/idsync/ex/ Frame 681A
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3107&partner_device_id=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=e622d55f-b2b8-4268-83ea-4197aa29a6dd%252C%252C&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9...
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&ttd_puid=e622d55f-b2b8-4268-83ea-4197aa29a6dd%2C%2C

95 B
123 B

59ms
48ms

Image
image/png

34.111.113.62

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&ttd_puid=e622d55f-b2b8-4268-83ea-4197aa29a6dd%2C%2C

Requested by

Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe

Protocol

Server

34.111.113.62 -, , ASN (),

Reverse DNS

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&ttd_puid=e622d55f-b2b8-4268-83ea-4197aa29a6dd%2C%2C
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 359

GET
H2

200

sync
ads.yieldmo.com/v000/ Frame 681A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd...
https://match.adsrvr.org/track/cmb/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=g78d42620d566b540e4f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd...
https://ads.yieldmo.com/v000/sync?tdid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a

43 B
474 B

43ms
42ms

Image
image/gif

52.213.87.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/v000/sync?tdid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a
Requested by: Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&type=iframe
Protocol: H2
Server: 52.213.87.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-87-210.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.yieldmo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ads.yieldmo.com/v000/sync?tdid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 181

POST
H3 204 greenoaks.gif
ja.helpr.me/detroitchicago/ 0
531 B 51ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjI2NzAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI0In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjMzMjUyMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNDU1MjAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIyODQ1In1dfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n24mDG6WzaNQ08T%2BQ%2FEM85WgJwXLCpNWq%2BXPgWx6ZYDEmrKrC7XziuJBDL6Evwm5HU4IJ2gflqoRiVa6qECStfBEh44PMilTsQq0wTvXj2vD4OJgBPXqf3ZHsZ26vC39PaO6GwlyUwUpJg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd617f6cb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:52 GMT

GET
H2 200 pixel;r=634389247;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fja.helpr.me%2F;ref=https%3A%2F%2Fja.helpr.me%2F;uht=2;fpan=0;fpa=P0-2035593922-1681956764595;pbc=4336cd22-7d70-4dbc-987c-141c1ce94ddd;ns=1...
pixel.quantserve.com/ Frame 5097 35 B
210 B 33ms
33ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=634389247;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fja.helpr.me%2F;ref=https%3A%2F%2Fja.helpr.me%2F;uht=2;fpan=0;fpa=P0-2035593922-1681956764595;pbc=4336cd22-7d70-4dbc-987c-141c1ce94ddd;ns=1;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;d=helpr.me;dst=0;et=1681956772055;tzo=0;ogl=;ses=e7a10a8c-a6ac-46fb-8392-749702c1e574

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 78ms
26ms Preflight
application/json 178.250.1.11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 20 Apr 2023 02:12:51 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 259888
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202304111045/ Frame 5097 239 KB
74 KB 40ms
39ms Script
application/javascript 2606:4700:4400::6812:220a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202304111045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:220a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2023 14:47:39 GMT
server: cloudflare
x-amz-request-id: 9W6FYDQYBRHQ15BX
age: 541609
etag: W/"7371672e2ad6b3b9469c4dc5cc2f6c08"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7ba9dd619ed41c94-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nHvl+VIjl4CK1CGd/OB8Orr18WtFsRn7UEqiM5WJ1XKr97LItTgmhr6XrgHT8jHKRa65WgtQ57bGUH2IGUHz8g==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 87EA 34 KB
10 KB 32ms
32ms Script
text/html 104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d69acbb6d5739ce765491bb59851935a5c5ba692d5e0880a1c89d15c4c749575

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 07:05:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17597
Connection: keep-alive
Content-Length: 10018
Expires: Thu, 20 Apr 2023 07:06:09 GMT

GET
H2 200 pubcid.php Show response
hbx.media.net/ Frame 5812 57 KB
18 KB 134ms
46ms Script
text/html 23.35.228.23

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=86400 ; includeSubDomains, max-age=604800
content-encoding: gzip
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: max-age=1800
content-length: 18543
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:42:52 GMT

GET
H2 200 sync Show response
gum.criteo.com/ Frame 5812 88 B
327 B 41ms
41ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&us_privacy=&j=window.advBidxc.mnetRtusId

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8de5e0477041ba542f773dac9a2a9ca9be9adf709b199dcd2bfbcd07b03cceb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 980569
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FECD
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

36ms
36ms

Document
text/html

104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 20 Apr 2023 02:12:52 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 20 Apr 2023 02:12:52 GMT
location: https://eus.rubiconproject.com/usync.html?p=medianet
server: AkamaiGHost

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame 14DF
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Drkt%26refUrl%3D%26vid%3D195677214332495837201547550...
https://contextual.media.net/cksync.html?cs=8&vsid=3249583720154755000V10&type=rkt&refUrl=&vid=19567721433249583720154755000V10&ovsid=5124322326016245052

235 B
668 B

92ms
79ms

Document
text/html

2.18.235.93

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=3249583720154755000V10&type=rkt&refUrl=&vid=19567721433249583720154755000V10&ovsid=5124322326016245052

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-length: 235
content-type: text/html;charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

Redirect headers

Content-Length: 0
Date: Thu, 20 Apr 2023 02:12:52 GMT
Location: https://contextual.media.net/cksync.html?cs=8&vsid=3249583720154755000V10&type=rkt&refUrl=&vid=19567721433249583720154755000V10&ovsid=5124322326016245052
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.3.29.v20201019)

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 74A9 16 KB
6 KB 35ms
32ms Document
text/html 2.19.228.187

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dpba%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3DPM_UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.19.228.187 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://contextual.media.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=37664
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Thu, 20 Apr 2023 12:40:36 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK log
c21lg-d.media.net/ Frame 5812 35 B
296 B 315ms
183ms Image
image/gif 23.35.228.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&del=1&vsid=3249583720154755000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 35
Expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H2 204 current
medianet-match.dotomi.com/match/bounce/ Frame 5812 0
104 B 172ms
49ms Image
text/plain 2a02:fa8:8806:16::1400

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dcon%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3D%24UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 5812 43 B
219 B 53ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dopx%26refUrl%3D%26vid%3D19567721433249583720154755000V10%26ovsid%3D
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 5812
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dmma%26refUrl%3D%26vid%3D195677214332495837201547...
https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=mma&refUrl=&vid=19567721433249583720154755000V10&ovsid=3ee46440-9fa5-4400-a37c-586cc049c7b9

61 B
481 B

73ms
63ms

Image
image/gif

2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=mma&refUrl=&vid=19567721433249583720154755000V10&ovsid=3ee46440-9fa5-4400-a37c-586cc049c7b9

Requested by

Protocol

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Server: MT3 830 785530e master zrh-pixel-x7 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=mma&refUrl=&vid=19567721433249583720154755000V10&ovsid=3ee46440-9fa5-4400-a37c-586cc049c7b9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 20 Apr 2023 02:12:51 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 5812
Redirect Chain

https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dr1%26refUrl%3D%26vid%3D19567721433249583720...
https://ad.turn.com/r/cs?pid=45&rndcb=2910260464
https://sync.1rx.io/usersync/turn/8820235461248501496?dspret=1&gdpr=&gdpr_consent=&us_privacy=
https://sync.targeting.unrulymedia.com/csync/RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3249583720154755000V10%26type%3Dr1%2...
https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=r1&refUrl=&vid=19567721433249583720154755000V10&ovsid=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003

61 B
486 B

91ms
85ms

Image
image/gif

2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=r1&refUrl=&vid=19567721433249583720154755000V10&ovsid=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003

Requested by

Protocol

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=r1&refUrl=&vid=19567721433249583720154755000V10&ovsid=RX-8ef3fdca-32bc-445c-8eb6-310c5dfbcd26-003
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX8ef3fdca32bc445c8eb6310c5dfbcd26003
content-type: text/html

GET
H2

200

cksync
cs.media.net/ Frame 5812
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzI0OTU4MzcyMDE1NDc1NTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMLlsZQbTZ5za1_Efp3-_CI&google_cver=1

61 B
462 B

190ms
166ms

Image
image/gif

23.35.228.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMLlsZQbTZ5za1_Efp3-_CI&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.35.228.23 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEMLlsZQbTZ5za1_Efp3-_CI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 5812
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a33dfcfd-708d-49f1-a94d-b257fcfe0c2b

61 B
631 B

89ms
84ms

Image
image/gif

2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a33dfcfd-708d-49f1-a94d-b257fcfe0c2b

Requested by

Protocol

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=a33dfcfd-708d-49f1-a94d-b257fcfe0c2b
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1207198
content-length: 0
expires: Thu, 20 Apr 2023 00:00:00 GMT

GET

cksync.php
contextual.media.net/ Frame 5812
Redirect Chain

https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr...
https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9...
https://x.bidswitch.net/sync?dsp_id=74&&user_id=y-XQsRc6xE2pnEsGigXe5ey.9g2HdXi856xQ4jtw--~A&expires=5&ssp=medianet&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9...
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_...

0
0

GET
H2

200

cksync.php
contextual.media.net/ Frame 5812
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=zem&refUrl=&vid=19567721433249583720154755000V10&ovsid=__ZU...

60 B
307 B

50ms
50ms

Image
image/gif

2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=zem&refUrl=&vid=19567721433249583720154755000V10&ovsid=__ZUID__

Requested by

Protocol

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 60
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

Location: https://contextual.media.net/cksync.php?cs=1&type=zem&ovsid=https://contextual.media.net/cksync.php?cs=8&vsid=3249583720154755000V10&type=zem&refUrl=&vid=19567721433249583720154755000V10&ovsid=__ZUID__
Pragma: no-cache
Date: Thu, 20 Apr 2023 02:12:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 252
Content-Type: text/html; charset=utf-8

GET
H2

200

cksync.php
contextual.media.net/ Frame 5812
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3249583720154755000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3249583720154755000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=584fb6f4-bf97-467d-90ea-bf2947878d4d&cs=1

61 B
482 B

64ms
64ms

Image
image/gif

2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=584fb6f4-bf97-467d-90ea-bf2947878d4d&cs=1

Requested by

Protocol

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=584fb6f4-bf97-467d-90ea-bf2947878d4d&cs=1
Date: Thu, 20 Apr 2023 02:12:52 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2 451 710489.gif
id.rlcdn.com/ Frame 5812 0
0 117ms
32ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/710489.gif
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2

200

cksync
cs.media.net/ Frame 5812
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdl...
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a

61 B
467 B

188ms
163ms

Image
image/gif

23.35.228.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.35.228.23 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6d5a94bb-9382-42e5-bd40-8d409aa9d60a
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 199

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/ Frame CDCA 400 KB
124 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:59:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 788
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127052
x-xss-protection: 0
server: cafe
etag: 14196522953641333499
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 19 Apr 2024 01:59:44 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame CDCA 789 B
390 B 95ms
95ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.helpr.me

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fe2a11c057f5d56d3cc09d4f3047aefe9c9f1e6356fc18197e1c0d931d21934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 365
x-xss-protection: 0
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame CDCA 22 KB
9 KB 36ms
36ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
etag: "DUHyBE1e2vdA+NAhXV6BXg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 27 Apr 2023 02:12:52 GMT

GET
H3 200 config.js Show response
cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/ Frame CDCA 112 KB
24 KB 39ms
39ms Script
text/javascript 2606:4700:4400::6812:220a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:220a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c0032c94445a34c4690f2191dc60bde036bee287a650afa76b28266657907e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 19 Apr 2023 21:13:13 GMT
server: cloudflare
x-amz-request-id: Z9RFSQXQ2MP0W35G
age: 647
etag: W/"b7919f6557d2372507c618811ef88f4f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 7ba9dd622e7eb758-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Jc+/ceCbJM0G3OSQmvtJ+hlBFWw/ZjILglQU77Cdss00nJroJt4dS4snSQs2dp9gCbMlByGBTfE=

GET
H2 200 logo-saambaa.png
saambaa.com/assets/image/ Frame CDCA 2 KB
2 KB 138ms
137ms Image
image/png 161.47.17.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/logo-saambaa.png
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:47 GMT
last-modified: Mon, 02 Oct 2017 18:02:46 GMT
server: Microsoft-IIS/8.5
etag: "39e0e3a6a83bd31:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 2412

GET
H2 200 0 Show response
api.saambaa.com/post/storyboard/11685/market/ Frame CDCA 1 KB
681 B 340ms
128ms XHR
application/javascript 161.47.17.28

General

Check archive.org

Show headers Download Go to

Full URL: https://api.saambaa.com/post/storyboard/11685/market/0
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispAd_300x250_single.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
content-encoding: gzip
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: https://ja.helpr.me
access-control-allow-credentials: true
content-length: 593

GET
H3 200 collect
www.google-analytics.com/ Frame CDCA 35 B
55 B 37ms
34ms Image
image/gif 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=369038453&t=pageview&_s=1&dl=https%3A%2F%2Fja.helpr.me%2F&dp=widget%2Fgpt%2F300x250%2Fhelpr.me&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=aEAAAAABEAAAAAACIE~&cid=1249959356.1681956772&tid=UA-234198072-32&_gid=1707656851.1681956772&z=1428751582

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29260
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame CDCA 35 B
55 B 37ms
34ms Image
image/gif 2a00:1450:4001:80f::200e

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=369038453&t=pageview&_s=1&dl=https%3A%2F%2Fja.helpr.me%2F&dp=widget%2Fgpt%2F300x250%2Fhelpr.me&dh=ja.helpr.me&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=300x250&je=0&_u=aEgAAAABEAAAAAACIE~&cid=1249959356.1681956772&tid=UA-55160257-4&_gid=1166981872.1681956772&z=1062615375

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 19 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29260
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader-dots.gif
saambaa.com/widget/gpt/300x250/assets/ Frame CDCA 33 KB
33 KB 139ms
136ms Image
image/gif 161.47.17.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/widget/gpt/300x250/assets/loader-dots.gif
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
last-modified: Mon, 26 Jun 2017 22:37:38 GMT
server: Microsoft-IIS/8.5
etag: "02525d0cceed21:0"
x-powered-by: ASP.NET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 33406

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 2 KB
2 KB 39ms
39ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-55

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

31509a4170cb1ac359e74587a0ace83b6db064a65deab257fea8e9cce585e46e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
p3p: CP="CAO PSA OUR"
access-control-allow-credentials: true

GET
H2 200 sidestage-250.jpg
saambaa.com/assets/image/ Frame CDCA 51 KB
51 KB 133ms
133ms Image
image/jpeg 161.47.17.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/sidestage-250.jpg
Requested by: Host: saambaa.com
URL: https://saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250s.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9b97214d49d8b5a825d35faa6ab53f99c531802a4a335c51f6494e115f1318d4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://saambaa.com/widget/gpt/300x250/assets/smb-dispVidAd_300x250s.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
last-modified: Thu, 30 Jul 2020 20:05:47 GMT
server: Microsoft-IIS/8.5
etag: "f03d69d0ac66d61:0"
x-powered-by: ASP.NET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 52234

GET
DATA 200
OK truncated
/ Frame CDCA 690 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CDCA 15 KB
16 KB 212ms
60ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 142901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame 9C71
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:e1126440-9fa5-4400-bd9d-7075720ede8f&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
826 B

114ms
41ms

Document
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:51 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame 9CD5
Redirect Chain

https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D1%26gdpr_consent%3DCPqh...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685627191995583
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=160648&pmc=1&pr=https%3A%2F%2Fsync-pm.ads.yieldmo.com%2Fsync%3Fpn_id%3Dpub%26id%3D164EF19A-73F9-4AF0-9D5B-7E2075F41C78%26gdpr%3D0%26gdpr_consent%3D
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=0&gdpr_consent=

43 B
826 B

116ms
42ms

Document
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:51 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B1C5
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdl...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7...

42 B
113 B

32ms
30ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

cache-control: no-cache
content-length: 0
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Thu, 20 Apr 2023 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 1092964
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 384D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_5...
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7v...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...

0
0

31ms
29ms

Document
text/plain

198.47.127.18

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private,max-age=86400
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:51 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame 1201
Redirect Chain

https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTU...
https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PE...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
826 B

116ms
43ms

Document
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:50 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H/1.1

200
OK

dcm
aax-eu.amazon-adsystem.com/s/ Frame 0363
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_f...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_f...

43 B
0

227ms
211ms

Document
image/gif

52.94.222.140

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&dcc=t

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.94.222.140 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 20 Apr 2023 02:12:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TS3QW52NSKBJDQ5AJQQY

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Apr 2023 02:12:52 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 2QJBQMXHHD9G3VFPH5W7

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame 20B7
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFN...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=477910156417247956&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
827 B

114ms
41ms

Document
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:50 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame 4C1C
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7N...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7223949329032280215&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
826 B

117ms
44ms

Document
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers: Cache-Control, Pragma, *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
content-length: 43
content-type: image/gif;charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
pragma: no-cache

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:51 GMT
location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 4F0D
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=11&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=09ub2-_eWGt_Mfb2eYE-sh_Mlms&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_f...

42 B
0

35ms
31ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=09ub2-_eWGt_Mfb2eYE-sh_Mlms&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 549
Content-Type: text/html; charset=utf-8
Date: Thu, 20 Apr 2023 02:12:52 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=09ub2-_eWGt_Mfb2eYE-sh_Mlms&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 6BFF
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://match.prod.bidr.io/cookie-sync/pm?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFDV0UwN0lnVDhBQUNDYy0xbnhwUQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zj...
https://match.prod.bidr.io/cookie-sync/adx?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7...
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AACWE07IgT8AACCc-1nxpQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBEN...
https://match.prod.bidr.io/cookie-sync?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEin...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWE07IgT8AACCc-1nxpQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_...

0
0

47ms
47ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWE07IgT8AACCc-1nxpQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 0
Date: Thu, 20 Apr 2023 02:12:52 GMT
Server: nginx
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACWE07IgT8AACCc-1nxpQ&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A9E1
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZECfpAAEFDy9HABa&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_...

1 B
0

34ms
30ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZECfpAAEFDy9HABa&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&_test=ZECfpAAEFDy9HABa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 1
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

accept-ranges: bytes
cache-control: no-cache
content-length: 0
date: Thu, 20 Apr 2023 02:12:52 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZECfpAAEFDy9HABa&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&_test=ZECfpAAEFDy9HABa
pragma: no-cache
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-ewr18174-EWR
x-timer: S1681956773.694516,VS0,VE0

GET
H2 200 cm Show response
ipac.ctnsnet.com/int/ Frame CB61 43 B
369 B 96ms
31ms Document
image/gif 35.186.193.173

General

Check archive.org

Show headers Download Go to

Full URL: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.193.173 -, , ASN (),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 43
content-type: image/gif
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="NOI DSP COR NID CUR OUR NOR"
pragma: no-cache
server: Apache-Coyote/1.1
via: 1.1 google

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 85AC
Redirect Chain

https://core.iprom.net/cookiesync?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2d...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...

0
0

32ms
31ms

Document
text/plain

198.47.127.18

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private,max-age=86400
date: Thu, 20 Apr 2023 02:12:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control: no-store, no-cache, private
date: Thu, 20 Apr 2023 02:12:52 GMT
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 793A
Redirect Chain

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}

0
93 B

32ms
31ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
date: Thu, 20 Apr 2023 02:12:52 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server: _

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 2982
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
0

217ms
197ms

Document
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ba9dd64be2bb978-AMS
content-length: 43
content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 302

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache private
cf-cache-status: DYNAMIC
cf-ray: 7ba9dd634d59b978-AMS
content-type: text/html
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p: CP="NOI DEVo TAIa OUR BUS"
pragma: no-cache
server: cloudflare
x-function: 206
x-reuse-index: 122

GET
H2 200 bridge Show response
cm.adgrx.com/ Frame 42BF 0
221 B 322ms
24ms Document
text/plain 72.251.245.179

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.251.245.179 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, proxy-revalidate
content-length: 0
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Thu, 23 Sep 2004 17:42:04 GMT
p3p: CP="NOI OTC OTP OUR NOR"
pragma: no-cache
server: Cowboy
x-realserver-nx: ams-delivery-7

GET

Pug
image2.pubmatic.com/AdServer/ Frame 034D
Redirect Chain

https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zfzkj2zq6un

0
0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Fk7xmnP5SvCdW34gdfQceA%3D%3D&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8...
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBA...

16 KB
16 KB

34ms
31ms

Image
text/html

2.19.228.187

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 2.19.228.187 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=37664
accept-ranges: bytes
content-length: 5554
expires: Thu, 20 Apr 2023 12:40:36 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 662
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 qmap
sync.crwdcntrl.net/ Frame DA16 49 B
265 B 212ms
53ms Image
image/gif 52.214.145.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.145.221 -, , ASN (),
Reverse DNS
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.9.65
content-length: 49
expires: 0

GET
H2

204

cr
cr.frontend.weborama.fr/ Frame DA16
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr...
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr...

0
45 B

54ms
36ms

Image
text/plain

34.111.129.221

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&bounce=1&random=2094155532
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 34.111.129.221 -, , ASN (),
Reverse DNS
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
via: 1.1 google
last-modified: Thu, 20 Apr 2023 02:12:52 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
via: 1.1 google
last-modified: Thu, 20 Apr 2023 02:12:52 GMT
server: Weborama Collect Frontend
vary: Origin
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&bounce=1&random=2094155532
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame DA16
Redirect Chain

https://a.audrte.com/match?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9...
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWdtUENNWUx1aC1UekM3LVA1YnQxZi1LQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...

0
0

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame DA16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MTY0RUYxOUEtNzNGOS00QUYwLTlENUItN0UyMDc1RjQxQzc4&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7v...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
826 B

43ms
41ms

Image
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame DA16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7v...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
826 B

45ms
43ms

Image
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pubmatic
um.simpli.fi/ Frame DA16 43 B
608 B 134ms
32ms Image
image/gif 35.204.158.49

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 19 Apr 2023 02:12:52 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...

0
162 B

32ms
31ms

Image
text/plain

198.47.127.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sync
sync-pm.ads.yieldmo.com/ Frame DA16
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQd...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAA...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...
https://image4.pubmatic.com/AdServer/SPug?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB...

43 B
826 B

44ms
42ms

Image
image/gif

52.210.241.143

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 52.210.241.143 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods: POST, GET, OPTIONS
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Cache-Control, Pragma, *
content-length: 43

Redirect headers

location: https://sync-pm.ads.yieldmo.com/sync?pn_id=pub&id=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&redir=true&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20z...
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nGz0m6tE2uUV0_R9rXS3wY9AHFeW3qM-~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Ny...

0
128 B

38ms
29ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nGz0m6tE2uUV0_R9rXS3wY9AHFeW3qM-~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:50 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-nGz0m6tE2uUV0_R9rXS3wY9AHFeW3qM-~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:52 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 164EF19A-73F9-4AF0-9D5B-7E2075F41C78
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DA16 43 B
602 B 201ms
44ms Image
image/gif 2a05:d018:d29:3602:f896:3671:b11a:dd53

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/164EF19A-73F9-4AF0-9D5B-7E2075F41C78?gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:f896:3671:b11a:dd53 -, , ASN (),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr...
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0e...
https://x.bidswitch.net/sync?dsp_id=283&user_id=3dede6f8-eaba-4795-be44-2d1f0c8c7b07&expires=1&user_group=5&ssp=pubmatic&bsw_param=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPq...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_...

1 B
165 B

37ms
36ms

Image
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: //simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9...
https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=9b8c6753d1d244a&is_secure=true&networkId=17100&version=1&nuid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&gdpr=1&gdpr_consent=CPqhjwkPqhjw...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAM5H7zxgwuBwMxDJX0AAAAAAA&expiration=1682043172&nuid=164EF19A-73F9-4AF0-9D5B-7E2075F41C78&...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...

0
110 B

28ms
26ms

Image
text/plain

198.47.127.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame DA16 0
187 B 136ms
24ms Image
text/plain 98.98.134.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 -, , ASN (),
Reverse DNS
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8820235461248501496&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_A...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...

0
162 B

33ms
27ms

Image
text/plain

198.47.127.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=477910156417247956

42 B
95 B

31ms
30ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=477910156417247956
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.107; 31.204.150.107; 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5c5b340d-986f-4cfd-a233-23bec91c131b
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=477910156417247956
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame DA16
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CPqhjwkP...
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2...
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk...

0
96 B

33ms
32ms

Image
text/plain

198.47.127.18

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156983&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: H2
Server: 198.47.127.18 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame D282 222 KB
61 KB 221ms
79ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:31 GMT
age: 212301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D282 15 KB
6 KB 177ms
35ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Apr 2023 23:46:03 GMT
age: 8809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Apr 2024 23:46:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D282 94 KB
28 KB 178ms
36ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:31 GMT
age: 212301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D282 5 KB
2 KB 213ms
71ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:31 GMT
age: 212301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame D282 40 KB
13 KB 214ms
72ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 02:06:45 GMT
age: 367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 02:06:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D282 6 KB
664 B 79ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82048bca4b9f00ce38d8cb61e1105c12871d013ece060928d067c9a21c3df075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 02:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D282 116 KB
30 KB 80ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:400,500,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfda27d8d55aabc600ce1ed7cce50d374c15d4e9b8d79ac66ffd61bcf764a58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 01:31:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D282 3 KB
3 KB 77ms
47ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 57869
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 20 Apr 2023 10:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D282 344 B
368 B 78ms
46ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 14:09:46 GMT
x-content-type-options: nosniff
server: cafe
age: 43386
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 20 Apr 2023 14:09:46 GMT

GET
H2 200 854131566927864317
s0.2mdn.net/simgad/ Frame D282 171 KB
172 KB 219ms
60ms Image
image/jpeg 2a00:1450:4001:830::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/854131566927864317

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f2df3eeeb8525890c99cfe6ba3159e956ca67d0bf4b49329d1451f5fc5c9d91e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:13:20 GMT
x-content-type-options: nosniff
age: 460772
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175152
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:12:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Apr 2024 18:13:20 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame D282 42 B
63 B 88ms
56ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DIks47PUV31lRwztpoQZ5otKnWqttA7906WksY3OM8D6bcgzhn0vm2mqV32waQS8Qe4nERSS_X9IXLaDCJwq_TzOau68_QEqF1bIVoiVLO8VjhH8nicp6JOdkhOcW-urXcHg2NdrjsEiguR3liV8WGHnptcQ&dbm_d=AKAmf-Dt095otO5bHdF8H0Wl0a_3Y1pENFF4ZpBLksxPY23cT8Kf06-dcB8sPygn5Ly--1Dj1_iIldo5AxOFqz3VmOszeOdzwGK9s83Dv21nO0tJ95AcZ7JZUYZZJ97OqGjG9YZga_RzHQTBjtxr-G2us9YrwqWuys6kP9r9Cr1oNQ_zuV90f71Gjxc2VYAL6q9ikqdxCly28l2WYHTVmWTE2vo6zdqtsVbp8CF__7PlgCU7YvXR9UuN3QKNcZiLLzqaIo7Lc_i8HIAHJX3Imn6ELdtYcl_xZQIPga2oItfgJcuY7BVUd3IZz3gL2ZR1A2bRxRTfwblhQ4ELVr8fRMgJyUFG0vDVAk0NwZ_63WQB3e0JAOSjin7ES8bxZfnOTY7oyJLGPxg11p90CjAPxRnhUvg0O71TgBil9KssnyCuvPr0jQ3z_dD-Dhlrg5Gp0s71w1Dx-HQ-mWqCauNVnuoqTSquT7KLTbSv_x0oGLPL80VmlfhsLSvcpke9syeX_HgLbrdUcy-7_VAfAUrhvlHFZvB26E_tPtv38QP2ka0YxkBw0Tg1xu0_4Cpj8tX6wB8JtsY1lTPp5eVXPEA0_gOk_nN0Z_nClBGYNbXkqwSnm6gYrrkLiyoM0cqISlNsDvuJTN35nfi92WoC1Zp1b9887QoMRX9v5_48XYkfSkRBzLtp-dqjTGhSOTiLhBA_h3yrvFphR1IwSsLBXryXCPYAC5SR2QUPULjB5ybuOBaLmuvciLKs7PC2UvvyMVbu0hJlP3mh72jfOs3L0FVhCnL3E4qNCE_pzjKPdU4MoDBc_ePEb7ZllpAjwd2Psw3kcKlMu4kRHhj3QGzT3hHqXHjXQLQy9XlloY3BNTaBt7y516CyGcpNE_6zRNsoi9S-eVqYQ4M-N8bwaH_M0DDvzLhu6QT1yFiFBLXt124ZsrOrPdz_sLTsg23Y_Q6I-F3EsNv8dwPDB1KLsR3os1UbWql7bG3kCMiwPc0_jcwLBNkWh5FVqS-t75oDZ93P39uxXeTLs9zfi27UEoXB7nI2gbhEMgb-7x14nBhGOcLDuRZWEp6jkPIOe9JISyYly68gtfVKr49xXGz1wWPnVfrudlbuLvtgCu5WCCBBah6TQDVm-nsGylyGSGxA5bxG-2c_pgyTyin65ZnzySa9tdHuiKzUm3K9kZKLSHhHfi7VXPj5PUIu7vSpkjKiYm7jxhiSST60Ce7LknxR6lo6UZRtr5biS22JVDcTp-0ZG3LRgTmcV9CLZZcpntUFYkiDkcfYuuOVSn7r8FXWVh8awhS76SwuJ5VyOe9in2-UyfozbxP7UyOxobpqVyjGCQFJ0F1lpVvnmqt3qY3Q1JW6Pwbxi-Xqqvu9c0zs9O1pn_WpjcotAZu4aGZkuQEeHHF7HcNNnnHcW65GzTSGgj8SQUjszTSsqW3rCnCP9oWD91apOzE7jPMZTcwuCzc45yToXl3_UWXrLbZUQ3vz5YIm_MRQNc2DmJkhzXIC1EabI0gtanXWRyNw8h0-YdMOnr9hnr1X1jhlI8-KA3Lb3T_nK0_EdOmTGIhWRayB4EKJqZNyF-bK9vZCh4AfiWCuV1-NKpBhMFy4t5JcV2Z3vInCDqjZXJY1EdJ6-HIW43rwF7eZWf9BcRWJPpvNHiN3GROnoD7ZBaGeLAZAysKrf1gdgUCt_EpTyNzN6k56FgsG-xRpr1FgnEdRVKCJXa-yJ87488EXzu2_e9OZx6BQNAmr3udH5B0qHVhK3eLK9jBHVh2DzMbaEpoRtF2S6bggmswFTIFrwFQ0Q4lkG3GaAQ8tFF5ztus2Dq-fAkKDrGqB-wK060dTZLG8Rw6i4VHib0LTnBhaa7JgFwfGjEXG2AQkd1edj7QwmuJKIebDT2M4p0OZe3gvWDi2el1NEyOVWOWZD52nooeYjwID18gvuHYFQXjO_YTEYRcC7Q-Wp5wpYV4uNN0cenFDsZuooPHUHQZaPU2W3MW35z9oHVrAHMfPWcte4XHu-5nKhkZFn10zerzW8eiisuSVtTxmSKwCN6LrGsCi3xZ62Ehsr8n8_3EpPWdc9QCGCOs029QLdRCDknZVz2FW8zbd1iinQJnpSjmTh5Zjqm4KScrWWMIKv7KSIXiIGCyepClgHF50c7-TYD1Ze6wIwQRthhNuhacpHM0q9VsurXMduquwT7BbkTcX4uNfUGi-Ngqzw1_wvjEcelVJez-cjjiEaPPvX9nEQcnjhmzkDuANs1JOz3eN_1oc-B_ULU-7d6nD7gVjFDFhrRfm4iFAsmoJC7Vvz5RAhEtV2rtclJ6OmzbItyM2IV5Q-nxKrRDHX6GHneTNowWlHe6LlnBL5g1n0cQ9y6Oiqq2LgCL66KICse1MqMXDhwgp8_1OlSMPd0Bjwne1wCHzMWahTxJqTw4fbaLPoEPNJXgJRgDZLNn0g6CSAEwaxjJR-1mRY4NKy9RXPnWK33djF322kyVwyywJhMjmBtF8ZC8bwGiWyxw45tT1ektRUWL2XMKQTUsv9tTwwZesDiczW91nOPeA5I5vMSh6gnttsUzgHzjYm9WREJijvhshPBzmyVFRTA3ox9r4o8gFNcWYwnGtaXC9fFi_quFYm6Zqw_a8g26Yl5ECsIfFvJjAqFlFwXKWATSzY7jvVzm_jQPFqJzWZxmcGHeGcO0bdxmXwTWFbasDQSGg9pQSsYNU9iqFfeyExJ84g47P0C8NxIqYmcw5nmkqVoWWBUR7ULOZR5o9rzyoTPCdMPk9Ao9Tr0gB4PqCD7S_xkh-AGYvDXVyputgpF8V7pa2faZbJxL8bxrsPE18yYdSGDMiuruiv-a93MZtryOILm8bG6TvLrNgFJemnBgQE8PgvVLJvZfeMiCTdG2PypWN_15mzesKP7Fc7BldkdCIZoGIneeCvrXMFkd-7IS8QP_yV0a4FYPm0CMULdm66UH2Ev7zxIiUBVBVOy_7f-Ah7vmAGH3qPZENWPb4kKjgRPJFOCoIpkIOFT8v0yPyNAlI7PgL2BxiUXbuHTgr2XWq18lpoRl9h2FzKi_wMt073OsOUQnYuWzRK9PreAKKRsoX3nIeXmFkaOPO4SLFp5sybTVMqiM9qWwTNeB2Ih1J-ZeXmtbquR0qytrhm_AIC0C8us_mv1cSOvTVr924TBKx1_50hXHWbVtp2vNMcog--cowxaPEZybxrQ1FbW2h2ad3jLSQoz59l-u87496jtT8nvMqrkQLSJsUvbqa3XkzkWNXf8I0LLD-FPNxwQP5elCxQk_qwxKQ7u9Yw4i2d37vuGEvxDx8-1aFIIIZvEuNCEdGkEnqX-RGgKTYfdFp-o8NTe1OFQ1anAwrP07VhLVMqYq-U6Wbv-lY6Hv0bzv9Xr8uclL3Mk8-I9PhYP9XVHUyNszEA_N8VIdjEfUBrTQpauP0n5RvTIfzHIAtY0j9N_pzehX_s9DBZLZfQiKaB5mli4mlraARu-fR3_PCJ23LGDNhQyQsCuoXPddtgHKQPZdsaI9RE7xGYKDh9w1nHVYvzyf13W3XSmB8WGsQSdoHmgVfVVnRQcMQX0avATDkuLm7YfdcyWNtf32pBAxy_oM_18CgD7D3ZEYgUuw1Y-S1xqM7_Mylb_-p11sAAGeBRR5n0QDZ5XzZ2XaNeE0qA28bDHMg4JC2HZVkfBMo30zZ-jbftZCLMV_2p5cST--ZAnbbtJyB9jJv4A0wZqfVxaLk9EXT88fhlv26Q5_IkplqYjU74BBizynXALzWI_jsEXBMZYQ07a1T94yJX4hpPNTCSv4XwP9MTjpgSGpfVT_-CJyRWT4HDFAnt_MtQuO9432_l4sIL92jWvG202JYkvDUlH6h7tu3pZzZgN5WLjBuX7Pt_Ju4TsUNmNUl0IFiaeeSs4Yg7ZC0-6l6B8ljdNiblk3A0_Kgilys3mqg_O3L3GlUlgDPt5wnl3DVSKXJP2vd0RzxgzqPYp20lMZqOARGWL2rkuFzP6c3mtpIF-J5apT_mWpbO6dxdnKRkgZ5sWUkfioR4sTtEkKN9J3dvzdJ8OYcEE7ziW2X29rftFYRBEsa9eyBMcn5RRSjo68ofgptGfmmeHLHV8X36bYESI7Tf9L2dulPL4GhS-Uy_cTZyrqX9-Oz-nW4LiQkqPYKN0whzIh26RqmJXT69ca3B8EA_ek5Na6yXSrCYN17R_M5FvGCv9XJ7gt5di65g01HZTfHLubpOLm4bW7jE1tICFgn4uEQzRwIOzz31HSXbQToQs3jL2KMjvey2OY9f4D9r34HxJ-126Wn_OAhU7doEuj7mu41FCQvrBcHoUAtgdkRff9iamuF0WKqFDRGvkle489bdMBeJJnPHM851XByMxslFJs7RvwUI5JymSU_TNnkAPk_cpw8uHoRM3BBx-Kr5pCZ4uSGp8PamRlR2Rx7OkC6ERGbFENLydOS9DyXRaXp6y6dJh2bvA&cid=CAQSPABygQiD2Gbd4fFPNeRWktN_8dlb0ATOYtm2se0KykE-pxr9P9S2CK4ApNMAvbU1Pb7JGY0PMHZLx9bcSxgB&dc_exteid=1180747044327553382&dc_pubid=4

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D282 0
0 102ms
70ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAZz8o59AZN-tMISIrAT977qIDYnR9bRu8NPyroYR2u_S4LIBEAEg9PnGJWCRhKCFjBigAZ_ssfUCyAEGqQIRJ-Q3hmGyPqgDAaoEiAJP0C0oA-mBdn763CKJRQjuuq7iPa1uzXXk1DD-mbGiLUj6D_hDTkNR1qbUEcnudy9pgqWhx0o8XrBcA2aoevB5ku1GX9RjvbH3zzlyOKDnAqgSoQBOvxHc-FRYN-YE5zvCqol-lKsH2hUjX69Nj-i0SwmJg0YwHgh-AyRfwxL74w6Ng4m7edhvd-ULGiJTbjMUV1QqrasypgWEUkmCyYt8vjCyftneeCGzBew846vCiXF5XmbQWkvttFHE5d-YqBF7Q6IMlwcFih4lYP7gJbgsi5Eusld45PUdAbFFEKwMw1S4EbCw69hA6mFxmVHabEDUf-IHtFYrN87WU92E8TgztszO91S_mvfABKPwmvShBOAEA4gFubzRxEaSBQYIAxACGAGSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB8mTzooBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQzf0QGLWmzNkB0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDyAsBsBOwxfARyBO6_bjhA9ATANgTCogUAdgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xOTY2NzIxMTkyNzA5NjA2GL7JB-gXBQ&sigh=GpQKj-15DlQ&uach_m=[UACH]&cid=CAQSPABygQiD2Gbd4fFPNeRWktN_8dlb0ATOYtm2se0KykE-pxr9P9S2CK4ApNMAvbU1Pb7JGY0PMHZLx9bcSxgB&template_id=509&vt=10
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame D282 0
0 79ms
48ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTBFl4ZWb9MirgDszMAEagpyk0aoz6TY9s5MO3STf1K2eLzGH7FoKrzEQQqGJZEuWZd6TtD0IA-xPBJHlV51PWB-S8QCg
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
529 B 77ms
56ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODQ4MjY2MjM0OTc3MzI2NCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NDgyNjYyMzQ5NzczMjY0IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYWQwMDYxYTM4ZGQ3YzZmN2JjYjY5MmFlZTg4ZGZkYTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg0ODI2NjIzNDk3NzMyNjQiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE0LCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI4NDgyNjYyMzQ5NzczMjY0IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTk3NiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDM0NTA3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwMzQ1MDcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijg0ODI2NjIzNDk3NzMyNjQiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTItMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxOTc2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwMzQ1MDcsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euBeVZDWGNy5RtVc91nEiWS5b06hqWipY3xIWEm96taB%2FdTJmGOilCpieaDYOzBwkPFSO8nxRwBU8s%2FgcYE1Agy3hTDIkUJJd03gonNNlTvyWayoDvCALSYhfgvz%2F78MEvI2HeSLAZvS2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd63285db8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:57 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
531 B 77ms
54ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiODQ4MjY2MjM0OTc3MzI2NCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjE5NzYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDAzNDUwNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAC5nampyiK1t2SuRQATznucE68fr9%2Be7rHscEiFy3%2BHF51RrSQc8sh5mY%2Fe6EgjeYSTy%2FdqTeFHDQCsWuz0cB52V5TjpsZFv2%2BTaR4WogfzyBUsHGCtaTtpmb%2BpROI1PKttMz%2Fvh1tucQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd63285fb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:52 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
535 B 77ms
54ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiODQ4MjY2MjM0OTc3MzI2NCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYXVjdGlvbl9lcG9jaCI6MTY4MTk1Njc3MiwiYWRfcG9zaXRpb24iOjE5NzYsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjIwLCJiaWRfZmxvb3JfcHJldiI6NDAsImJpZF9mbG9vcl9maWxsZWQiOjE0LCJhdWN0aW9uX2NvdW50Ijo1LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2MjQsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LBiNjGPCOvK%2FJQCcSb7Fre1EH%2Bz0fCS7CM9SH%2F6meC2sWm6Gg2URfFalpZhLRXsUJkjAd%2BPEuPgeE5stbMy3Ypv6UM83TEtWsdB%2BtAsfvpkpCh%2FEcdltm%2FWekkDDQcgC%2FZ0LaWiKEgoPg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd632860b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:52 GMT

GET
DATA 200
OK truncated
/ Frame D282 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16074282cb8d5d6d89b6509e6c0632828a7c259ed0f0391225bd9ede916ff899

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5097 0
0 102ms
101ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3ttryxHnSD9xdz-SlmOlcoUwvSGb-9XINuFjiM6OIocXeEGfpApq6Vhi4FCPfWV9TEdJ8U-GldemYHhGDQxIu8a2sTiREPqJCbgqKdJ3znR-fynaqwhZdcj5C_1iujWRlX9WPOpZYLoXqf-2OtxWkG-DMYGqopvQugC_IB9EVuc3hVEHSHI43EieVUqVdRgr97O_G2ho8SCzTk9SG3yUvbp471kr_eWEcpLoUF-tqb-a8NBgQUEcUkvJR1LflKf467ADyxdaTaxHiTBxVfec4H8bmU3gKsYdBmoXw47mnpIcPSbQUTuMMAby5_c10LloddDYNZ_eckYyWx-U&sai=AMfl-YQSkeLtwPl4YazhlOxTDC4Vfmxrz5dDBwFBBWITwugr5804oO4YzVA0-aTs5DWhB0rXD4s7w_uzpHTDwFF1Dt-SxULZJqr79wFRDjLv31I8dLHb1bGX8AwWENCRgX8&sig=Cg0ArKJSzCK2MlpkhhBBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Apr 2023 02:12:52 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
530 B 67ms
55ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDAxNDUyMjMwMTc5NTk0MSIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjE2NTM0NjYsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils3MjgsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDE0NTIyMzAxNzk1OTQxIiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NjIwOTc2NjE4MywiY3JlYXRpdmVfaWQiOjEzODQyMTY1MzQ2NiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MDE0NTIyMzAxNzk1OTQxIiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NjIwOTc2NjE4MywiY3JlYXRpdmVfaWQiOjEzODQyMTY1MzQ2NiwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Bn%2FsRQF8lHB5y17fBHXxk5QNqLz9LWmIqtXGY3fYzu%2FAYzpZoDNuo0FvNBy0FZqiKYCLj0vCCfxEn5ugk5aOKdZVr3OTprrLTCJnWMS05sw%2FFLFj0kauoBs1ELRjtQ5lNIALslNeDjfZA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd63788ab8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:53 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FECD 34 KB
10 KB 36ms
35ms Script
text/html 104.109.78.125

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: d69acbb6d5739ce765491bb59851935a5c5ba692d5e0880a1c89d15c4c749575

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Apr 2023 07:05:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17597
Connection: keep-alive
Content-Length: 10018
Expires: Thu, 20 Apr 2023 07:06:09 GMT

GET

setuid
px.ads.linkedin.com/ Frame 87EA
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGOHMSR3-1O-M1B1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4...

0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 87EA
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe...
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_...

42 B
1 KB

168ms
33ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&expires=30
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6d5a94bb-9382-42e5-bd40-8d409aa9d60a&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 1011

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 87EA
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7N...
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjYWU5MWRjNTFlODlmMWNiZjEwMTY0NWM5OWJlNmI0MWYxOGZjOA&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY...

170 B
188 B

48ms
44ms

Image
image/png

142.250.185.66

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjYWU5MWRjNTFlODlmMWNiZjEwMTY0NWM5OWJlNmI0MWYxOGZjOA&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Protocol

Server

142.250.185.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTVjYWU5MWRjNTFlODlmMWNiZjEwMTY0NWM5OWJlNmI0MWYxOGZjOA&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 28e1e7d28d06b07ec669bc9e43057b8e
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET

dcm
s.amazon-adsystem.com/ Frame 87EA
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBA...
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBA...

0
0

GET

token
pixel.rubiconproject.com/ Frame 87EA
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR...
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR...
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_0AycoEKTJCQjocK8po0vA&rk=usync-other&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7...

0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 87EA 170 B
188 B 49ms
45ms Image
image/png 142.250.185.66

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 87EA
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7P...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEdPSE1TUjMtMU8tTTFCMQ==&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8...
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkV...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPSE1TUjMtMU8tTTFCMQ==&google_push=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X...

0
0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 87EA
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2...
https://pr-bh.ybp.yahoo.com/sync/rubicon/zw0PzvRvJDnJvhUdhBS_ucn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4m...
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BJPUNHhE2oKVMt9tir5hMmXWlyOnMf7oQBOZ1w--~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjg...

42 B
1 KB

40ms
40ms

Image
image/gif

69.173.144.138

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BJPUNHhE2oKVMt9tir5hMmXWlyOnMf7oQBOZ1w--~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
Protocol: HTTP/1.1
Server: 69.173.144.138 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: e06182bf224d96e6550f4595601cdb0b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 20 Apr 2023 02:12:52 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-BJPUNHhE2oKVMt9tir5hMmXWlyOnMf7oQBOZ1w--~A&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
content-length: 0

GET
H2 200 rules-p-TWKb6gH_3MnFX.js Show response
rules.quantcount.com/ Frame CDCA 160 B
631 B 27ms
26ms Script
application/javascript 2600:9000:238d:9a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-TWKb6gH_3MnFX.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:238d:9a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:45 GMT
via: 1.1 34833e1e6b760bb81603c4fa1e0bb5d6.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P1
age: 1867
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Fri, 14 Oct 2022 00:10:08 GMT
server: AmazonS3
etag: "60b74b47b16486dd7914c1bc3fe2b29f"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: pdqQ03lVm7HR_zeslZIgUL3iiklLar85GuYtsQZBwlS9617EtdjYJQ==

GET
H2 200 log
c21lg-d.media.net/ Frame 5812 35 B
173 B 187ms
186ms Image
image/gif 23.35.228.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=p-TesQU7LlZJ1xxmJ8ofUrpOUPrYet5S&cs=15&vsid=3249583720154755000V10
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 20 Apr 2023 02:12:52 GMT
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame E743 0
860 B 33ms
26ms Script
text/html 185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 20 Apr 2023 02:12:52 GMT
AN-X-Request-Uuid: c73577ba-af30-4983-903a-d26fd14061fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 31.204.150.107; 31.204.150.107; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202304111045/ Frame CDCA 239 KB
74 KB 55ms
47ms Script
application/javascript 2606:4700:4400::6812:220a

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202304111045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/9tgoNyGTAZjiv_HkXoBbJClUKFo/gpt_and_prebid/config.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:4400::6812:220a -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2023 14:47:39 GMT
server: cloudflare
x-amz-request-id: RGEQ52PGVRR2YCPR
age: 545373
etag: W/"7371672e2ad6b3b9469c4dc5cc2f6c08"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 7ba9dd63df38b758-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rBYMShDMwxIOrzWn7THliNfdGvX2wNYWfboio5oUi52YJ2m5vRr4jlDFxXFkCadoJwJcMrUNfR/CbcgUWJS0zrhoRcggz6POGkyDGB60zF8=

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
526 B 66ms
61ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU0OTUwOTE2NzgwODkwNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWJveC0yLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTEwMywiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjYyMDk3NjYxODMsImNyZWF0aXZlX2lkIjoxMzg0MjEwMDM4NTYsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMTU3In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CK27zuciKK09aUIvbfES9XO55q8IGFl0VoHR5VeGNYYIkZjkyvKD%2BU7FAEIDviIaRtwFugvMyG4xkgoS9wNhkqHh8C7PAMOm6AOB1bhpNbm0iWpwYYM0XrYD91Cl1O0v61dDGKu3UR4sGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd63d8c3b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:58 GMT

GET
H2 200 log
c21lg-d.media.net/ Frame 5812 35 B
173 B 188ms
188ms Image
image/gif 23.35.228.23

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=fe871a10-e343-42b3-8395-afcedbe578a7&cs=15&vsid=3249583720154755000V10
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2034%2C2033%2C2030%2C233%2C157%2C2028%2C2027%2C159%2C2026%2C236%2C2025%2C2069%2C237%2C117%2C238%2C359%2C437%2C97%2C55%2C99%2C56%2C59%2C2045%2C3012%2C3010%2C2041%2C241%2C201%2C2039%2C3007%2C246%2C4%2C126%2C203%2C446%2C9%2C2055%2C173%2C294%2C251%2C175%2C450%2C178%2C3018%2C3017%2C214%2C3016%2C413%2C337%2C459%2C339%2C77%2C2022%2C182%2C141%2C262%2C461%2C222%2C223%2C345%2C226%2C10000%2C80%2C108%2C229%2C109%2C307%2C82&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=1&gdprstring=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&coppa=0&usp_status=0&usp_consent=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.228.23 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 20 Apr 2023 02:12:52 GMT
content-length: 35
content-type: image/gif

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D282 15 KB
15 KB 34ms
33ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 142901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D282 16 KB
16 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 142908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D282 15 KB
16 KB 66ms
66ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 173501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012304062309000/ Frame 7348 222 KB
61 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:31 GMT
age: 212301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61901
x-xss-protection: 0
server: sffe
etag: "8572ebb49fe3e70f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:31 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 7348 15 KB
5 KB 107ms
106ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Apr 2023 23:46:03 GMT
age: 8809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "ad2d0ddcea45401f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 18 Apr 2024 23:46:03 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 7348 94 KB
28 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:31 GMT
age: 212301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28974
x-xss-protection: 0
server: sffe
etag: "441c199a95baae2a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:31 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 7348 5 KB
2 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 17 Apr 2023 15:14:31 GMT
age: 212301
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1904
x-xss-protection: 0
server: sffe
etag: "60fdf036b4edbfa8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 16 Apr 2024 15:14:31 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012304062309000/v0/ Frame 7348 40 KB
13 KB 115ms
114ms Script
text/javascript 2a00:1450:4001:813::2001

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304062309000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 20 Apr 2023 02:06:45 GMT
age: 367
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12949
x-xss-protection: 0
server: sffe
etag: "53b4f6addb6819c0"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 19 Apr 2024 02:06:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7348 6 KB
664 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82048bca4b9f00ce38d8cb61e1105c12871d013ece060928d067c9a21c3df075

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 02:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7348 116 KB
30 KB 58ms
58ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+JP:400|Roboto:400,500,700&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bfda27d8d55aabc600ce1ed7cce50d374c15d4e9b8d79ac66ffd61bcf764a58b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 02:12:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7348 3 KB
3 KB 37ms
36ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 57869
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 20 Apr 2023 10:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7348 344 B
368 B 37ms
37ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304190101/pubads_impl.js?cb=31074054

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 14:09:46 GMT
x-content-type-options: nosniff
server: cafe
age: 43386
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 20 Apr 2023 14:09:46 GMT

GET
H2 200 7032806474683804938
s0.2mdn.net/simgad/ Frame 7348 283 KB
283 KB 141ms
106ms Image
image/jpeg 2a00:1450:4001:830::2006

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7032806474683804938

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

d38196a3c2cd9d1b9601c1fad699d624cc566ae8458d5bc8298eac6143af7c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:08:50 GMT
x-content-type-options: nosniff
age: 173042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289617
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 10:07:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 17 Apr 2024 02:08:50 GMT

GET
H3 200 ad
googleads.g.doubleclick.net/dbm/ Frame 7348 42 B
63 B 89ms
67ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwcrDWbsanIz0yryIwWGBxnZdSG2G5kGeC_2UhD-5ONYxNQBa41E3_VKtoA7zYQSWpq0XMjl2Tb9VGBdex1nkK8o97DQgBxK5W8nUPxtLFi-SIASwUiPx4e1-8_k1_5GDHt_0TG2XgOszcnJuu8HU77_0sfw&dbm_d=AKAmf-BTHgf0ydy7D3wwf6YOVzvp4F0gw_oCkWDX26Xz197ZxKGugdIC6gJUIXsqLvavWE3e56MND4UfjcxsQi3-cgOXW4sB4Z2KQjon8yhCk5kmV4yiSFRPpeWBLhlxhNPNcn8nsRMkOx22q-vWe9gxPGlBLNQZsBigPfCY7EaXiGTI4-913A-5vn5sFv4DTD3yFxuf9APxCl34x1d9I_wCnKt7MGS2YXZ7VBrTz_2Hl0SSs8DbwiH4BlhWMxQfzP2WKUReqnVvlNQoRQgyKW1xmMlloHGJI3y7t9LAiSbNFF1XU3eIPvoDniNg1042azlKZNqywaDP926aVkx-xFEK1n5DPGpmJy3xhu6H7q993qM5L6uqWjifmupIf5ErfsBs4a2bRArzhsl9m1kbU7AvsQmdgvHsUhuc134Z_tCf1pERzOnJkCzsD0C6KyQ9defWMLPRLOyCYHFhGr1Y-OeWSm3S3YuSKkAjAsdWNjkH-Y1DuCurPmnGhW6Jd2pZGQ9hOIyW9w-udvJ_hBp02snrwOo6qmRTwfvizRvhbXTeVhXvMoFm3xrXNTjFCEdajcxz9sbSinbZgfFeB6XiHoLV-5-VmMlrRn4RmIHO6RRJd5dJpofXWZ8YaRwG5E0JDbF8jZs5ZzcjlXZsa5LTNyruqX323vKldIJnyci-4lfxDn44xFZf0JRq9cKnRnDVIyp6S2IbnBjDvg7I65vpE7fx6MiiKLudZDD1JQ8wKhP_-F5CLm5zlHUDBSLkl43LKZNPRC6cuunwO2RW6bPuqI49tC3YUCrJCJV0F5F1HBqSPhqI76czc853UvGgkeKGnBdfIT8BfIejERm62BZ6vQEPHKBtrBo0_lal2_P3AKXRCRA5Ile5qRmnGn1mv8TTT-A23NtbUN6NnNkpUkJHrcayHtjVyCuUQhqiTCls__uorMToTMuw_Aznmdg6RTC0nEogO9SbEnPh-CQ2cUmXp6nHqTCiL5HrAwEvpJl-0oRB55_TKwuK5jxeBLm4wwbtSOPjUSqj72v-Uz1cXG64XDSdHol1AVezw0Q1nwjAWeoPWllHM3uSYmozRES539LESrGNYzGyM83ZzDdJk1IHlzk0uELo7ICnHCfkcOSekwmi2wmAwAWsGKv3soPIMgoRN1Vy4jPCGXTDH3v94DgVGbuQJCWI4iYXr6LVcluLIFyf-P9TCEFMWnR_Rry4DUNrG3ky0-b5_go2QbV7tM0FcXxJHPCRp4xRTRsXhGlWF_Nx9DX547zEyOm494wOT5PDuTVwdWU7Ykejg4xZ6a42a5rPgbCckdsd332OS8e9qlf0sAJ9E_UaH5cocj7B-dyvO-YeIRjqnsHTe4ksDOsq-gElMt-9u75bRXCzjE7YQ9gcLnd-szrbttUtIDQuDP4u8hDs0GAE9KkEUw-hUAhOhtrg45X27aINWVX5v3P-b7UYH-zAThkptXMKFuZ6zwAWD7wsXt_jpWQO8sM-pRdIKdFIj-1F479TukrUgg0pljQH23sucj7L3SCvPUBl1qsTa9hHwm1TLGqNR6AE4gLdKl0wfAzoWb-oV-4frs_-7_P62mLJXbXR4IFw_SYGoo6LRPkuQ88lNUpf40pqINm4TFvXSF0nD6m0sPkYUtU4NZ6OALPvuTEJcCoRCXrJqqDNUSvhZaFUUmIUk8WGSV9HkyckedMBu1vZF602m5SAZM6y9hcowybF7Ebtlsj-5mN933t4gn06FMpGAV3oBtwq7wwCufCOW31M8-HuFfOQrCT_1jV_GV0ivj0wDIsRFUv4Y58uxAlitiAorE1iAuVzLx5nSyD5FJ7X7lkunq1QZRCEj73llxP5bBBWqpogst7UMgPetcPDb707kQzaLKH_Y6lfIJHD_Gs5XS-5L65Y_A42V-MC7KclrggZwJb2Q8l-KHHXb8q_8OqzOE8g5uoPtcPDSouqec9bfd2mL385lJGPvpmWNB8AUd5mwuKsOhI_3pB7gneRAuAkekxnwdH7VbBzPYWDqW3qGDvZQBKF_a9q-pWcCR3YuCR2ERc9Uv8CL8rvh4km9cqnJU1mVTuzZb57Ak9gQHAbFXQh1_6llo8mNXpF_rP1OmuOVorLkbGlQaj9wYsbbQTrqoAUphpKL24kK-DD4NvZduBICeWUrtvQL3BsW4f3ndPPr-wqN4bLRDzXe3wY0VCOoj80YCfhFeQLstNo79VByecJixk1D20dnIC3j2fB4qdZoktjECKwxc8sy4WJTMyw-c_TZErqivyz5FQQADdLNJBEq4I2-ODr5rz8c7Sg2RkGBtYzSTs0Y2Cmfn9PoErIa_l86IVzd1_-aUu50ej9coucUGOIykW_jrc413RODIq5XtL1IP7ZbM7SJz_2T6ctggPr6i2AU7SzBwr4zozMUNOzJeMlDOQKN_1m_erQ-qP1ASms6oQI5DuOzs72VTm5nR9MP5zf7ukRsxCwj0fyEQ9cw30RDlVJdk2PI7FT6dHlBD_-MCHFPhsdhHZKsG-_MNHZgMWGFhqKjdEsQpoKH4s761fVzg9rZoMvp1Cg840rFQ5bjkk-NCv2-g_jE_CDjJiBu6fBR6bhcazsaewnXbIoAEVXomT5kOoMEi2ojuWLKUqGq369eOzm4c9A9EtoB6F5D5GLfDfA-nOg567d5DSgZRneTCZ2EDP7n_ip-JhhGWBptSksyEHEmj1tVBh6d2XPK_5EMJbfHRvYIKNT5JybBygxFLmSkQzmBeMaCRhON3EEj3zTUkNMTVyK6pCa07LHKXy3EIvi-Ji8Bv9Px4CjDYk3Qnar3EKJrskVGqvLVxsjAq-uSJLHdtwokQuhvyHRiDDY9AuuBnNWERLUFtuvUBorXhjSY0FOu1w0bE2cMmryfbwhLCz_JZP8lfttasfq5JMiD_wOGju_-L-juk_ZuBdPLRYlPhdtb3EMxDspbkslLooxrX6eJ2hsQx5sekkLZv954dB9r64k6WxhM1BPK6i5hAgjXtHliA8i2VchXFIHGF0sGnxJoDra0dQwWDzWTqXjNKEuRCu-VfAfbmf3m7Ac-KEl5rNMaj-9HPD1ovloJTJTdRQszqkVsQTI3MHOjDrbD30lRdG9MhGCiOonfm_sEOrBoR4gr0oNaNSmo2M_ztana5saPLUpNSdOSA_BV2Rq4jYMi4ZYcLnb47qV64D4X-5TqkXRC31Gex08qDUJdIZ0nXd6Z9Ac-CaELSHIptABGcmGvn9X3pvpXysAmkJafLP6JkyylRksF9NHXtYFZ0FGqTTFIg2ApmakmJJWz3ym4QQ0LGfgUCMyJJ7YgyzoLUJpfOe4bLGC0pnCQq6rxAh1xa21s5sQm1p1lhAUCloR6_SL1_rIkKHrV2ibM5IQz83Q86zrZPtRV-2vHH3xfTpNEqbli82BPXjECjCfzWF7VBun_jOe2gfQtfD2RXfS5bl6zeVmbRtbjbJdXq2SzYhXzXiFnOzUpDKbsxlIu1lgi_j3eug_-Nze65FuQotxP4ypxd2hX-3DfvMYYehyQnvTL-glKPGbs9ycGtuh6xvltZeFsfzvjNLX5U6Dwaxts09XMCyb03K-_WuiVXg7oHvVeAlkOeKl1BC6PirhbeC4wJ0o4udwdaKW0Hi5oPeFWPqvhjsTidl9v7Je3rRQjkWSrRgM4PMM6x8Q52Ae8hPDxw_2xwvLxjMgkdTf_gHa2wuUGQ7rDBO8v4cl_6pl2nDvV1hDFFwtL9dYIJNAYexSwcOSy48h9wh7chBmjvePV9uQn2-Tc3_iVvN9Shr7WV8OnZqz5aFoMI77TCoTGG-Lyc_hhT9FySJs5wOfAhcvzLA3KPp3ZRt-wmIwlGfgmdM08oBRTa6L9Y4Eq9qOJwL_UxA0OMqdJ5-6QokEszlpz2Z0VszpcuaK05OYUJHTbdNjAaEX3VdjAbW6Im9zKj0iMPVUqIMwW3JtySQS2FOyW0iDYAx0sn53Hcujyexp6FQOAaP_ZnmFxUpEvBN-APENnB8YBQ9W4hGJ_KdE3wgFDS2q1OCVg1AFnDB70_712kdp9KayQn-bW2s_ESnG377PR9UJpLiUV1Cv3CJGMfy1tdI7c17bGrWyWEx4wlP_PzoNDmyboe8N-Dfoe1CRwUEJWL6vW-HdwjUDl9oiS0jJyJqA3REQiYByTs1TNMvyuGcTR_Qva3fhZeRH1iirtT1GMbw09mnxIa_CG-B8GeGGibmHb8XLfIEiOZNaKi99imw1oJmRLA527uC6OUsN6G2hXnyr3Z-g-QdcoAJj2vxy3Uk-GqqQSZ9PaHCyZs4Qu2XyhehYpdTX6h4qGIc1l8WPIog8I2Z2wP_2428fCZZAW736K1rGcz8-3CrAfc2YBRTHUtrea73dA6Vc7oVx6SsDCNm_g6XZLl827fC69u11RadT-RVWjh0PVR5IfqJyHxHIysiPmm-6poSz&cid=CAQSPABygQiDBDhKvJa8OBPMMMSCa5SQOFLFdm8-Lc423Mi69O6daZR4fimAIQ-v2P-Tc58bPjiVrsxew8cgxBgB&dc_exteid=1996968814688731844&dc_pubid=4

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7348 0
0 100ms
78ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHYg-o59AZNbiNYX23gOlw4_4ConR9bRuyNPyroYR2u_S4LIBEAEg9PnGJWCRhKCFjBigAZ_ssfUCyAEGqQIRJ-Q3hmGyPqgDAaoEiAJP0HpxI67asbzWYvBaekNvv6L9cTqqBhcP2ihoXcoPUxZrEVMwpbpyz7yGgFaIM7W-j2oKHLLH8_diQ2D3gJPzUHW1lK_OsodARjny8BfR4f7bTlSLT9XBI3FGlb3nnl6ne1eTi2ci3Ruzhbh9UrP374O5pbYKpVHR7bKHDeSgyfJmYp-zlU2mnN0nyAzB8RZx_e5ekPfX84POndie62GOz2uL7W2SdniOAZz2LSP6NBQkAjGiiiZs4_FwCweoSgHpF1-MMKZuAnTOpklgks0kZ0ZvGHPbQ5JioQPjUKUHgTXzXiY-ZSMCM0mcqyt3Z3GSvnnXnw4yJumHSY1XCX3nGljxWX5R3EzABKPwmvShBOAEA4gFubzRxEaSBQYIAxACGAGSBQYIGxADGAOSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB8mTzooBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwoQx-ARGIeQzdkB0ggSCIDhgBAQARgdMgKqAjoDgMADgAoDyAsBsBOwxfARyBO6_bjhA9ATANgTCogUAdgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi0xOTY2NzIxMTkyNzA5NjA2GL7JB-gXBQ&sigh=ZteuLMYvoqg&uach_m=[UACH]&cid=CAQSPABygQiDBDhKvJa8OBPMMMSCa5SQOFLFdm8-Lc423Mi69O6daZR4fimAIQ-v2P-Tc58bPjiVrsxew8cgxBgB&template_id=509&vt=10
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7348 0
0 62ms
40ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWarALLw4rEHnXREZva-gBnjwo-DWe_bCPHFrE6hj91kaAJJAHdIPE_royjUhPDaPb2gFMzwiS0xb4c092BUGQuijtkQ
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
536 B 58ms
50ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQ4Nzg1NDc2NzgwMzYzNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI1In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDg3ODU0NzY3ODAzNjM0IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiYWQwMDYxYTM4ZGQ3YzZmN2JjYjY5MmFlZTg4ZGZkYTQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0ODc4NTQ3Njc4MDM2MzQiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDE0LCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTQsImJpZF9mbG9vcl9wcmV2IjowLjAwMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0NDg3ODU0NzY3ODAzNjM0IiwiZG9tYWluX2lkIjoiMzE0NzU3IiwidW5pdCI6ImRpdi1ncHQtYWQtaGVscHJfbWUtZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjgxOTU2NzYzLCJhZF9wb3NpdGlvbiI6MTk3NSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwNDE2OTc5LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTY5NzkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ0ODc4NTQ3Njc4MDM2MzQiLCJkb21haW5faWQiOiIzMTQ3NTciLCJ1bml0IjoiZGl2LWdwdC1hZC1oZWxwcl9tZS1lZGdlLTEtMCIsInRfZXBvY2giOjE2ODE5NTY3NjMsImFkX3Bvc2l0aW9uIjoxOTc1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiTkwiLCJwYWdldmlld19pZCI6Ijc0OWRlMGJkLTk2OGItNDgyOC03NTBiLWEwYjE3NjM5OTkxNiIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk6h5buZS7ti0TEH%2Fvr6ZuMAHh%2Foh0r5p0V1CUhBpVGrAxXI6mkwGvN%2FWa%2FexH%2FzZqsIhNs7s%2Bhz9rBAZtgDjJiLOf2W%2BxgZE%2Bl7BwIuinAEnHKc7o2fv6JZV5TfjBo8BIu34hDMlJUfIA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd6428f7b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:54 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
528 B 60ms
49ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDQ4Nzg1NDc2NzgwMzYzNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYWRfcG9zaXRpb24iOjE5NzUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJOTCIsInBhZ2V2aWV3X2lkIjoiNzQ5ZGUwYmQtOTY4Yi00ODI4LTc1MGItYTBiMTc2Mzk5OTE2IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDQtMjAifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIyIn0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fFey3LDPb60pagqqRkKGEOyy0wruRY90TRCxJ9c5AtLj2f8i2kxBPpw4rwjm%2FyHyL4Oz0662W5HljnS1EvHsAq8fDA5RNZbr4TUK7VCfIniB4hnRM%2FC8qDtW4JFky57QD4MPFPc385fQTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd6428feb8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:58 GMT

POST
H3 204 army.gif
ja.helpr.me/porpoiseant/ 0
530 B 78ms
66ms Ping
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.helpr.me/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDQ4Nzg1NDc2NzgwMzYzNCIsImRvbWFpbl9pZCI6IjMxNDc1NyIsInVuaXQiOiJkaXYtZ3B0LWFkLWhlbHByX21lLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY4MTk1Njc2MywiYXVjdGlvbl9lcG9jaCI6MTY4MTk1Njc3MiwiYWRfcG9zaXRpb24iOjE5NzUsImNvdW50cnlfY29kZSI6Ik5MIiwicGFnZXZpZXdfaWQiOiI3NDlkZTBiZC05NjhiLTQ4MjgtNzUwYi1hMGIxNzYzOTk5MTYiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjIwLCJiaWRfZmxvb3JfcHJldiI6NDAsImJpZF9mbG9vcl9maWxsZWQiOjE0LCJhdWN0aW9uX2NvdW50Ijo1LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo3MDgsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-13y07-2y0b-6y0d-23y17-4y1b-5y25-3y33-4y3a-12y3b-5y5d-2y61-22y68-1&cmbcb=136&sj=x04x02x06x07x0bx0dx17x1bx25x33x3ax3bx5dx61x68&abt=EdgeHostDomain
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6th%2BzdNkEcPFU8HVDqVVl9gWeaTl%2Bl1FgW1a5L%2Fc%2Bh1VVvZk1NBn4eebbaBm2juhwi5OhtPOG4Hs51JT97KKDlO5R1WotRVGeV1PpdSCDglEktd2d4RCnFFPnHVbgJgXb6kJhL6gW8X5%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://ja.helpr.me
x-middleton-display: ezp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-ray: 7ba9dd643907b8e8-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 19 Apr 2023 02:12:52 GMT

GET
DATA 200
OK truncated
/ Frame 7348 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f826d3c602601ff720eaa18ab44aa6bddd175fe4a2591d5efa86bf58bd6eee40

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

cksync.php
contextual.media.net/ Frame FECD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LGOHMSR3-1O-M1B1
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGOHMSR3-1O-M1B1

61 B
467 B

75ms
75ms

Image
image/gif

2.18.235.93

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGOHMSR3-1O-M1B1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Server

2.18.235.93 -, , ASN (),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 20 Apr 2023 02:12:52 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Thu, 20 Apr 2023 02:12:52 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=LGOHMSR3-1O-M1B1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H2 200 blank.png
saambaa.com/assets/image/ Frame 5097 68 B
151 B 131ms
125ms Image
image/png 161.47.17.28

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa.com/assets/image/blank.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 161.47.17.28 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:12:48 GMT
last-modified: Wed, 14 Feb 2018 23:02:54 GMT
server: Microsoft-IIS/8.5
etag: "cebd78f2e7a5d31:0"
x-powered-by: ASP.NET
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
x-cache-info: not cacheable; response specified "Cache-Control: no-cache"
accept-ranges: bytes
access-control-allow-headers: content-type
content-length: 68

GET
H2 200 728x90_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame 5097 17 KB
17 KB 172ms
50ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/728x90_oahu_v3.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software: ECAcc (ama/48F0) /
Resource Hash: 446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 20 Apr 2023 02:12:52 GMT
last-modified: Thu, 27 Jan 2022 00:46:57 GMT
server: ECAcc (ama/48F0)
content-md5: 5VOrxFk1xKRvkGqad3v+sA==
age: 512466
etag: 0x8D9E12E85B2CCAC
x-cache: HIT
content-type: image/png
x-ms-request-id: d40a930e-201e-001f-7284-6e3612000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 17345

GET
H2 200 300x250_oahu_v3.png
saambaa-static.azureedge.net/sidestage/ Frame CDCA 24 KB
24 KB 171ms
52ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/300x250_oahu_v3.png
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software: ECAcc (ama/48C9) /
Resource Hash: 6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 20 Apr 2023 02:12:52 GMT
last-modified: Thu, 27 Jan 2022 00:46:57 GMT
server: ECAcc (ama/48C9)
content-md5: 6Urn8SrRgO3o0cSRdd+hrw==
age: 513140
etag: 0x8D9E12E85A19017
x-cache: HIT
content-type: image/png
x-ms-request-id: 696b531d-a01e-00af-0582-6ecf92000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 24705

GET
H2 200 300x250_ak_v3.png
saambaa-static.azureedge.net/sidestage/ Frame CDCA 38 KB
39 KB 146ms
27ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/300x250_ak_v3.png
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software: ECAcc (ama/48C2) /
Resource Hash: b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 20 Apr 2023 02:12:52 GMT
last-modified: Thu, 27 Jan 2022 00:46:57 GMT
server: ECAcc (ama/48C2)
content-md5: Brxf/5pfZY4zgW2j5iapHg==
age: 513140
etag: 0x8D9E12E859EF83D
x-cache: HIT
content-type: image/png
x-ms-request-id: 4a266509-f01e-0095-2082-6e8c31000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 39311

GET
H2 200 300x250_yosemite_v3.png
saambaa-static.azureedge.net/sidestage/ Frame CDCA 34 KB
34 KB 190ms
71ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/300x250_yosemite_v3.png
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software: ECAcc (ama/48AD) /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 20 Apr 2023 02:12:52 GMT
last-modified: Thu, 27 Jan 2022 00:46:57 GMT
server: ECAcc (ama/48AD)
content-md5: 7FSdSDImvRJoVseoH9fwoQ==
age: 513140
etag: 0x8D9E12E85A47615
x-cache: HIT
content-type: image/png
x-ms-request-id: 4a2381db-f01e-003f-6f82-6e5ade000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 34431

GET
H2 200 300x250_japan_v3.png
saambaa-static.azureedge.net/sidestage/ Frame CDCA 26 KB
26 KB 196ms
77ms Image
image/png 2606:2800:133:206e:1315:22a5:2006:24fd

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://saambaa-static.azureedge.net/sidestage/300x250_japan_v3.png
Requested by: Host: ja.helpr.me
URL: https://ja.helpr.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd -, , ASN (),
Reverse DNS
Software: ECAcc (ama/4887) /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 20 Apr 2023 02:12:52 GMT
last-modified: Thu, 27 Jan 2022 00:46:57 GMT
server: ECAcc (ama/4887)
content-md5: g0ekiMWPyvO4+/SlJYqCdw==
age: 513140
etag: 0x8D9E12E859ED131
x-cache: HIT
content-type: image/png
x-ms-request-id: 825cd031-d01e-00ef-7182-6ee67c000000
x-ms-version: 2009-09-19
accept-ranges: bytes
content-length: 26484

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7348 15 KB
15 KB 49ms
45ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:11 GMT
x-content-type-options: nosniff
age: 142901
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:11 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7348 16 KB
16 KB 45ms
41ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 10:31:04 GMT
x-content-type-options: nosniff
age: 142908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 10:31:04 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7348 15 KB
16 KB 62ms
58ms Font
font/woff2 2a00:1450:4001:80e::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500,700&lang=ja

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ja.helpr.me
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:01:11 GMT
x-content-type-options: nosniff
age: 173501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Apr 2024 02:01:11 GMT

GET
H2 200 pixel;r=2062106945;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fja.helpr.me%2F;ref=https%3A%2F%2Fja.helpr.me%2F;uht=2;fpan=0;fpa=P0-2035593922-1681956764595;pbc=4336cd22-7d70-4dbc-987c-141c1ce94ddd;ns=...
pixel.quantserve.com/ Frame CDCA 35 B
210 B 40ms
34ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2062106945;rf=0;a=p-TWKb6gH_3MnFX;url=https%3A%2F%2Fja.helpr.me%2F;ref=https%3A%2F%2Fja.helpr.me%2F;uht=2;fpan=0;fpa=P0-2035593922-1681956764595;pbc=4336cd22-7d70-4dbc-987c-141c1ce94ddd;ns=1;ce=1;qjs=1;qv=93f4cf8b-20230329153214;cm=;gdpr=0;d=helpr.me;dst=0;et=1681956772574;tzo=0;ogl=;ses=e7a10a8c-a6ac-46fb-8392-749702c1e574

Requested by

Host: ja.helpr.me
URL: https://ja.helpr.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 115ms
26ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 103ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 98ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 90ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT

POST
H2 204 c
prebid.a-mo.net/a/ Frame 5097 0
158 B 174ms
80ms XHR
text/plain 147.75.84.158

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 55
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
158 B 104ms
49ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ja.helpr.me
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ Frame 5097 1 KB
695 B 160ms
160ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e34a478c515f50dfb1d2116344b1a27dd434d2221ce5088a6c9b4ca61f55c44b

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 20 Apr 2023 02:12:52 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame 5097 94 B
497 B 84ms
83ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: 22ae1f8903e45a21df26ed07d3b591a9c5acdd54eca0f61666c35e2edb8c1f3a

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ja.helpr.me
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 5097 36 B
566 B 126ms
42ms XHR
application/json 104.18.25.185

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: f7908dfcf512fefb352eb167546e4824cd359837c58bb22c27fd8d1a0c21cf83

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eNG7Xe%2BOR8J3jcm%2B%2FoqkRyHWW5FKErhUTfeuVoN7lXvuyN8OnxaUVUWCphSoSlQwJT53Sz87Au2rbWDKqki3vt8qsOu1OOTcPKq%2FgdUaRYToSrRstE%2BtfNQrK2%2Bml83o%2BJGdcqOi"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ba9dd655edcb76a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5097 343 B
401 B 105ms
104ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=749b514e-adfa-4335-9933-637e555af45d&l_pb_bid_id=1246767a8bf305&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90_desktop&slots=1&rand=0.771857996248716
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6b404319f878b82e7e706ede89f23418785d9f29881cb7c54ae49bae3537b3c4

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 343
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 5097 37 B
321 B 123ms
44ms XHR
application/json 104.18.25.185

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: a759401d50e6468970369920f8755b6af379f78b6ce1c255248b4a73c5edbc75

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bpm0lAA0a%2FGG4vlF0Kg9T6GPYl0JIw%2FI9pVpMKCzT%2Fdu71%2FkaORVBobb4eUiNrQA4%2Bls%2B7L2s%2F%2BvjKEoXdaSsYkLvYO%2BEtUiw0XSiMI6%2BdbTkabMF2I0d4Ma0ydTDZpbz%2F2WIG%2F9"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ba9dd655edeb76a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H2 200 prebid
prebid.media.net/rtb/ Frame 5097 1 KB
672 B 152ms
151ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 20 Apr 2023 02:12:52 GMT

POST
H/1.1 200
OK bid
ap.lijit.com/rtb/ Frame 5097 94 B
497 B 153ms
77ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ja.helpr.me
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

POST
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
159 B 85ms
27ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ja.helpr.me
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5097 12 KB
5 KB 114ms
113ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90b_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=a881c360-91e6-497a-a770-ae2d33d6ab76&l_pb_bid_id=2322c051537a74c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90b_desktop&slots=1&rand=0.9735121928707116
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 51555bded2c8b54a493c8cd1669398cc2734caa77afbdcbca86b43eb59b05948

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 5097 0
274 B 123ms
44ms XHR
text/plain 147.75.84.158

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:51 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 17
server: envoy
vary: origin, Accept-Encoding

POST
H2 204 c
prebid.a-mo.net/a/ Frame 5097 0
134 B 198ms
121ms XHR
text/plain 147.75.84.158

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 73
server: envoy
vary: origin, Accept-Encoding

POST
H/1.1 200
OK bid
ap.lijit.com/rtb/ Frame 5097 94 B
496 B 152ms
80ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ja.helpr.me
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
158 B 107ms
51ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ja.helpr.me
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid
prebid.media.net/rtb/ Frame 5097 1 KB
672 B 145ms
145ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 20 Apr 2023 02:12:52 GMT

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 5097 37 B
307 B 116ms
44ms XHR
application/json 104.18.25.185

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff5de273d8207f4f756e69d6bfb38a4579768fbb11a1d5ea5a09817b519cc0a

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZiHdLLWrFnRqFq0bVpiG6QRmIcJAbF6w0BBoGbADEI9ap2YfFS5L54ZP7AexzbKEKRkNBeKUUJretSv4CA5Evex5OSGNEyR5AH7fl4CUa2gbMKH%2Fv8qdjPy4I4IUaQUKMgU7Glcm"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ba9dd655edfb76a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5097 344 B
379 B 100ms
89ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90c_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=72b7b9c9-f9ee-43ce-945a-5559f37cddac&l_pb_bid_id=383a0ba3906fce&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90c_desktop&slots=1&rand=0.005601451077482
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3f31c9ccc02068b9feef0ee11e9029e29fc826e6559998e57ab1b79f7d3a7c24

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 344
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 c
prebid.a-mo.net/a/ Frame 5097 0
134 B 218ms
150ms XHR
text/plain 147.75.84.158

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.84.158 -, , ASN (),
Reverse DNS
Software: envoy /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.helpr.me
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 93
server: envoy
vary: origin, Accept-Encoding

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ Frame 5097 37 B
316 B 108ms
43ms XHR
application/json 104.18.25.185

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 8954b314952fd57a6c7ce37c2471f124d54092c0a4909e983fbb7eff76b1491d

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=POiCAyNMC3IjtLaZ%2Fj%2BrRayjaB%2Bb6BmMT9RSYTlbkFnSNJL%2F7Nkaa8NxfkAbEjmKmFPEFWkNcfozdbPkM2WEtnKPXyciMkIxQh6X9ltPHfiFPkHLh0noDH%2BpGxbPmObIT6lq467y"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7ba9dd655ee1b76a-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK bid
ap.lijit.com/rtb/ Frame 5097 94 B
496 B 142ms
78ms XHR
application/json 216.52.2.39
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 20 Apr 2023 02:12:52 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://ja.helpr.me
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 98

POST
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
158 B 108ms
52ms XHR
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://ja.helpr.me
pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid
prebid.media.net/rtb/ Frame 5097 1 KB
671 B 135ms
113ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ja.helpr.me
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Thu, 20 Apr 2023 02:12:52 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 5097 344 B
379 B 132ms
107ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90d_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=e79740e8-5901-4d44-aed1-e35a73230f6b&l_pb_bid_id=51ac3b67d05a0b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90d_desktop&slots=1&rand=0.167457610894008
Requested by: Host: saambaa.com
URL: https://saambaa.com/assets/js/saambaa_prebid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bc6d5c07e840b1fc34819d361d752c41e53520899437142ccfac909fa37b8e4c

Request headers

Referer: https://ja.helpr.me/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 20 Apr 2023 02:12:52 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://ja.helpr.me
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 344
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D282 3 KB
3 KB 32ms
31ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 57869
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 20 Apr 2023 10:08:23 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D282 344 B
368 B 32ms
31ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 14:09:46 GMT
x-content-type-options: nosniff
server: cafe
age: 43386
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Thu, 20 Apr 2023 14:09:46 GMT

GET 854131566927864317
s0.2mdn.net/simgad/ Frame D282 0
0

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7348 3 KB
3 KB 32ms
31ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304062309000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.helpr.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:08:23 GMT
x-content-type-options: nosniff
server: cafe
age: 57869
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 20 Apr 2023 10:08:23 GMT

GET icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 7348 0
0

GET 7032806474683804938
s0.2mdn.net/simgad/ Frame 7348 0
0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 25ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT

POST unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5097 0
0

POST c
prebid.a-mo.net/a/ Frame 5097 0
0

POST bid
ap.lijit.com/rtb/ Frame 5097 0
0

POST prebid
prebid.media.net/rtb/ Frame 5097 0
0

POST pbjs
htlb.casalemedia.com/openrtb/ Frame 5097 0
0

GET integrator.js
adservice.google.nl/adsid/ Frame 5097 0
0

GET integrator.js
adservice.google.com/adsid/ Frame 5097 0
0

GET ads
securepubads.g.doubleclick.net/gampad/ Frame 5097 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ Frame 5097 0
0

GET
H2 200 container.html
f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2F13 0
0 81ms
38ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304120201/pubads_impl.js?cb=31073972

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.helpr.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 02:12:52 GMT
expires: Fri, 19 Apr 2024 02:12:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 27ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:52 GMT

POST pbjs
htlb.casalemedia.com/openrtb/ Frame 5097 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5097 0
0

POST c
prebid.a-mo.net/a/ Frame 5097 0
0

POST unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
0

POST prebid
prebid.media.net/rtb/ Frame 5097 0
0

POST bid
ap.lijit.com/rtb/ Frame 5097 0
0

GET ads
securepubads.g.doubleclick.net/gampad/ Frame 5097 0
0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 25ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:53 GMT

POST pbjs
htlb.casalemedia.com/openrtb/ Frame 5097 0
0

POST prebid
prebid.media.net/rtb/ Frame 5097 0
0

POST unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
0

POST bid
ap.lijit.com/rtb/ Frame 5097 0
0

POST c
prebid.a-mo.net/a/ Frame 5097 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5097 0
0

GET ads
securepubads.g.doubleclick.net/gampad/ Frame 5097 0
0

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 25ms
25ms Preflight
text/plain 213.19.147.42

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.helpr.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://ja.helpr.me
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Thu, 20 Apr 2023 02:12:53 GMT

POST unruly_prebid
targeting.unrulymedia.com/ Frame 5097 0
0

POST prebid
prebid.media.net/rtb/ Frame 5097 0
0

POST bid
ap.lijit.com/rtb/ Frame 5097 0
0

POST c
prebid.a-mo.net/a/ Frame 5097 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 5097 0
0

POST pbjs
htlb.casalemedia.com/openrtb/ Frame 5097 0
0

GET ads
securepubads.g.doubleclick.net/gampad/ Frame 5097 0
0

GET view
securepubads.g.doubleclick.net/pcs/ Frame CDCA 0
0

POST c
prebid.a-mo.net/a/ Frame CDCA 0
0

POST pbjs
htlb.casalemedia.com/openrtb/ Frame CDCA 0
0

GET fastlane.json
fastlane.rubiconproject.com/a/api/ Frame CDCA 0
0

POST prebid
prebid.media.net/rtb/ Frame CDCA 0
0

POST bid
ap.lijit.com/rtb/ Frame CDCA 0
0

POST unruly_prebid
targeting.unrulymedia.com/ Frame CDCA 0
0

OPTIONS unruly_prebid
targeting.unrulymedia.com/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: contextual.media.net
URL: https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=36607cb9-a749-4821-a3e6-46f70a801f4b&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr_pd=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=1zfzkj2zq6un

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWdtUENNWUx1aC1UekM3LVA1YnQxZi1LQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D1%26gdpr_consent%3DCPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Domain: px.ads.linkedin.com
URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LGOHMSR3-1O-M1B1&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Domain: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1&dcc=t

Domain: pixel.rubiconproject.com
URL: https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_0AycoEKTJCQjocK8po0vA&rk=usync-other&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA&gdpr=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdPSE1TUjMtMU8tTTFCMQ==&google_push=&gdpr=1&gdpr_consent=CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/simgad/854131566927864317

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/simgad/7032806474683804938

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90e_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=aeb3b3e3-b1c0-48c0-88d3-8e040eb6b2d9&l_pb_bid_id=560031bba441c8e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90e_desktop&slots=1&rand=0.895249519433934

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505

Domain: adservice.google.nl
URL: https://adservice.google.nl/adsid/integrator.js?domain=ja.helpr.me

Domain: adservice.google.com
URL: https://adservice.google.com/adsid/integrator.js?domain=ja.helpr.me

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4364917096837415&correlator=1631054459585719&eid=31072020%2C31073972%2C31073996%2C31074000&output=ldjh&gdfp_req=1&vrg=202304120201&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90b_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=1&adks=2587397766&sfv=1-0-40&prev_scp=hb_format_rubicon%3Dbanner%26hb_size_rubicon%3D728x90%26hb_pb_rubicon%3D0.01%26hb_adid_rubicon%3D125b1851497b5abf%26hb_bidder_rubicon%3Drubicon%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.01%26hb_adid%3D125b1851497b5abf%26hb_bidder%3Drubicon&eri=1&cust_params=domain%3Dhelpr.me&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956772909&lmt=1681956772&dlt=1681956770788&idt=1246&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=yp5umuo0d18a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fja.helpr.me%2F&ref=https%3A%2F%2Fja.helpr.me%2F&top=https%3A%2F%2Fja.helpr.me%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1338461827.1681956772&ga_sid=1681956773&ga_hid=2135375630&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YioW-4_kwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANDVlNjQ0YjUwNGZlYjAxMThhYzNiZGRhMTQ2MTQ5NDVhNzAyMjgxM2JmMzcxZTczM2JlMWVhNjgwODQ5ZTNiYRi9h77j-TBIABIZCgpwdWJjaWQub3JnGOyFvuP5MEgAUgIIahLCAQoIcnRiaG91c2USrAFRRnNsNnZTRWtrOWppcU1iN3dMb2JPYTJ3VTZscHFWbUFndWcydHhBbEZMZ2E2bnU2RHFWcmM5YUozN1N1ZStIKytOQms5WXpqNG5MYjk5ajNLTWlJSU11azl2WkZxcU5YQk4zaFR3VEQzdVh1TGVMV1Z5QzRjNWhMNGZOd2QxUEkwTkM1a2dkOHBrcTdsL21yV1R3bUs2Znp5UnV6UXZRZVNKdHF1WUVpVEk9GMOHvuP5MEgAEh0KDmVzcC5jcml0ZW8uY29tGIqFvuP5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZbFJNS3pOeU1qaFRNU3RxTkdwM1FYaDNVVXRSZHowOUluMD0YuIi-4_kwSAA.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304120201&st=env

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90f_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=02c52555-a8a7-41f9-ad07-ade930fbd928&l_pb_bid_id=68b2ba21a293469&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90f_desktop&slots=1&rand=0.2743127150857585

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4364917096837415&correlator=2078734485328094&eid=31072020%2C31073972%2C31073996%2C31074000&output=ldjh&gdfp_req=1&vrg=202304120201&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&adks=1332890142&sfv=1-0-40&eri=1&cust_params=domain%3Dhelpr.me&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956772982&lmt=1681956772&dlt=1681956770788&idt=1246&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=pwe1qjkia25z&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fja.helpr.me%2F&ref=https%3A%2F%2Fja.helpr.me%2F&top=https%3A%2F%2Fja.helpr.me%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1338461827.1681956772&ga_sid=1681956773&ga_hid=2135375630&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YioW-4_kwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANDVlNjQ0YjUwNGZlYjAxMThhYzNiZGRhMTQ2MTQ5NDVhNzAyMjgxM2JmMzcxZTczM2JlMWVhNjgwODQ5ZTNiYRi9h77j-TBIABIZCgpwdWJjaWQub3JnGOyFvuP5MEgAUgIIahLCAQoIcnRiaG91c2USrAFRRnNsNnZTRWtrOWppcU1iN3dMb2JPYTJ3VTZscHFWbUFndWcydHhBbEZMZ2E2bnU2RHFWcmM5YUozN1N1ZStIKytOQms5WXpqNG5MYjk5ajNLTWlJSU11azl2WkZxcU5YQk4zaFR3VEQzdVh1TGVMV1Z5QzRjNWhMNGZOd2QxUEkwTkM1a2dkOHBrcTdsL21yV1R3bUs2Znp5UnV6UXZRZVNKdHF1WUVpVEk9GMOHvuP5MEgAEh0KDmVzcC5jcml0ZW8uY29tGIqFvuP5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZbFJNS3pOeU1qaFRNU3RxTkdwM1FYaDNVVXRSZHowOUluMD0YuIi-4_kwSAA.

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90g_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=b48e5775-c9ba-407b-b19a-1ec7c0d7d1e4&l_pb_bid_id=88affffa3f4b5b3&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90g_desktop&slots=1&rand=0.18961601846242493

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4364917096837415&correlator=970868265726936&eid=31072020%2C31073972%2C31073996%2C31074000&output=ldjh&gdfp_req=1&vrg=202304120201&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90c_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=658150668&sfv=1-0-40&eri=1&cust_params=domain%3Dhelpr.me&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956773001&lmt=1681956773&dlt=1681956770788&idt=1246&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=rm4f2llkfr5r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fja.helpr.me%2F&ref=https%3A%2F%2Fja.helpr.me%2F&top=https%3A%2F%2Fja.helpr.me%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1338461827.1681956772&ga_sid=1681956773&ga_hid=2135375630&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YioW-4_kwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANDVlNjQ0YjUwNGZlYjAxMThhYzNiZGRhMTQ2MTQ5NDVhNzAyMjgxM2JmMzcxZTczM2JlMWVhNjgwODQ5ZTNiYRi9h77j-TBIABIZCgpwdWJjaWQub3JnGOyFvuP5MEgAUgIIahLCAQoIcnRiaG91c2USrAFRRnNsNnZTRWtrOWppcU1iN3dMb2JPYTJ3VTZscHFWbUFndWcydHhBbEZMZ2E2bnU2RHFWcmM5YUozN1N1ZStIKytOQms5WXpqNG5MYjk5ajNLTWlJSU11azl2WkZxcU5YQk4zaFR3VEQzdVh1TGVMV1Z5QzRjNWhMNGZOd2QxUEkwTkM1a2dkOHBrcTdsL21yV1R3bUs2Znp5UnV6UXZRZVNKdHF1WUVpVEk9GMOHvuP5MEgAEh0KDmVzcC5jcml0ZW8uY29tGIqFvuP5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZbFJNS3pOeU1qaFRNU3RxTkdwM1FYaDNVVXRSZHowOUluMD0YuIi-4_kwSAA.

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=410000&zone_id=2299328&size_id=2&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_728x90h_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=f7d15a5a-b1cd-4ac0-9c1b-1191983c4a55&l_pb_bid_id=9872d942b578e02&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_728x90h_desktop&slots=1&rand=0.6326213465780772

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692505

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4364917096837415&correlator=4419684477263293&eid=31072020%2C31073972%2C31073996%2C31074000&output=ldjh&gdfp_req=1&vrg=202304120201&ptt=17&impl=fifs&iu_parts=65889844%2Cron01_728x90d_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&adks=4283511922&sfv=1-0-40&eri=1&cust_params=domain%3Dhelpr.me&sc=1&cookie=ID%3Dd7237d798bd112a8%3AT%3D1681956764%3AS%3DALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ&gpic=UID%3D00000bd847307d06%3AT%3D1681956764%3ART%3D1681956764%3AS%3DALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg&abxe=1&dt=1681956773024&lmt=1681956773&dlt=1681956770788&idt=1246&adxs=436&adys=1110&biw=1600&bih=1200&isw=728&ish=90&scr_x=0&scr_y=0&btvi=0&ucis=zbbod8qflcuf&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fja.helpr.me%2F&ref=https%3A%2F%2Fja.helpr.me%2F&top=https%3A%2F%2Fja.helpr.me%2F&frm=23&vis=1&psz=728x90&msz=728x0&fws=384&ohw=0&ea=0&ga_vid=1338461827.1681956772&ga_sid=1681956773&ga_hid=2135375630&ga_fc=false&a3p=EhkKCnVpZGFwaS5jb20YioW-4_kwSABSAghkEhsKDGlkNS1zeW5jLmNvbRi1h77j-TBIAFICCGoSWgoNY3J3ZGNudHJsLm5ldBJANDVlNjQ0YjUwNGZlYjAxMThhYzNiZGRhMTQ2MTQ5NDVhNzAyMjgxM2JmMzcxZTczM2JlMWVhNjgwODQ5ZTNiYRi9h77j-TBIABIZCgpwdWJjaWQub3JnGOyFvuP5MEgAUgIIahLCAQoIcnRiaG91c2USrAFRRnNsNnZTRWtrOWppcU1iN3dMb2JPYTJ3VTZscHFWbUFndWcydHhBbEZMZ2E2bnU2RHFWcmM5YUozN1N1ZStIKytOQms5WXpqNG5MYjk5ajNLTWlJSU11azl2WkZxcU5YQk4zaFR3VEQzdVh1TGVMV1Z5QzRjNWhMNGZOd2QxUEkwTkM1a2dkOHBrcTdsL21yV1R3bUs2Znp5UnV6UXZRZVNKdHF1WUVpVEk9GMOHvuP5MEgAEh0KDmVzcC5jcml0ZW8uY29tGIqFvuP5MEgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lZbFJNS3pOeU1qaFRNU3RxTkdwM1FYaDNVVXRSZHowOUluMD0YuIi-4_kwSAA.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubE2a6bF4rihRKjstPvgbbX_-cHV8c7OSzBZ26_wL1vEoQp26xwQcDMHVnp3d6KhxSMS1vpTCyCVDUj5zODh_VeOw9hLYRkhY0OkMp-bJSTv1asfFWTCyyGd8q51YzWY9iywaBTbbQMCddv9Icgtd2K5JKNGAsdu-fQ9uyS9iGCOkt4IS0tVFXHlHfdxXEdeDqdFsA2CGa3aYoUXuKSmir6JLcMPOda8uSB4c3gPW8H3vnDYjVFN9I6yjaQpCLKJ4OTK1ThfdYtH2TkfQq-GVOarbX9xWBTiiFyuEBbE9ua4_kTSvlPpeOFCLcOgEIU5SCjXg&sai=AMfl-YRH1RQX4kIMr2HI_lksY0j2gVBW5EREIuRiVzwDbXSLUKnYLNNP6sElNlo0XgB1hHfr6itt96g170D8gJEH4LitD38V5s9CYRZS1Wd2xZtFIII0iPU_cJYtGYirLFs&sig=Cg0ArKJSzE78zAMfSwsqEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Domain: prebid.a-mo.net
URL: https://prebid.a-mo.net/a/c

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/openrtb/pbjs?s=692500

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=24022&site_id=409990&zone_id=2299318&size_id=15&rp_schain=1.0,1!saambaa.com,72000509,1,,,&eid_id5-sync.com=0%5E1%5E&eid_crwdcntrl.net=45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba%5E1&eid_pubcid.org=4336cd22-7d70-4dbc-987c-141c1ce94ddd%5E1&rf=https%3A%2F%2Fja.helpr.me%2F&tg_i.page=https%3A%2F%2Fja.helpr.me%2F&tg_i.domain=ja.helpr.me&tg_i.pbadslot=%2F65889844%2Fron01_300x250_desktop&tk_flint=pbjs_lite_v7.31.0&x_source.tid=b472a9b0-0822-466f-80aa-cecff0e30f8f&l_pb_bid_id=6cff5464f3b299&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F65889844%2Fron01_300x250_desktop&slots=1&rand=0.1278540429261732

Domain: prebid.media.net
URL: https://prebid.media.net/rtb/prebid?cid=8CU533H8Y

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.31.0

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Domain: targeting.unrulymedia.com
URL: https://targeting.unrulymedia.com/unruly_prebid

Verdicts & Comments Add Verdict or Comment

396 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.helpr.me/	1970-01-20 11:12:38	Name: ezoadgid_314757 Value: -1
.helpr.me/	1970-01-20 11:12:43	Name: ezoref_314757 Value:
.helpr.me/	1970-01-20 19:58:12	Name: ezosuibasgeneris-1 Value: 72e3d8e1-1403-4291-76e0-b18a39ecf77a
.helpr.me/	1970-01-20 11:12:43	Name: ezoab_314757 Value: mod13
.helpr.me/	1970-01-20 11:15:29	Name: active_template::314757 Value: pub_site.1681956763
.helpr.me/	1970-01-20 11:12:43	Name: ezovab_314757 Value: vmod1
.helpr.me/	1970-01-20 11:12:38	Name: ezopvc_314757 Value: 1
.helpr.me/	1970-01-20 11:14:03	Name: ezepvv Value: 0
.helpr.me/	1970-01-20 11:12:38	Name: ezovid_314757 Value: 750885119
.helpr.me/	1970-01-20 11:12:38	Name: lp_314757 Value: https://ja.helpr.me/
.helpr.me/	1970-01-20 11:15:29	Name: ezovuuidtime_314757 Value: 1681956763
.helpr.me/	1970-01-20 11:12:38	Name: ezovuuid_314757 Value: c864237d-4f8b-47a9-5f40-1f45824b4d13
.net17.biz/	1970-01-20 11:55:48	Name: uuid Value: 6ac70875-192f-4f49-9e95-e96be305fe6c
ja.helpr.me/	1970-01-20 20:48:36	Name: ezds Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
ja.helpr.me/	1970-01-20 20:48:36	Name: ezohw Value: w%3D1600%2Ch%3D1200
.yadro.ru/	1970-01-20 19:57:54	Name: FTID Value: 1aG9-S0fEsuY1aG9-S0010C6
.yadro.ru/	1970-01-20 19:57:54	Name: VID Value: 1trY010PiHeY1aG9-S0010Df
.quantserve.com/	1970-01-20 20:42:51	Name: mc Value: 64409f9c-aeb02-03afb-6db66
.helpr.me/	1970-01-20 20:37:05	Name: __qca Value: P0-2035593922-1681956764595
.helpr.me/	1970-01-20 19:58:12	Name: didomi_token Value: eyJ1c2VyX2lkIjoiMTg3OWM2ZjctY2U5OC02MDRjLWJmYTctZDIyNDBhNDFmM2JhIiwiY3JlYXRlZCI6IjIwMjMtMDQtMjBUMDI6MTI6NDUuMTcyWiIsInVwZGF0ZWQiOiIyMDIzLTA0LTIwVDAyOjEyOjQ1LjE3MloiLCJ2ZW5kb3JzIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZW5kb3JzX2xpIjp7ImVuYWJsZWQiOlsiZ29vZ2xlIl19LCJ2ZXJzaW9uIjoyfQ==
.helpr.me/	1970-01-20 19:58:12	Name: euconsent-v2 Value: CPqhjwkPqhjwkAHABBENBACgAP_AAH_AAAAAHFNf_X_fb3_j-_59_9t0eY1f9_7_v20zjgeds-8Nyd_X_L8X4mM7vB36pq4KuR4Eu3LBAQdlHOHcTUmw6IkVqTPsbk2Mr7NKJ7PEinMbe2dYGH9_n9XTuZKY79_s___z__-__v__7_f_r-3_3_vp9V---wOJAJMNS-AizEscCSaNKoUQIQriQ6AEAFFCMLRNYQErgp2VwEfoIGACA1ARgRAgxBRiyCAAAAAJKIgJADwQCIAiAQAAgBUgIQAEaAILACQMAgAFANCwAigCECQgyOCo5TAgIkWignkrAEou9jDCEMooAaBAAAAA.f_gAD_gAAAAA
.helpr.me/	1970-01-20 20:34:12	Name: __gads Value: ID=d7237d798bd112a8:T=1681956764:S=ALNI_Maeo0BxHeRBhzPrkuLr5U4mTC_VhQ
.helpr.me/	1970-01-20 20:34:12	Name: __gpi Value: UID=00000bd847307d06:T=1681956764:RT=1681956764:S=ALNI_MYSvlK-T-F6SzZX30i1G4OmFlOujg
ja.helpr.me/	1970-01-20 19:58:12	Name: ezux_lpl_314757 Value: 1681956765642\|749de0bd-968b-4828-750b-a0b176399916\|false
.doubleclick.net/	1970-01-20 20:34:12	Name: IDE Value: AHWqTUnIh5JdIRoKdK95q0upx1twj6ZGH9m1AzSncEjL_YQBLBwCG-rfhjqVcCvJX0Y
ja.helpr.me/	1969-12-31 23:59:59	Name: ezouspvv Value: 160
ja.helpr.me/	1969-12-31 23:59:59	Name: ezouspva Value: 1
ja.helpr.me/	1969-12-31 23:59:59	Name: ezouspvh Value: 160
.helpr.me/	1970-01-20 11:12:36	Name: lotame_domain_check Value: helpr.me
.criteo.com/	1970-01-20 20:34:12	Name: uid Value: a33dfcfd-708d-49f1-a94d-b257fcfe0c2b
.openx.net/	1970-01-20 19:58:12	Name: i Value: 6d32fede-bdbc-4b5f-a3e2-3c00c7040a43\|1681956766
.crwdcntrl.net/	1970-01-20 17:41:24	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 17:41:24	Name: _cc_id Value: fe4c1b6b0f7789c2f51fb25dea015f6a
.helpr.me/	1970-01-20 17:41:24	Name: _cc_id Value: fe4c1b6b0f7789c2f51fb25dea015f6a
.helpr.me/	1970-01-20 11:22:41	Name: panoramaId_expiry Value: 1682561566603
.helpr.me/	1970-01-20 11:22:41	Name: panoramaId Value: 45e644b504feb0118ac3bdda14614945a7022813bf371e733be1ea680849e3ba
.helpr.me/	1970-01-20 11:22:41	Name: panoramaIdType Value: panoIndiv
.doubleclick.net/	1970-01-20 11:12:40	Name: DSID Value: NO_DATA
.lijit.com/	1970-01-20 19:58:12	Name: ljt_reader Value: GgokvSZHVmp10dEHTfqj1LzE
.helpr.me/	1970-01-20 20:34:12	Name: cto_bundle Value: BGl0JF9yc2ZraHl0Wm0zbXdYV2JHZ3JMeTd1WDltelFxRzE2UzRaZkIyakoxd3dZQ1ZZaUFZVXIxaEpkQk1RMXBLZiUyQlpVc2RleCUyQldhY3M0d0IxRHgwdDh0ajBORk52d293ZkZyOGtJM1h1cnV6djl2ZWpLVkFDVGhlOVhFam5sYmxtb3RQNmlyVDA0Z1hDQTY5cGNKdnZYUkdnJTNEJTNE
ja.helpr.me/	1970-01-20 11:55:48	Name: _pbjs_userid_consent_data Value: 2959936549484540
.helpr.me/	1970-01-20 19:58:12	Name: _sharedid Value: 1e7ee197-d6fa-4f2b-9209-7169a3916954
.adnxs.com/	1970-01-20 13:22:12	Name: icu Value: ChgIuOw6EAoYASABKAEwoL-CogY4AUABSAEQoL-CogYYAA..
.adnxs.com/	1970-01-20 13:22:12	Name: uuid2 Value: 477910156417247956
.sharethrough.com/	1970-01-20 11:55:48	Name: stx_user_id Value: f407206d-348d-4b6d-bb66-b5bb5b4aa5d3
.rubiconproject.com/	1970-01-20 19:58:12	Name: khaos Value: LGOHMSR3-1O-M1B1
.rubiconproject.com/	1970-01-20 19:58:12	Name: audit Value: 1\|hLZGFuTafB2YU9JmEVGWJ+fhqFI7AU9U903mtsHdljBAH8VjKpsYpBmnNpoqK9+hgjoSXYcAsB/+zllRua5IrLZmhrsy3pD03r3wLNsrqGq4MZ98Oa+s4DT3TO2JMa1yRWo18ipToK3SGRxoUOrL1wMInr9BjhGitjm1UWhcpUr4pTwMvr4eCfXWpVgbrEUY7gIryf7hw2WVvTDKeBMo/ctbfBPaItMtW0J5Ra0TdIYBpZ5vJwKMQ/Lq/5bBvkHjl8B//GsYF2xyBVkTvUZJ66MR+PAOGVBa/CDlJVriG6oRC6ADN+CyAft/HoLdY9tm4s6JcOLqEKlSLX5qoTF7FUroQK9EHg78+s6kxEhmQ+hoJ7zPhoibljOJDYlodDjGi2wYVWuxwYDtlcTdULw4ZS1NOltM45YDaPt0woQm73FYbDQbOoLtCRCQ4oVz3mCdX4SPB3K3turMwCRBINeFtcZiESbvIlj4HT2FM8z+VfjR0cSUKpr1Jo5o7RLuPXHPnELWSZJa7UQpFqF32PngCO+HejINS2Lu+MiKpgTzF9nneCbpQhW9RMrtlrc4YxqLIHeMiXsDmXU=
.yahoo.com/	1970-01-20 19:58:34	Name: A3 Value: d=AQABBKCfQGQCEBpyUoJYlenh8RAVU25q7M8FEgEBAQHxQWRKZAAAAAAA_eMAAA&S=AQAAAhdtIdBh4xv67Qb6Lk44saA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn1.helpr.me/wp-content/uploads/answers/560/5B4IQLUBBEpic.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cdn1.helpr.me/wp-content/uploads/answers/561/NRNAT64IEJpic.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://id.rlcdn.com/710489.gif Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31902e43e75022c28f09f121f6e3f9ef.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.nl
ap.lijit.com
api.saambaa.com
b1sync.zemanta.com
basher.ezodn.com
bcp.crwdcntrl.net
btlr.sharethrough.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
c3.a-mo.net
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdn.zx-adnet.com
cdn1.helpr.me
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
contextual.media.net
core.iprom.net
counter.yadro.ru
cr.frontend.weborama.fr
cs.media.net
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsp.nrich.ai
esp.rtbhouse.com
eus.rubiconproject.com
f03146c6e388bc32fe9525f9e4659515.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g.ezodn.com
get.s-onetag.com
go.ezodn.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hb.yellowblue.io
hbopenbid.pubmatic.com
hbx.media.net
helpr.me
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
imasdk.googleapis.com
invstatic101.creativecdn.com
ipac.ctnsnet.com
ja.helpr.me
lb.eu-1-id5-sync.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
medianet-match.dotomi.com
mug.criteo.com
net17.biz
oa.openxcdn.net
oajs.openx.net
onetag-geo.s-onetag.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
saambaa-static.azureedge.net
saambaa.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
simage2.pubmatic.com
site2text-2021.web.app
static.criteo.net
storage.googleapis.com
sync-pm.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tags.crwdcntrl.net
targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.ezojs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
adservice.google.com
adservice.google.nl
ap.lijit.com
cm.g.doubleclick.net
contextual.media.net
fastlane.rubiconproject.com
htlb.casalemedia.com
image2.pubmatic.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.media.net
px.ads.linkedin.com
s.amazon-adsystem.com
s0.2mdn.net
securepubads.g.doubleclick.net
targeting.unrulymedia.com
tpc.googlesyndication.com
104.109.78.125
104.18.25.185
107.21.13.225
134.122.57.34
141.95.98.64
142.250.185.66
143.204.89.74
147.75.84.158
15.197.193.217
151.101.1.108
151.101.1.195
151.101.66.49
161.47.17.28
162.19.138.120
178.250.1.11
178.250.7.11
18.197.163.138
18.66.112.32
185.177.94.108
185.29.132.245
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.80
185.86.139.93
185.89.210.153
185.89.210.244
193.0.160.130
195.5.165.20
198.47.127.18
198.47.127.20
2.18.235.93
2.19.228.187
2.19.35.65
2001:678:cb4:bbbb::11
213.155.156.167
213.19.147.42
213.19.147.45
216.52.2.39
23.35.228.23
2600:9000:2250:9c00:a:e047:752:b361
2600:9000:238d:9a00:6:44e3:f8c0:93a1
2602:803:c004:200::140
2606:2800:133:206e:1315:22a5:2006:24fd
2606:4700:10::6816:3556
2606:4700:20::681a:9a9
2606:4700:3032::ac43:c960
2606:4700:4400::6812:220a
2606:4700::6810:5614
2606:4700::6812:18ad
2606:4700::6813:9f13
2606:4700:e4::ac40:a602
2606:4700:e4::ac40:a702
2620:0:890::100
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:812::2010
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a02:2638:3::3
2a02:2638:d::d
2a02:fa8:8806:16::1400
2a05:d018:d29:3602:f896:3671:b11a:dd53
2a06:98c1:3120::3
2a06:98c1:3121::3
3.122.1.235
3.75.62.37
34.102.146.192
34.102.253.54
34.107.148.139
34.111.113.62
34.111.129.221
34.120.107.143
34.195.128.39
34.96.70.87
35.186.193.173
35.190.39.111
35.204.158.49
35.214.153.92
35.244.159.8
35.244.174.68
37.157.5.142
51.68.39.188
52.210.241.143
52.213.87.210
52.214.145.221
52.28.203.152
52.29.58.65
52.94.222.140
54.228.67.66
63.32.147.164
65.9.66.33
65.9.66.68
69.173.144.138
69.173.144.139
70.42.32.127
72.251.245.179
85.114.159.118
88.212.201.198
98.98.134.242
018e34b7ddee8bb6fcd058f7bd6ff05d428e2cb3f475670cb7dc9d6f1ac74af0
018e53af1545ff47e724b476aa4f8ac5278639f1d953819a05a9ce2246a029b2
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
03aad58f643224f6ce0d2172cb2ed55ca8129bdab96873e2d4ed033972f0c800
04149c43558d59b2f0f2cc3f679979b915401ca5c94e833479ca9ea754db0b89
04f2990372c89f6ab2b405b62ab69b27236230a16dae2c5f8e6bead0a1039e7a
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0614b61992055782387549c84e194b6c1fded276033f60cad0dbfb04e8427fd6
068d6277a1545ce56803f5d3c54543ecbb01fee565a0051ec0efd030cbf88525
07eb8d28fab53222d5db607d52ab36de4824b00a46c386ca310330072ae1e1b9
0b7d61449e3a4bdbb007299599a75f28d010589184924c8108199728d7a8b6a0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
1245c1a072bf0abcdebec57d0cbcd07268ebbfb0f67a0a30d8221a786c0537cb
124751881ec1faad71532322ef7eabc6732d9e6702975d7837be16be75cf9af4
1369c2b65501181b124fd3e1987ccb6f1737afdb07888b0a5a2d7b90e7457532
139b5bbf6aaa835413c9de4f77fac25469a9ea4976e4dbda20b29bd0e63eef81
156770747a691d972e24ba7d68545fa30a4cae29d9c4f2baf852fe71848d3e16
16074282cb8d5d6d89b6509e6c0632828a7c259ed0f0391225bd9ede916ff899
1648395d6807abe0c0bd28652b40dc98afd41c09ce5d14fbe2281c9262cdf54e
1658b9dd0584c18d10c2e8f07c22c0a8d35dddb911522cd3c40f1c9eb449f71f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18dc46619c607cb7bda5b44e8a7459207cb2377bb77ed717a6b0e1124a59a206
199699dac3dc19f4fd2a9d8eee629ee5188bb21bb5326a57669f605bcce8cb7b
19d96e062d7e164a34e2a7773fab8c722f36ea442d2b944ce5cb359c8b78fa01
1ae367420c242e83f64dd6cba96fca46a5285d40116c0e849c7752d40303c1ab
1ae559d338ee612c0a41b6b4ff435d7e41ad41555ca9a0829f7ef6b3dbdb57a2
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e4b6cfc681c92695b0d2cc772e274d478238274edc5d562810e4fb608e061af
1fe2a11c057f5d56d3cc09d4f3047aefe9c9f1e6356fc18197e1c0d931d21934
21bd4aa6d7f861f9c210ddbe2405289b4227a556465fecd60ae7d04edd11f63c
22ae1f8903e45a21df26ed07d3b591a9c5acdd54eca0f61666c35e2edb8c1f3a
238b216c50362dd4399fb6ae2471f4dc953af4e6ab2d421ed9dc4c9f9ac2f260
23bc1d893ce2d2f30b68e549aa3cb991c2a7b7dd87e3df67d9fbb6a8dd113bf8
25fd80e76ad57b33e1b806dadb29d572f4e8b16629022754b6923c01b6bf5c4d
2687a4d845c445c6cfbc1473dba8865d5ee092edc8f910e91867893b7963ccfd
26d05f70230de4b369f46f860486636cfd84de359adcfc9f1f76cb67439c5f0b
26f2c1abc7720059c2f88aac37f0b15cd551c1b69b522eef0bf782cefcc98dc5
28ea8055f444ec3842d9708b362a3cce75256183bf50260a5dc9f43c089a3028
293e7cd31bbd00be5b32a22174d1b564980b991dfb1d203ec9e8f4fc429ec336
2a379cf63567796698d75a04f4f49c11fbf652effd3b69b3666c45c77789c56c
2ad23fc828ded4dce577a950d75e5facbba404ee0c3d5e5150e71b206cb2f988
2c0032c94445a34c4690f2191dc60bde036bee287a650afa76b28266657907e4
2c470984efff845d5290f15d3a01552b4bff15c1e40a48c944233a5bc5f69539
2d4faf0d5e9feb082bf1172808d8ed5842e5f9ee7c58cfca5862bb633decdbbe
2dcd851c16eac07dfeb10c15839ace215538cc83a9a6b5a2637b1167f8f1e58c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3f605d16afcee3819297e332b625f4d7820c622eff38fb08786634c3c38257
2eb6a411458f13d51a461c000c14c0304b4a1c0fd54b6d1753f197fc831e990c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30d72e77e56e40cf7f53e15920e896c5d74b428fca2cf7a636b32902194573cd
31509a4170cb1ac359e74587a0ace83b6db064a65deab257fea8e9cce585e46e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325907e8dc512f0521e0d9d8f0007ccb6aeeb16db234e1fa7a6db8dad492275a
3290d628906b29fc7145b10b6d24a21e91b7f568b7b78d0058c747cc7be5875a
32ff3e30d6dcf78ec11be5efa25737f62e02ee4ac43ae5e2f9adf862ed823b42
36b51237a514c8362d64d43c17abd3d4fd2e3a586c8a55c32bfde0c0e1c114aa
3a7522d02dbbc03101dfe3d8cfb3b0ff1c974af884931a79477056345c306648
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d75783322363933cc37701a1005efd314c44fa5a3cdfdc2ade4ea3745393dd9
3e93605957ed22d8200ed2843ed29be8a9310f8d43575b3491ef77445fecb2be
3e97922b8d6d6d5a7d1f437e8eb0223f3bfaa65238b97003871501dd96ebb723
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2df3b6c31cd31b124253a8f3dee1e603f193588d9723f914d1ceadf24939ba
3f31c9ccc02068b9feef0ee11e9029e29fc826e6559998e57ab1b79f7d3a7c24
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fe6eda7328d20df4ecb995cf5a7219e061bf32ab3577fc50a48b284fa5f2305
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
42f641ab2dcc12e5e87b4409200c833564211390e354a7df86d63aec58d46937
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
446b97e70c328363f2cd5fbc1eee6d8307ee92ef0a8e894bbca5409e110095e4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48eedf1f08475955b4ab2ddf940838700d3fee5a27e08fa17cba13f79447c6e4
4bd10fa4ee1cd3b8fc26d592224ca0d6f2f955eb84e935431983de2592e4f2a0
4cc5ffc6994a090798953604b113622bdbdb9373546a8dee4dddc7d118771520
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e584899df7b1439dfaa1404ed9fae0384272a57efe40d12dba9e1d932812016
50a0d2d310ced6791f7e8b4e5d001db70220b6e268bb798899c5599d7b88c878
51555bded2c8b54a493c8cd1669398cc2734caa77afbdcbca86b43eb59b05948
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553583e026ffbb43a7b0dc8c1bc4556b509803c22b02df2b5be87d927ae4b543
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5712ba7d3ed78eb1d49d0c8982ea8aa5bdc53c54cdcd84bcf8e166ae8711d45b
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a767e3a4a89fd5d5747f2e60656de81560b8d24575c7be5df0d541906cb86ce
5aa7972fb47e02eaf8e57d570eea034a5b411f2388aa12be8177317a2bf41660
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e95bd13d1e11b89ee282c1b0974782931c08851a0d31cf0ca655b88220fe248
5fb2f91a5e81b7ee88bf4873be9c372c88b89014060448123ebdc00ca10450d9
60d19fcc26403308bd021dd6ce6588cca81c6a42a34472277186bad9a4155022
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63d78095c3afe19798df6d41d167a72b3a8d3eae51202885db3fd0db38c8a3aa
6a2113dc2161b0e699b96ba82bce465ef27c236467b4b36dd275a4c2f0f6595a
6b404319f878b82e7e706ede89f23418785d9f29881cb7c54ae49bae3537b3c4
6d38f93e0cc2e944ef855fdf26cdc339d65cea8ea45de2037014ffa6aa3fffa6
6d5bea8e0cdd9848eedee10232ad1498f8027e66a5d9ccee1d052622247ada7f
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
71fc1599035adc6bc34df2117b8631285905f97737ba730af28644ee6a0d8dde
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
73531d638270a6d89faa7f7d34271a8650ca40051ac537f327c04fefe157c97a
77bed2bf311ba2a0a56a8c99d5d2323a66b6602c7b53082cfdd7ea9f531f8ea0
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7adc3d0bed512fd2217547448018a620ce6407227e98499d17997f6f21f68678
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7beca39d49e8bbc677063eb8e00aa86d3e1c1342cda2e33f9e439387333c0aa3
7cacf828756357d17879273d4ffb12f21aaa9504f72817f119bbdc089f0e9be4
7cc118d7938d5bf18e341cb41a1417e7a329758c2f1615147262accd02517b12
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7fc5d1f5305043cfb61dc5e025b2181be1d790e8fe16246704ff8b27784c36b4
803dc63465511dc3412691e58678594ddcde0bcc7c5d29dc355804b43f515e3e
808dc23a7e506d11a2923f56f033196f6879f003ffe3f911644a7ab6b1d2f05b
815af1c878812cb0cb226f9922c9197d78cd6200b7a23ec63276b554d1d6f7f3
8203d352db1b99c99a4b5ef4cc8a880bd1c96b2cf3c689d8f5ce82bcd1b47333
82048bca4b9f00ce38d8cb61e1105c12871d013ece060928d067c9a21c3df075
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8485359cd8d24b6223ae8bdb2839d904da8399f6cb30c02e13dbf1078c7d7c4e
85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1
8601386271d3ba06c1135a092613135c5da90b3732a8196e4761faf4b1afdc69
8954b314952fd57a6c7ce37c2471f124d54092c0a4909e983fbb7eff76b1491d
8ad86962f28516649fe92336bf23f8fb3eb3fd06dcfa27215b8aa3b00b2a319d
8de5e0477041ba542f773dac9a2a9ca9be9adf709b199dcd2bfbcd07b03cceb6
8ff5de273d8207f4f756e69d6bfb38a4579768fbb11a1d5ea5a09817b519cc0a
90af63469388eb727f117311c588de314c03919ce82d08058f7248f308ca9d5b
90db7c2929c1f8fa3cb7be282e5c88ce131312749bb86d8eed33f6757e57f772
91b133ad0518dbeed5d6f09f0e1338966ec706dcf23ec5a28821cc5bc25cfb6f
91c2f094211bd3a6ad9b69ee4731a8adab4622d225186ec118d69ebb79950731
92cf292bcd6f8b25608682634dbcbfb6b426097b95f1ca7ffc4eb03faaab6bcb
95c66e3c0f3017f8e7a6bbed95f3efc3a8c5870a1f73bcd163a7fafc298b2a9b
964fbf47690bb02bb532a4e3261360d8822761b79dbd42dc21cf78722ba48db2
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
98419c48a16e303f04fcb197b8f711006129540fd04fa18133d79abb83eff44e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c99af258943f5efe5689a6803d0470de89dbb21bc19eaf3259a47bc07d2a88
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9b97214d49d8b5a825d35faa6ab53f99c531802a4a335c51f6494e115f1318d4
9fe2da28a064822c24ec89b3af1fdbf3602ebed1fe71e915f226f37b102f7aa6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a15c4280b21640ceafba6316f59cfdb6f3d3c97fa89a1af112aad69487058a55
a1bc3a233171cdadc68f193a3a46c5c6343de4bff0809b7808257cb0eda0659d
a2862c9e532e9e51ea7ca8d7c96bb602a74e31396f9c5be127dbea7c5adfc227
a29b448bb296139b0ed6d98f3a706565ce5f94227e9014647fcce2b13c2b4782
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a759401d50e6468970369920f8755b6af379f78b6ce1c255248b4a73c5edbc75
a80bc624f7ab3177dcab36c63396d6b7b3f18c41fd09c7a3e5b54792d566904a
a90f66c347247549c2704fdf460fb67a9a0c68b52eae538cbf74d4e3e13cd7e0
ab3d21f75e40679d602330e34b3308db7af348b0d7ef9b483b293b51486e2769
ac2496757a27b4f4fa13ada1c0c545565b513ba62bfc274ad46982118a0c5330
ae2b3292ce4d22938259dd7e2d411ef3e498276837fbcc0475af40237b608f1f
ae47cb8abefb03db2c51af13f5d2f6da22a81e23417e5bbf1f65facac360a6b9
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1b3b73852f7856f1a0f317701846bc7853eb5b127ba882c23c5073dbe6d022d
b623eda9e64020acbcce7043369c37798958346faf6ab307b3b005485906237c
b6276bdfd4e4844bffab5fc63afcbf296b5ab01ffab5ec61c7c513ba41089d09
b67887ff45ab4add12045686e435d16a521d1b8e66375fd47c73d7ae097ff100
b6cc2d01180352016fde66a57dd28ec5466fbb12994c928ff81fcc1df0ba0219
b7f5d70a1071fe2f8b9e45d9befbb788d9912d50f7dbc60e5728bdf837a21d08
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bb0295f2b3718cefa4f2c1c646cdc670b16724a4f881f1d7bf397f22cc72d98f
bc6d5c07e840b1fc34819d361d752c41e53520899437142ccfac909fa37b8e4c
bef32774efac186b8a10d135d1bfe1612401396e841c36078e6f3dee8f7993dc
bfda27d8d55aabc600ce1ed7cce50d374c15d4e9b8d79ac66ffd61bcf764a58b
c09dda2cfc05892463b64a687169e7240f08686e41010bd050f4286d77c921f3
c12d75d9c6ebfdda1532d3898106f7a57e47d711010bee3dc794e30983e107d4
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c2c25bb39f8efa8b490d7c22d2f4ad85f62b78f0fcc7b0aa74c6771f017a55ab
c37a134e735f9a3dc9916bbed8f5e576f89b9f26537a59544d74004962b1a8ef
c5663a1ab2a975aedc88dbbf644d92980a966b614286321a39baac756077b738
c5df855bb7f3551f87eef4460c632047936ad10699f9c1bc5b4495a8751ae9ae
c64f6ce78bcc68cdeaaf3a95e65da839ab4fe46ae5846ad17824ba4d4da1221d
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c979dd9c2767c5f380c6a2b55bc4ace9177ff3880618650ca6fbca4ee9936c1c
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
ced84efcde489ad14ae9873f040f5b8bcd97eecb0fe6af40f1d21d7e39d3aaca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7e40f904b55ac62a0e13527f83e0ecf0b6f98931f9873fae72f3c06450bc60
d25625c09836b07155bc4a38e51c9a9e8009ba7bcd865d5b8a16a47c97d7c5af
d33f7513fa0e7c91f0612b7ef6e44aadedc1ea2165b737d22c425835ea130b96
d38196a3c2cd9d1b9601c1fad699d624cc566ae8458d5bc8298eac6143af7c6b
d5fcd012456b8cfe64ca66586e63ecf32f389b7b6ba4d8b9241fb5ca6b190e93
d69acbb6d5739ce765491bb59851935a5c5ba692d5e0880a1c89d15c4c749575
d6a5e09e10f94077749be842a39eccdb423df69e86b81b279683fcfc33ad443c
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
dc244e5235c74f867c9e22e46a234ffd6b37bcb282a09ef9152e51638c94e689
dcc0b6437eeec474b65774198371749c6e3f11c12b0bc14f3a971714d0d0e52b
dce8ae752b8ed25d878707381a347b8889bfde191cd468eac141c5526a1f13dc
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e111a3850d781cc4bb9983b28613414f9a59af060c2860692d56809589c663b3
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e34a478c515f50dfb1d2116344b1a27dd434d2221ce5088a6c9b4ca61f55c44b
e3a4f88e910ae8c02a8ea28994983972195bab4636486d751b1820ae8880969f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67995a8f081e2e50bedc8cdbc2b52b096b6e2ba7aa3d663c6c78acef1dd7473
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e818352ba74f382ae94145bfa8d6dceaa1e2f76fdc34cbce9ff269500014f17b
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9d3165c73a7f6243cdf07498cf37514d3128c1de540fa02d8a6d6c5fdf09db1
ea3c944a4fa67cdb7009c6de5cb561faaa8bbcd6374d1a7d868753779b7754a9
ed87a83a9df154b61d76e8b9b53bb9d23db3eea194e66bca6b575e3e4f7a57bf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f181cdb050654407e8679ee762b6b40c59d731bd11154f9decf9a7b1c44b972c
f2df3eeeb8525890c99cfe6ba3159e956ca67d0bf4b49329d1451f5fc5c9d91e
f3abc18589050057902e9edcdde474b12fa736112152cba13129fa5fdb507697
f3f47d6a938ede7a828ca47022eee50835e4c9375f7ca41581fa94e25c8e950e
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67aeaa72f3d47e55fb2b4d3ae23a5635be6c480cea318e99ae1c820a1ff1819
f7908dfcf512fefb352eb167546e4824cd359837c58bb22c27fd8d1a0c21cf83
f805f3327bf2c1b226316ab617a4773d997e48963c986193d483a26d52fba06e
f826d3c602601ff720eaa18ab44aa6bddd175fe4a2591d5efa86bf58bd6eee40
f8868a1b5553493d5bc361fe46795f78b254cc2a5c061aff46b6b116b9bd0320
f93788fadf08a63fe91f2df0eb2c31e2e1ca26355d1f0420f78af4dee8382212
f9d9c7a87c8d45bf544e7e77ebd3e5ca06c28c690e4c36bf6def49fa95326941
fc15c057426fd790c4838f7e7ec9393e21adc29ca7d2d6627cf14e19cdc2594a
fe9c1438202b0793620084b3aa72aaeb35e7f82a750e20cc2131abdbbd7bc26e
ff4b703a37dc11dbca28199ebaa29bfd85fb3793138fdc9bb2b952954d098b68
ffa682c3929427d6a36a8a21075a01eaa646357bf9f5634d5971ca48ef7c0441

ja.helpr.me Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

473 Requests

82 %HTTPS

35 %IPv6

80 Domains

129 Subdomains

89 IPs

7 Countries

17256 kBTransfer

23521 kBSize

48 Cookies

42 Outgoing links

Page URL History

Redirected requests

473 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.helpr.me Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

473
Requests

82 %
HTTPS

35 %
IPv6

80
Domains

129
Subdomains

89
IPs

7
Countries

17256 kB
Transfer

23521 kB
Size

48
Cookies

473 HTTP transactions
7 data transactions