ja.natapa.org Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ja.natapa.org/
Effective URL:
https://ja.natapa.org/
Submission: On August 25 via manual (August 25th 2022, 8:48:31 am UTC) from JP — Scanned from NL

Summary HTTP 283 Redirects Links 37 Behaviour Indicators

Summary

This website contacted 65 IPs in 14 countries across 54 domains to perform 283 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ja.natapa.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 11th 2022. Valid for: a year.

This is the only time ja.natapa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:21f... 2600:9000:21f3:ba00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
6	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
10	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
2	2606:4700:20:... 2606:4700:20::681a:9a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
6	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
9	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
21	2606:4700:10:... 2606:4700:10::ac43:2ac9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 14	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
3	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
12	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
5	104.19.133.78 104.19.133.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a02:26f0:dc:... 2a02:26f0:dc::6853:41b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	51.255.140.94 51.255.140.94	16276 (OVH) (OVH)
4 7	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	193.70.56.179 193.70.56.179	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:400e:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	51.255.118.95 51.255.118.95	16276 (OVH) (OVH)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	141.95.98.64 141.95.98.64	16276 (OVH) (OVH)
10	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
3 17	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
3	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
3	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
3 3	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
6 7	52.45.33.138 52.45.33.138	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:20e... 2600:9000:20eb:1800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
6 6	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
3 3	52.0.58.172 52.0.58.172	14618 (AMAZON-AES) (AMAZON-AES)
3	69.166.1.10 69.166.1.10	27630 (AS-XFERNET) (AS-XFERNET)
3	3.127.128.58 3.127.128.58	16509 (AMAZON-02) (AMAZON-02)
3	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 9	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 6	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:d29... 2a05:d018:d29:3605:a43d:cfec:dc69:3aee	16509 (AMAZON-02) (AMAZON-02)
1 2	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 1	34.203.176.63 34.203.176.63	14618 (AMAZON-AES) (AMAZON-AES)
1	37.157.6.248 37.157.6.248	198622 (ADFORM) (ADFORM)
1 1	70.42.32.95 70.42.32.95	13789 (INTERNAP-...) (INTERNAP-BLK3)
2	185.89.210.153 185.89.210.153	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	54.225.147.239 54.225.147.239	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a02:fa8:8806... 2a02:fa8:8806:20::2040	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	185.183.112.155 185.183.112.155	60350 (VP) (VP)
1 1	2606:4700::68... 2606:4700::6813:ac6c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	52.19.186.186 52.19.186.186	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
283	65

27 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ja.natapa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.natapa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

natapa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:ba00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2606:4700:10::ac43:2ac9 (United States)

ASN13335 (CLOUDFLARENET, US)

useast.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.quantumdex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.89.210.141 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.19.136.78 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.133.78 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:dc::6853:41b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optoutadvertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.140.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip94.ip-51-255-140.eu

rtb7.adscience.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.70.56.179 (France)

ASN16276 (OVH, FR)
PTR: ip179.ip-193-70-56.eu

um.adscience.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.118.95 (France)

ASN16276 (OVH, FR)
PTR: ip95.ip-51-255-118.eu

views.adscience.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.18.19.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.228.23 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.45.33.138 (Ashburn, United States) 6 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:1800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 188.42.191.196 (Luxembourg) 6 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.0.58.172 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-58-172.compute-1.amazonaws.com

ssp.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.127.128.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-128-58.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.96.145.246 (Vienna, Austria) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (Beverwijk, Netherlands)

ASN3356 (LEVEL3, US)

usermatch.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.46.130.91 (Ashburn, United States) 3 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:a43d:cfec:dc69:3aee (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.182 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.203.176.63 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-203-176-63.compute-1.amazonaws.com

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.6.248 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States) 1 redirects

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.153 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.225.147.239 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-147-239.compute-1.amazonaws.com

sync.extend.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2040 (Singapore) 1 redirects

ASN41041 (VCLK-EU-SE, US)

casale-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.183.112.155 (Paris, France) 2 redirects

ASN60350 (VP, FR)

sync.adotmob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:ac6c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.186.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-186-186.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	159 KB
28	natapa.org 1 redirects ja.natapa.org natapa.org a.natapa.org	682 KB
21	quantumdex.io useast.quantumdex.io — Cisco Umbrella Rank: 11194 sync.quantumdex.io — Cisco Umbrella Rank: 5026	5 KB
19	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 230 acdn.adnxs.com — Cisco Umbrella Rank: 604 secure.adnxs.com — Cisco Umbrella Rank: 463	76 KB
19	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303	245 KB
18	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456 dsum.casalemedia.com — Cisco Umbrella Rank: 1387	17 KB
17	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7117 c.mgid.com — Cisco Umbrella Rank: 5010 cdn.mgid.com — Cisco Umbrella Rank: 9229 servicer.mgid.com — Cisco Umbrella Rank: 7251 s-img.mgid.com — Cisco Umbrella Rank: 4261 cm.mgid.com — Cisco Umbrella Rank: 2193	202 KB
13	rubiconproject.com 3 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015 eus.rubiconproject.com — Cisco Umbrella Rank: 582 token.rubiconproject.com — Cisco Umbrella Rank: 711 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 959	32 KB
11	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com fonts.gstatic.com	200 KB
10	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	327 KB
9	onetag-sys.com onetag-sys.com — Cisco Umbrella Rank: 746	1 KB
8	yahoo.com 6 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 278 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488	2 KB
8	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 407 mug.criteo.com — Cisco Umbrella Rank: 2790	2 KB
8	optoutadvertising.com cdn.optoutadvertising.com — Cisco Umbrella Rank: 124535	182 KB
7	adform.net adx.adform.net — Cisco Umbrella Rank: 3944 c1.adform.net — Cisco Umbrella Rank: 612	2 KB
6	amazon-adsystem.com 3 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 282	4 KB
6	betweendigital.com 6 redirects ads.betweendigital.com — Cisco Umbrella Rank: 2016	4 KB
6	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 7896	1 KB
6	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 922949	20 KB
5	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1301 id5-sync.com — Cisco Umbrella Rank: 508	16 KB
5	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 492 image6.pubmatic.com — Cisco Umbrella Rank: 634	84 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3880	72 KB
3	unrulymedia.com usermatch.targeting.unrulymedia.com — Cisco Umbrella Rank: 3180
3	lijit.com ap.lijit.com — Cisco Umbrella Rank: 654	831 B
3	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 544	103 B
3	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 992	1 KB
3	disqus.com 3 redirects ssp.disqus.com — Cisco Umbrella Rank: 2420	1 KB
3	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 740	717 B
3	media.net 3 redirects hbx.media.net — Cisco Umbrella Rank: 1697	1 KB
3	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 8352	49 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 371	916 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	130 KB
3	adscience.nl 1 redirects rtb7.adscience.nl — Cisco Umbrella Rank: 347650 um.adscience.nl — Cisco Umbrella Rank: 376070 views.adscience.nl — Cisco Umbrella Rank: 347751	328 B
3	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1232	204 B
3	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6497	525 B
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	42 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 590	645 B
2	adotmob.com 2 redirects sync.adotmob.com — Cisco Umbrella Rank: 1370	614 B
2	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 851	842 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 2218	24 KB
2	optad360.io get.optad360.io — Cisco Umbrella Rank: 27697	556 KB
1	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 458	507 B
1	bidr.io match.prod.bidr.io — Cisco Umbrella Rank: 504	430 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 476	683 B
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 942	432 B
1	dotomi.com 1 redirects casale-match.dotomi.com — Cisco Umbrella Rank: 2647	187 B
1	extend.tv 1 redirects sync.extend.tv — Cisco Umbrella Rank: 1642	546 B
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 572	317 B
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1369	559 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	1 KB
1	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1638	327 B
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 14414	792 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	1 KB
283	54

	Domain	Requested by
24	a.natapa.org	ja.natapa.org
18	sync.quantumdex.io	get.optad360.io sync.quantumdex.io ssum-sec.casalemedia.com
14	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
14	ib.adnxs.com	4 redirects get.optad360.io googleads.g.doubleclick.net acdn.adnxs.com
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com googleads.g.doubleclick.net ja.natapa.org www.googletagservices.com
10	s0.2mdn.net	cdn.optoutadvertising.com ja.natapa.org s0.2mdn.net a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
9	onetag-sys.com	get.optad360.io sync.quantumdex.io
8	cdn.optoutadvertising.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com cdn.optoutadvertising.com
8	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net ja.natapa.org
7	ups.analytics.yahoo.com	6 redirects ssum-sec.casalemedia.com
7	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net ssum-sec.casalemedia.com
6	s.amazon-adsystem.com	3 redirects ssum-sec.casalemedia.com
6	eus.rubiconproject.com	sync.quantumdex.io eus.rubiconproject.com
6	ads.betweendigital.com	6 redirects
6	ssp.wp.pl	get.optad360.io
6	adx.adform.net	get.optad360.io
6	www.bigmp3db.com	ja.natapa.org www.bigmp3db.com
5	s-img.mgid.com
4	id5-sync.com	cdn.id5-sync.com sync.quantumdex.io
4	mug.criteo.com
4	gum.criteo.com	2 redirects
4	ads.pubmatic.com	jsc.mgid.com sync.quantumdex.io
4	cdn.mgid.com	jsc.mgid.com
4	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	mc.yandex.ru	1 redirects ja.natapa.org
3	token.rubiconproject.com	eus.rubiconproject.com
3	usermatch.targeting.unrulymedia.com	sync.quantumdex.io
3	secure-assets.rubiconproject.com	3 redirects
3	ssum-sec.casalemedia.com	sync.quantumdex.io
3	ap.lijit.com	sync.quantumdex.io
3	match.sharethrough.com	sync.quantumdex.io
3	sync.go.sonobi.com	sync.quantumdex.io
3	ssp.disqus.com	3 redirects
3	s.ad.smaato.net	sync.quantumdex.io
3	hbx.media.net	3 redirects
3	std.wpcdn.pl	ssp.wp.pl
3	acdn.adnxs.com	get.optad360.io
3	match.adsrvr.org	get.optad360.io ssum-sec.casalemedia.com
3	encrypted-tbn0.gstatic.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
3	encrypted-tbn1.gstatic.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
3	www.googletagservices.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
3	www.google.com	tpc.googlesyndication.com a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
3	c.mgid.com	jsc.mgid.com
3	prebid.a-mo.net	get.optad360.io
3	useast.quantumdex.io	get.optad360.io
3	prebid-eu.creativecdn.com	get.optad360.io
3	cdnjs.cloudflare.com	ja.natapa.org s0.2mdn.net
3	ja.natapa.org	1 redirects ja.natapa.org
2	sync-tm.everesttech.net	2 redirects
2	sync.adotmob.com	2 redirects
2	secure.adnxs.com	ssum-sec.casalemedia.com
2	um.simpli.fi	1 redirects ssum-sec.casalemedia.com
2	googleads4.g.doubleclick.net	ja.natapa.org
2	googleads.g.doubleclick.net	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com ja.natapa.org
2	encrypted-tbn2.gstatic.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
2	cm.mgid.com	jsc.mgid.com
2	jsc.mgid.com	www.bigmp3db.com jsc.mgid.com
2	script.4dex.io	get.optad360.io script.4dex.io
2	get.optad360.io	ja.natapa.org get.optad360.io
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	pixel.quantserve.com	1 redirects
1	match.prod.bidr.io	ssum-sec.casalemedia.com
1	sync.mathtag.com	1 redirects
1	csync.loopme.me	1 redirects
1	dsum.casalemedia.com	ssum-sec.casalemedia.com
1	casale-match.dotomi.com	1 redirects
1	sync.extend.tv	1 redirects
1	b1sync.zemanta.com	1 redirects
1	c1.adform.net	ssum-sec.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	pr-bh.ybp.yahoo.com	ssum-sec.casalemedia.com
1	image6.pubmatic.com	ads.pubmatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn3.gstatic.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
1	views.adscience.nl	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
1	www.gstatic.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
1	fonts.googleapis.com	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	um.adscience.nl	a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
1	rtb7.adscience.nl	1 redirects
1	cdn.id5-sync.com	jsc.mgid.com
1	servicer.mgid.com	jsc.mgid.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	get.optad360.io
1	natapa.org	ja.natapa.org
283	87

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
widgets.mgid.com
www.mgid.com
clck.mgid.com
www.optad360.com
natapa.org
ar.natapa.org
bg.natapa.org
cs.natapa.org
da.natapa.org
es.natapa.org
et.natapa.org
fi.natapa.org
fr.natapa.org
hi.natapa.org
hr.natapa.org
id.natapa.org
it.natapa.org
iw.natapa.org
ko.natapa.org
lt.natapa.org
lv.natapa.org
ms.natapa.org
nl.natapa.org
no.natapa.org
pl.natapa.org
pt.natapa.org
ru.natapa.org
sk.natapa.org
sl.natapa.org
sr.natapa.org
th.natapa.org
uk.natapa.org

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-10`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
www.bigmp3db.com R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-21` - `2023-04-22`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.a-mo.net R3	`2022-06-18` - `2022-09-16`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
optoutadvertising.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
adscience.nl R3	`2022-08-15` - `2022-11-13`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-05-13` - `2023-05-15`	a year	crt.sh
s.ad.smaato.net Amazon	`2022-08-22` - `2023-09-20`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-07` - `2022-11-30`	6 months	crt.sh
*.match.prod.bidr.io Amazon	`2022-01-27` - `2023-02-25`	a year	crt.sh

This page contains 40 frames:

Primary Page: https://ja.natapa.org/
Frame ID: 4F8A734C08A682F56655438B378B412A
Requests: 102 HTTP requests in this frame

Frame: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 26F092F5D1DD4778A56A8CC62AD06B57
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C4A99F80813F807794043D866FB855B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 35A140E9F44523B47309DC6CDD5E211C
Requests: 2 HTTP requests in this frame

Frame: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 195174B663364F111D66F94C4C11CDE2
Requests: 11 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1661417304968403697871
Frame ID: B94B8D5E4E90CFC278C5BA137A2A5CA7
Requests: 1 HTTP requests in this frame

Frame: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4BB95E22D197E2BB05B1ABD30E4BA14F
Requests: 22 HTTP requests in this frame

Frame: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
Frame ID: E722B7792A1746A51971D91A678D9896
Requests: 7 HTTP requests in this frame

Frame: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 83CBFC5A39ACCEE8D20711A5C0571072
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLWwChD6s57xAxje_qHRATAB&v=APEucNV9pnlqTBnIVc5CYVRblEnehq9lELvAqU8pOTzokm9jDpZqeAw66HFKx7kvTEloDBR8DjP0fezHDEhHtx_-qUxO5r8SCkAdjFMZgJ3qQdJBb3AFBnAR43uY6QPQMIWx5p53y-LLVdeQ9tu5e8_oxfQIPUtx81am9PXPkOgHdriW4mzNEHoJQDFEgoLsziqGJgJ3fPBU9jfx9HVNcdibqSlrxpE6ZA
Frame ID: 3A71D863FEA38A8D08C560F00D0E8ABE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F34E8F011E1CF49F9A8BD483F1FD53D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
Frame ID: EE1C49D7A45DC2B28929EE11A0921DB3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js
Frame ID: 941DCD567572492320E4D0CF19421454
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661417304300&gdpr=0
Frame ID: F8E88D5F777E2950D9BF6075DBF4A248
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661417304299&gdpr=0
Frame ID: 0895FC3303039D223F68506E970D8257
Requests: 1 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 4672842B33A988F66A64456364253181
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: E06F605285C1175A9055E69114BD19BF
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661417304299&gdpr=0
Frame ID: 6FDED88525AB97F32E149A47D18F03EA
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 43B237BD68B122C813B6B4E0A9053972
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3895B9C58259BF6B73DA7FB3096616E6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 08AEA6B71A86EF88ACB982DCE29A24EC
Requests: 3 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: CD88397AE163E50F311638A1A4AB8964
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 8DDE76949A4E8674C4AE4F7922C96CC8
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/pbjs
Frame ID: 192AAE13DFF6F5F3C359B885F0C970B5
Requests: 10 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 2560F97A104EA19A36D1016A5BFFB1C3
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 29A1D6ECDFF1F3344E461200E485D53F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 9D5485D5F57E6108E4917A68387C7961
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 14EE0623EA91B860C21229E4D4002BC9
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 14D3125261DC73D7A181185AD952AB5A
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: DA771C25B3FE155CFE5B19019B70BDBD
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: B341EBB7A4DFC8FA32E2A439976249D5
Requests: 1 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: C96E59BAF37D23E6D2507CA687BC62A2
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: E46775A5D7213E8DBF3B9B8AEA9E9FD2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 164CA0995E6C91BDF706EF003F8DAAFC
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 3CB33784B969687C2F18AE1138266A08
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: 5E19E20D3A828516351DF6A93B769F53
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Frame ID: 90309156186E12BA0608F8A5BD471438
Requests: 4 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 8418EBAF335AB7B811FBB28C7036EE31
Requests: 10 HTTP requests in this frame

Frame: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Frame ID: B5B2D939CEE9166B8EB2789F87A86926
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: 2098433AA25EF971B091F5BAA9F18A2D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

記述分析と比較 2022

Page URL History Show full URLs

http://ja.natapa.org/ HTTP 301
https://ja.natapa.org/ Page URL

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

283
Requests

86 %
HTTPS

39 %
IPv6

54
Domains

87
Subdomains

65
IPs

14
Countries

3128 kB
Transfer

5664 kB
Size

55
Cookies

37 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=ja.natapa.org&utm_medium=referral&utm_campaign=widgets&utm_content=1228643

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12068031/i/57561560/0/pp/1/1?h=MH-q-2vXlRGLoFn0V_lYBdJNTJrbn8tOxzVY6dlIwDsapdNfMSdeT6HcNSRANd819JHGDMPo-ZP0hGHMd2sZnA**&rid=ae506200-2452-11ed-8eca-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/8052389/i/57561560/0/pp/2/1?h=MH-q-2vXlRGLoFn0V_lYBeGudLMwTr1iJdBFVuUDgJpoZLxpS_7amwF4Xax3In2i7Fjtuy8l9CS6I2491bu2cg**&rid=ae506200-2452-11ed-8eca-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12578182/i/57561560/0/pp/3/1?h=MH-q-2vXlRGLoFn0V_lYBb6dmECiqaCffk-vip6yZdFnchlzsnja6xu4D_i0sNJHoa3S-RbYOB_mNVSbw-6POQ**&rid=ae506200-2452-11ed-8eca-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/13404744/i/57561560/0/pp/4/1?h=MH-q-2vXlRGLoFn0V_lYBSaCthSSwG2lpiIlwsFf4H8q5vLEqSfCJ8ujm77mgR3JZFkv9MtI5LmhGPXOzpK7IA**&rid=ae506200-2452-11ed-8eca-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/4039678/i/57561560/0/pp/5/1?h=MH-q-2vXlRGLoFn0V_lYBeLMt9TYjmWNkZj7qMSB-9XxMwR_xRnpf5BVLTLY9-Ch_mwUjqHgWqpeS_nLHS3sew**&rid=ae506200-2452-11ed-8eca-e43d1a2a53a0&tt=Direct&att=3&afrd=8&iv=11&ct=1&gdpr=1&st=120

Search URL Search Domain Scan URL

URL: https://www.optad360.com/en/?utm_medium=AdsInfo&utm_source=ja.natapa.org
Title: Ads by optAd360

Search URL Search Domain Scan URL

URL: https://natapa.org/

Search URL Search Domain Scan URL

URL: https://ar.natapa.org/

Search URL Search Domain Scan URL

URL: https://bg.natapa.org/

Search URL Search Domain Scan URL

URL: https://cs.natapa.org/

Search URL Search Domain Scan URL

URL: https://da.natapa.org/

Search URL Search Domain Scan URL

URL: https://es.natapa.org/

Search URL Search Domain Scan URL

URL: https://et.natapa.org/

Search URL Search Domain Scan URL

URL: https://fi.natapa.org/

Search URL Search Domain Scan URL

URL: https://fr.natapa.org/

Search URL Search Domain Scan URL

URL: https://hi.natapa.org/

Search URL Search Domain Scan URL

URL: https://hr.natapa.org/

Search URL Search Domain Scan URL

URL: https://id.natapa.org/

Search URL Search Domain Scan URL

URL: https://it.natapa.org/

Search URL Search Domain Scan URL

URL: https://iw.natapa.org/

Search URL Search Domain Scan URL

URL: https://ko.natapa.org/

Search URL Search Domain Scan URL

URL: https://lt.natapa.org/

Search URL Search Domain Scan URL

URL: https://lv.natapa.org/

Search URL Search Domain Scan URL

URL: https://ms.natapa.org/

Search URL Search Domain Scan URL

URL: https://nl.natapa.org/

Search URL Search Domain Scan URL

URL: https://no.natapa.org/

Search URL Search Domain Scan URL

URL: https://pl.natapa.org/

Search URL Search Domain Scan URL

URL: https://pt.natapa.org/

Search URL Search Domain Scan URL

URL: https://ru.natapa.org/

Search URL Search Domain Scan URL

URL: https://sk.natapa.org/

Search URL Search Domain Scan URL

URL: https://sl.natapa.org/

Search URL Search Domain Scan URL

URL: https://sr.natapa.org/

Search URL Search Domain Scan URL

URL: https://th.natapa.org/

Search URL Search Domain Scan URL

URL: https://uk.natapa.org/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ja.natapa.org/ HTTP 301
https://ja.natapa.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://mc.yandex.ru/watch/52786231?wmode=7&page-url=https%3A%2F%2Fja.natapa.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A499%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A1379096614490%3Ahid%3A952718388%3Az%3A0%3Ai%3A20220825084824%3Aet%3A1661417304%3Ac%3A1%3Arn%3A588413789%3Arqn%3A1%3Au%3A1661417304771849067%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661417303195%3Ads%3A0%2C60%2C83%2C40%2C111%2C0%2C%2C5%2C0%2C668%2C668%2C1%2C383%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661417304%3At%3A%E8%A8%98%E8%BF%B0%E5%88%86%E6%9E%90%E3%81%A8%E6%AF%94%E8%BC%83%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/52786231/1?wmode=7&page-url=https%3A%2F%2Fja.natapa.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A499%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A1379096614490%3Ahid%3A952718388%3Az%3A0%3Ai%3A20220825084824%3Aet%3A1661417304%3Ac%3A1%3Arn%3A588413789%3Arqn%3A1%3Au%3A1661417304771849067%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661417303195%3Ads%3A0%2C60%2C83%2C40%2C111%2C0%2C%2C5%2C0%2C668%2C668%2C1%2C383%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661417304%3At%3A%E8%A8%98%E8%BF%B0%E5%88%86%E6%9E%90%E3%81%A8%E6%AF%94%E8%BC%83%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 107

https://rtb7.adscience.nl/cgi-bin/hnAdX2.fcgi?price=Ywc3WAAJDkcH_YcqAA6XFa-oM8PT9NWGEesjVw&campaignid=19203&bid_id=63073758000AE2A807FD86947E00EC43_1&consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=opt_out_advertising&google_cm&external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_hm=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09 HTTP 302
https://um.adscience.nl/cgi-bin/AdXUserMatcher.fcgi?external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_gid=CAESEOaXKopE9Xo7d4-JQRKPYhw&google_cver=1

Request Chain 114

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.natapa.org%2F&domain=ja.natapa.org&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=BXxwkXxBZ0Vpa3FIdjZOWTR4b2w4c1lnaUluUDlCNjAxNVpCMHpEV1h1c1VvbFpFc3lrZE5uUjY2L0kvNkpXKzZSeEdzdUtmVUlTdFRrb1hMdDZmalJNQjhlRHBLVnJsVkZkQTUvT0plMzM4TUpVTTc4dDc1amxoQ0twTkJzY2g0cGt0TS81YmpVY24zK2kzYjJXNERhRlZKdVZrc3hmcFdVYzUvalJoREsrWS9Gc1kyWUY4SC9qNXg2TVZhK0VsMFl3M2xobm1LUnczYktRREcyS0V1K1Q3VHhDWHJkWjNvYzdTZ1JxRWQ3d1dUMk5ZPXw&cppv=2

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1&C=1

Request Chain 154

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywc3WfJoCUgTQQ2UU3qdNQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFFjDV0LAaVfhQd_z7Qbb9s&google_cver=1

Request Chain 156

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjIxNjc3MDE5MTAyNTI4Mg%3D%3D

Request Chain 183

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.natapa.org%2F&domain=ja.natapa.org&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=-yPlJHw3TDJ1NWNScktYSUhyV1BXZC9kbEpNcnVVRzVodmF6dmd2enZmazRwL0pjZVRwTVo5bndzVVVudzBNMHRtTStuc1E3QytjNDF6eTdTWTU5dDZZZ09CaWd4K09ya2pUTU14TkNodFljZDhOQ290eFNqZENxQ0lVcHNUSU1hSThxa3JqZnZIOG9jcVdNMHR2TDRQVmYydWpRUzFUSG5keFhGdkpWT1U2KzBtM2Q4Y3B0a2lGdVRkam5HeXNzME5Gd0NSM3I0NnB4V2pXUXBUNlJ1OVBRSUlSUGUvWGN1RThZMFR1MlZNRW9KVlRJPXw&cppv=2

Request Chain 201

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 202

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A

Request Chain 203

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282

Request Chain 205

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79

Request Chain 206

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB

Request Chain 212

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 215

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB

Request Chain 218

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282

Request Chain 220

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 221

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A

Request Chain 223

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79

Request Chain 224

https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true HTTP 302
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-zoTfFchE2uEAKLSWo_T5VU86rtaI9KIi8AyvIEk-~A

Request Chain 227

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID HTTP 302
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB

Request Chain 229

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3Cvsid%3E HTTP 302
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

Request Chain 231

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282

Request Chain 232

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79

Request Chain 237

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 239

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

Request Chain 244

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

Request Chain 248

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
https://um.simpli.fi/no_match_opted_out

Request Chain 249

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=161b6d3c-f28e-4aab-80af-e9037e64f023&expiration=1692953308

Request Chain 251

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

Request Chain 254

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

Request Chain 257

https://sync.extend.tv/r.gif?exchange=index HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1275e157-5747-434d-9908-ff4fab4845dd

Request Chain 258

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661503707&gdpr=1

Request Chain 259

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 260

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent= HTTP 307
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f389f684-c063-4f45-bf07-3b4ecaba5200&us_privacy=null&gdpr_consent=null&gdpr=1

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Ywc3XAAI_Q0L6wBC HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ywc3XAAI_Q0L6wBC&gdpr=1&_test=Ywc3XAAI_Q0L6wBC

Request Chain 267

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=735e6307-375b-4600-9919-57ee08801d8b&gdpr=1&gdpr_consent=

Request Chain 269

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=KTOvNiw3qmIyMK9lfDWyMH42qGQyMahnLTacz90w

Request Chain 271

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

Request Chain 272

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

283 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ja.natapa.org/
Redirect Chain

http://ja.natapa.org/
https://ja.natapa.org/

41 KB
9 KB

144ms
83ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: c41afdc5c3672d7e538699a09295fb90a7344012b913c89d718b8ef1a86ce629

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 7403118229a54260-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:23 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 26 Aug 2022 08:48:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kyA%2Bd%2F77smyMGwHq8OoAV9KsRM3uJ3tY6d1r0DnhDKq6bhpcuzc2Y5d7rT4r3U%2FTi6DT2kNriNOxN0MBpvsNOAv7%2BG77bU4dlto098R8Wk0KtERx4rfnn6Y8UWMLcAQk9yXg1ADtTaFryX%2BR"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

Redirect headers

CF-RAY: 74031181798db957-AMS
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 25 Aug 2022 08:48:23 GMT
Expires: Thu, 25 Aug 2022 09:48:23 GMT
Location: https://ja.natapa.org/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvlrOHyNkH5pLra40Ic7kQTPfjXMVZFexy6MRTGbz6lKvPiZfKHQ%2FJg5Pky5278%2F4rtZA6cEMcTRyG9LSk71LpYnb3pS05drHP1sl%2BDB%2Bnk%2F%2Bwy3ziCJdttLrhKLrLjbEvE4V3AcyPtaYfSk"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
natapa.org/template/tech/css/ 90 KB
49 KB 105ms
35ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://natapa.org/template/tech/css/style.css
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 367dd665f9afbfccfc1f77a26ca2684fa5e4023fd86735f8182580a1b492be8a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 667122
cf-polished: origSize=94186
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 19:23:51 GMT
server: cloudflare
etag: W/"16fea-5df4e327d3951"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bgv3t%2Bd92R8LnnjmZfpOBsQZunKOaWonq1NlJ7dSPWebJ%2BSLuX06gTT5gz903ANrKQTfZxDFdehWrfX0tFheQ5qrmyvKIuPe5Nx8VGSVow%2BXuiZC6t%2BnrymHOhncAMP6InWJRSjlVulM"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Wed, 31 Aug 2022 15:29:41 GMT
cache-control: max-age=31536000
cf-ray: 7403118329b2b987-AMS
cf-bgj: minify

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 4 KB
2 KB 86ms
33ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6719683
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 975
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-fe0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtJG2F22MLwtfu1%2Bdlwk0iNq3Tody%2BuptKKqtcHGYNIzC9S5QSbZm9JSnNkKyw07D75%2B26rx%2BWFwQGtG67yj2LI8LTiRFKwHhOqgO9Z7o2BeEFEo5b6bneAwqOCiURvGmWJ3xMTOn8VdzfGte6V%2B5F8J"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740311830f51fa40-AMS
expires: Tue, 15 Aug 2023 08:48:23 GMT

GET
H2 200 Difference-between-Imperialism-and-Colonialism.webp
a.natapa.org/science-and-education/ 61 KB
61 KB 188ms
111ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/science-and-education/Difference-between-Imperialism-and-Colonialism.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64458ccb54089dd078b8553cb777491ea384d5b1615cf5b49d4778113deb1329

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62010
last-modified: Fri, 08 Oct 2021 00:04:34 GMT
server: cloudflare
etag: "f23a-5cdcc1fd0bd68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUa1bZUqh0rre4Uyx1rzoABEHMJIj66bvRcvlFey0M%2BzT0bDlGMIQEf9JgXFWttEClJKwTOx7FP1bpH%2FGY0MhzDQ508T87OzSe%2BS7z82bx5SeKTI%2Bl9G3I3Geekrngc2mA7j4crEERgdjCs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 740311835aa94260-AMS

GET
H2 200 Baseball-vs.-Cricket.webp
a.natapa.org/sports/ 47 KB
47 KB 204ms
128ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/sports/Baseball-vs.-Cricket.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e057dca68761d9717bcc633ae889e8d3c52b7d7256754a22a661a4cb11a76ee7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47626
last-modified: Fri, 08 Oct 2021 00:05:33 GMT
server: cloudflare
etag: "ba0a-5cdcc2351b28f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CSmsn3Mtz%2BJMC7Ha0kKtUtCq1s4OtKisFyKlX9Drg%2BtV6y%2BkkcN2ok%2F38NdEzRvlAQDINkyrOr0Cov3Tz4qAEaST5paOWX9dqpB0tXTyS6tDusfNIKQKgSmn1JSinJ7S9z6kHBveTSenhjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 740311835aae4260-AMS

GET
H2 200 difference-between-iphone-4s-and-iphone-5.jpg
a.natapa.org/difference-between/ 13 KB
13 KB 157ms
81ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-iphone-4s-and-iphone-5.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b5a2a0c116bf773a613ec387656bfbc218a449bd0ba2511dbdd90f0e4dfbe87

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12811
last-modified: Thu, 07 Oct 2021 23:34:55 GMT
server: cloudflare
etag: "320b-5cdcbb5cdd0a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=leEht8196sOXebKnNhTDxcIgJk%2B8JZg69bUUq3Sby9aOB%2BcGVRpkd3ZiOUBVjOdLIS1K6Uj3mUtI0WDInCW9CKmu3om7gDZqoC6kET%2Fvz7BSkuaSExOJbNC3G%2FPez6vmQHW8qzsnrvyHC8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 740311835aaf4260-AMS

GET
H2 200 difference-between-angina-and-heart-attack.jpg
a.natapa.org/difference-between/ 10 KB
10 KB 156ms
80ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-angina-and-heart-attack.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22514cadf535d7a2911e26a09363014ff852e6dd8fe8ead7db665ffd660e65e1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9760
last-modified: Thu, 07 Oct 2021 23:46:26 GMT
server: cloudflare
etag: "2620-5cdcbdef64935"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6RIbh06XdEL%2Bug2U3FUaGYZv8wEF7l9PeAE77i6oHDwIHyXzUQK87KypbaEVUACiQ0kVu0JOjl5c33a%2FzAOKrxj%2FS9CcFsrvzV6DQOTh1aylxuVYD3PLbN4MTajtl%2FL4J9Tm6QCjKA2fzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 740311835aba4260-AMS

GET
H2 200 difference-between-tequila-and-other-alcohol.jpg
a.natapa.org/difference-between/ 23 KB
23 KB 174ms
98ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-tequila-and-other-alcohol.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64b45c6b59d826db6aa8567a3390c46f62503fee5a068585f096746efc4773ab

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23394
last-modified: Thu, 07 Oct 2021 23:22:54 GMT
server: cloudflare
etag: "5b62-5cdcb8acd63b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlksIgj2SSqlui2pTi3dk5f%2BLlflmYeQkdjh4kMhgfRGtwejy552fFczXn9LroHocz5dOv%2FEd4uSeuY2ayX3ptcKbIfVSgQMkH8T8N9kbllT6pMJllPi5YrxLKdNwSk0TM%2FmTitgTG6TeCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 740311835aab4260-AMS

GET
H2 200 difference-between-grand-jury-and-trial-jury.jpg
a.natapa.org/difference-between/ 16 KB
16 KB 178ms
103ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-grand-jury-and-trial-jury.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8af3a9b886c733ddd554f72902eb1d45632cf31b3ca20d0ca51b9e3804dbf40a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16254
last-modified: Thu, 07 Oct 2021 23:37:13 GMT
server: cloudflare
etag: "3f7e-5cdcbbe074d27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCOnPdkxjQuziypGg7XQofjnk%2BGqan7hlDy0XrNquPc2hInffc5PCU1B1PPujrAl02JAxg%2BwlM%2Bw%2BRPnqtXLyFI1W1BYDF86a0pKErj9uRiakXW%2BKh%2BdtIJFgvNr1pnCA5KF9BP1szDD%2BJU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 740311835ab14260-AMS

GET
H3 200 difference-between-granulated-sugar-and-castor-sugar.jpg
a.natapa.org/difference-between/ 9 KB
10 KB 79ms
77ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-granulated-sugar-and-castor-sugar.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b84b013f96e87552c524eceb1783a0add28f13e066cd7953584a7d61d3249444

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9658
last-modified: Thu, 07 Oct 2021 23:37:13 GMT
server: cloudflare
etag: "25ba-5cdcbbe057c51"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MlLZHiNRvfLGutGXrhbgh00l3sYXeHi3dFO5t5ytFSXPc%2FB97fbytrNxqNH54NqOacfy07OieNVACBJB0g%2F3RjLedUDMY8eY%2FHFOT7yAKgyY8U4Wy0MLCsF2waJQ3GtKxVCNl1e8aEwGdMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc0cb767-AMS

GET
H3 200 difference-between-granulated-sugar-and-regular-sugar.jpg
a.natapa.org/difference-between/ 8 KB
8 KB 153ms
151ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-granulated-sugar-and-regular-sugar.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ad1d5328f776342c8d6b98ec5ddd702d4a67d4fe1fb075f497909b5e24b45f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7727
last-modified: Thu, 07 Oct 2021 23:37:13 GMT
server: cloudflare
etag: "1e2f-5cdcbbe026806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuLp4PgmA9Ovf%2FClFYRwiq%2BK4Aays2LliEK8%2BstmEoAPu87s8TshTuVy6E%2BFCcVB2V5e280kBFKWn4OZgKKaiipF6wKpBrX%2F%2FDq%2FBpFk98nNMG4ioMnlTVNiFoJ%2Bhy3PZjQW64v2QZj8lF4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc10b767-AMS

GET
H3 200 difference-between-graveyard-and-cemetery.jpg
a.natapa.org/difference-between/ 19 KB
20 KB 128ms
126ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-graveyard-and-cemetery.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93c9a45fbbace9abec7c2d674eaae2783368e9e36d7a06bcfe3588a4aff3ca3c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19522
last-modified: Thu, 07 Oct 2021 23:37:13 GMT
server: cloudflare
etag: "4c42-5cdcbbdfd6c55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8Jzh8BFifWGXzwRS5qPZToXvqVnVcTfg9BBaS17gvce3Suo2INP0SLe19YyXSWz3aa32PKQapeNKMyTXXLc3MugcjBfZK4XWuUyb4LqEoG8ZvwgL55xaphxUAHkLbor9W7%2FsJcf4tZzNo0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc13b767-AMS

GET
H3 200 difference-between-gre-and-gmat.jpg
a.natapa.org/difference-between/ 13 KB
13 KB 129ms
127ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-gre-and-gmat.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83d8554b9b0976fddc3d861f0de2d43ff4d4a5d0d95e9b676f49ab060f68731

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13261
last-modified: Thu, 07 Oct 2021 23:37:12 GMT
server: cloudflare
etag: "33cd-5cdcbbdf76bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jUmYdhciqEKDUAadjMCQ6OXC6ZLLEa%2F2mWD%2Bdwx4QasqZ0CBpQ6qEpabSw6nDOi7Hlr0V0laDcSaOIIuPY5YFqvAZJogV0ZoGg24gJz8ruGDtxN9ZS9Wqqkzhig9ZzBJaiHyyFj6Yfxw7TU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc14b767-AMS

GET
H3 200 Butane-vs.-Methane-4.webp
a.natapa.org/science/ 100 KB
101 KB 154ms
152ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/science/Butane-vs.-Methane-4.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d65afa87904117ffd55d03cc940148471ac936d3c7592ee30065d29fd0a1dc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 102492
last-modified: Fri, 08 Oct 2021 00:03:35 GMT
server: cloudflare
etag: "1905c-5cdcc1c472da3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rjt%2BhRzE8aEpM7iiTIPUHl%2F91inZg%2FNrSLTldPFyF9GHmYFiys%2Fd4QZnRFtpo%2FeceaVzvfPqT%2B7oHIXq%2BS8r1nX9YSEK00%2FWbYrqtbm9K2q7TrYaqzcWabIsHFdt693I9WFauhHNfxuBtFs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc16b767-AMS

GET
H3 200 First-Degree-Murder-vs.-Second-Degree-Murder.webp
a.natapa.org/legal/ 30 KB
31 KB 129ms
127ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/legal/First-Degree-Murder-vs.-Second-Degree-Murder.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6398218ada113d563c761b5ef76593d23dcb2deef66c52b73d769030c692e34e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31138
last-modified: Thu, 07 Oct 2021 23:58:15 GMT
server: cloudflare
etag: "79a2-5cdcc0937f97b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHkL6OOiFpxDZV%2FU2btP20fz2AzXE%2F3ZN6iQimzpoGRnpw9pkpExWfpomzCWEjGHYvKDRZAQDQ4CUmsTYhKixd%2FYwY0PEjHL2RNzDBKIRqkRYeC2ChBsKtdoIhFDgbYrQl4TG6Jgqky%2BlBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc18b767-AMS

GET
H3 200 Photosynthesis-vs.-Cellular-Respiration.webp
a.natapa.org/science/ 36 KB
36 KB 102ms
100ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/science/Photosynthesis-vs.-Cellular-Respiration.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa6e7a222f4587b14bc44bdacdbd76a56f9d16c6eb20e456aa27ee1abad08727

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36454
last-modified: Fri, 08 Oct 2021 00:02:17 GMT
server: cloudflare
etag: "8e66-5cdcc17a45587"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G26tfBc%2BdReI68jf06A64%2Flic6cYqaF7iMua7ebyORNcog0gm1Z%2FMS16nBIlAniQanh2%2Bny%2FgfCzRlWnxeeU2vTcPyqbAcHegISn79Mq80%2BeOeMUXxgKgJ22PCPGBQUXXvnB5R7a8UXO%2B0M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc1ab767-AMS

GET
H3 200 Cancer-vs.-Psoriasis.webp
a.natapa.org/health/ 69 KB
70 KB 179ms
178ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/health/Cancer-vs.-Psoriasis.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 052ee0fa3bc67842579d3ff018737e8193838c4d1107d8a36e039b2d95a8c3e0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 71086
last-modified: Thu, 07 Oct 2021 23:54:19 GMT
server: cloudflare
etag: "115ae-5cdcbfb28be85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6QKG4nUA%2FX11REKRQcKxrGGBSRYPaka0ur9BBXh5KVwDFYMULKdz1EADkPpjVpKtOHb6PjwftyH3MI5fFXnDHlPO1QdKEQCeM4aKXPp14Dmgxep69%2FiXmgKpZHOLIzIexgMWCM5wlQFR8w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc1bb767-AMS

GET
H3 200 Difference-between-WEP-WPA-and-WPA2-1.webp
a.natapa.org/tech/ 7 KB
8 KB 80ms
78ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/tech/Difference-between-WEP-WPA-and-WPA2-1.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db89ac4cb51702b44017204ac6433b53dbeada04d6fa38708263a413572e03f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7458
last-modified: Fri, 08 Oct 2021 00:05:47 GMT
server: cloudflare
etag: "1d22-5cdcc242cc9a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vmjKyYGINE3SEvOgGunbtx2Mo2cc4JsjKBqIXKVKhKdzYpBYrbKqPNig%2FLTwIVyb8cy6%2Fzc49zNn%2BbG5x9Jm8yEoy2jAG52Q93D6j2eSAvxc%2BjzEUAblifaQ7L1TwHG3aRwnNdiqQf%2FIrZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc1db767-AMS

GET
H3 200 Difference-between-Crush-and-Love-1.webp
a.natapa.org/life/ 20 KB
21 KB 203ms
201ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/life/Difference-between-Crush-and-Love-1.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15628e3ef7e4ebd062c0a91d4340ee3580ec9e4d3a03d9d87910468d27856e2f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20598
last-modified: Thu, 07 Oct 2021 23:59:12 GMT
server: cloudflare
etag: "5076-5cdcc0ca32dce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MvKb5Ub8mVB8%2BlePDedrHK23pwZ22GOMpi7p6YBLaMoTVx9KT%2BjG%2BIiqK6fGsu7aVX6jSVD1tSJnsKRGtT4RXJRQLWprl9Gm5NOSvA0xIn7P3QfxoLqQHIDd5NNqiAT%2BzgPVkAKBGsOdWRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc20b767-AMS

GET
H3 200 Difference-between-Subculture-and-Counterculture-2.webp
a.natapa.org/life/ 21 KB
22 KB 204ms
202ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/life/Difference-between-Subculture-and-Counterculture-2.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68e7c7ae04b9dec1c359ceeaa7f89f007386e0c3c4d3fd5d520962dda12b87ce

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21596
last-modified: Thu, 07 Oct 2021 23:58:56 GMT
server: cloudflare
etag: "545c-5cdcc0ba6398e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=956jV4a2gPdYzQQAabkgoQD0%2FIV5yhiNZtHOyeRriYhkAbNvuunBRHaS6IlX%2FJd4a%2BghP2lCRmCC2GOhYo8XeOD1RAN57d8rWm%2FoOyImB7JPUGCYBK1mE5pAhn9UDc6tXI62xaMsg6zz6Wo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc22b767-AMS

GET
H3 200 Difference-between-School-Counselor-and-School-Psychologist-1.webp
a.natapa.org/life/ 12 KB
12 KB 205ms
203ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/life/Difference-between-School-Counselor-and-School-Psychologist-1.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ed1030dbdff6229fa0784d3781d20c713b48611ae2faa43a93ed163b9bf3fa7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11982
last-modified: Thu, 07 Oct 2021 23:58:56 GMT
server: cloudflare
etag: "2ece-5cdcc0bb22070"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKZ%2Ft8D%2BPxrQqV2vAr%2FGJIx%2F2YbhGo3%2B3kSsk7AcXkcBxe9XaB%2B3R4OWLayemGkPyaS4R%2BMnS8ZgMQNgfnX0T7PMbsJigrbaLY9J%2BotrsPSU0jHzpaeRrpuwLxYLolCW6yc0sXR%2BiAThFkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc23b767-AMS

GET
H3 200 difference-between-flash-drives-and-external-hard-drives.jpg
a.natapa.org/difference-between/ 12 KB
12 KB 206ms
203ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-flash-drives-and-external-hard-drives.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f84f894f447cd0d91f67cd94d9e4bf760ec4878a8f27b92856f9a282820dde0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12197
last-modified: Thu, 07 Oct 2021 23:38:33 GMT
server: cloudflare
etag: "2fa5-5cdcbc2cb0f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FUR0xxWhPnnTvnagf6Jvc%2B8SGS647H02sGjhoZlHIu2S4BEEPoXLGAH8A9IOpK4L6y9BzU7IJj0B10sctv3QAj6Z06esX5uoAcpKKjczvo%2B7wy2%2FQt9NQXrzhpGH38a2Slw6sIElHEWE7Lo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc28b767-AMS

GET
H3 200 difference-between-bazaar-and-flea-market-1.jpg
a.natapa.org/difference-between/ 24 KB
25 KB 206ms
204ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-bazaar-and-flea-market-1.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53c4d42182ac422c1b66be7712ee390540d6bd770e8837e3ffbf4fd657f59351

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25004
last-modified: Thu, 07 Oct 2021 23:45:01 GMT
server: cloudflare
etag: "61ac-5cdcbd9ea1fce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZTmh6j66DeqxxlLG3ewrNqUPT1b3bsY%2BzcoRffE6Zk2jp622AoMVRbO1UrDMd02fwpzLw6wDZ9sEBNQ1VEX5%2BESccGwpLzMQDlRpN3PMVv9K%2Fvjd1iKNeyrup%2BKRbcLROW3eikkqzhFw3Vg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc2db767-AMS

GET
H3 200 difference-between-fleas-and-bedbugs.jpg
a.natapa.org/difference-between/ 10 KB
11 KB 207ms
205ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/difference-between/difference-between-fleas-and-bedbugs.jpg
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98e9ec0829af758d87809ba5000eddfd6685214020c0cedf9f6b190513ba847a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10548
last-modified: Thu, 07 Oct 2021 23:38:33 GMT
server: cloudflare
etag: "2934-5cdcbc2c97915"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KB55yFRRR7J77uMyzaj7LAwlHEqjYtQn%2FAsD7BjyvVKnXZJ%2BWVZ32h2fjX%2BxnkdpTm9pBX00Fjro02OMvb2owDA8VoxqZVhcCSwVp2fUnwQ5SGDGZ0gOU6etLkW8xBlW0jWsde12uaqLVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc2fb767-AMS

GET
H3 200 Difference-between-Basmati-Rice-and-Jasmine-Rice-2.webp
a.natapa.org/kitchen/ 13 KB
14 KB 208ms
205ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/kitchen/Difference-between-Basmati-Rice-and-Jasmine-Rice-2.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee6ececc4c8179a37722797e59cfde04f9834c180971d4cfe29ccc6fa88a63f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13808
last-modified: Thu, 07 Oct 2021 23:57:33 GMT
server: cloudflare
etag: "35f0-5cdcc06b476a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAblzU6RDO9cmKwSuSCKmyAGzgUFyDNvWvDM6%2B8JCn8Yzj8VBFwiuS0hiotW4UdGQo9zxNf9kp0WexewyETIdV72bjNys3SFLFq3%2Fkm%2BvdSX9vd8OarZj95VIojLWkIdc%2FE23uYh6sWArZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc3cb767-AMS

GET
H3 200 Difference-between-White-Corn-and-Yellow-Corn-2.webp
a.natapa.org/kitchen/ 12 KB
13 KB 209ms
207ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/kitchen/Difference-between-White-Corn-and-Yellow-Corn-2.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 410a1ebbf9d1ccbef11d9355a63393fcb5e51f88ca30f1f253b57abff45e0e53

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12636
last-modified: Thu, 07 Oct 2021 23:56:11 GMT
server: cloudflare
etag: "315c-5cdcc01d76686"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2QeSJmR6dLy4OabKBA7vbYjjG%2FzD1ZBLLApBW68ZyaH203HAt71wvFXLQJyqBuALubcPxRVNsIEoXnJOqm1EOIzpKEcyy06MzYTXNhuq2G1oKC6sIJo6iWlhovkOhfK95H5ntM6ZXz14Nk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc43b767-AMS

GET
H3 200 Difference-between-Equity-and-Equality-1.webp
a.natapa.org/life/ 22 KB
22 KB 224ms
222ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.natapa.org/life/Difference-between-Equity-and-Equality-1.webp
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a2d390557bcbfee4fcf6de22dd8e18d9dbd9cf04296c86f49c5e12e2689d4b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22168
last-modified: Thu, 07 Oct 2021 23:59:11 GMT
server: cloudflare
etag: "5698-5cdcc0c96cef1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQJwr%2FKmt6ujl%2BT83XjVaa0f4GGHgWjY5nQ2qFzEbPZvgRzaRZ8fICxKq1RnseWMBnmi1P8VtnukqlJl4pauLZidtfBSacDscIltfI02WM03kCzJWKAzVuyd8F2iQ8JPQb7SVyD2hw%2BLe%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 74031183dc44b767-AMS

GET
H2 200 rocket-loader.min.js Show response
ja.natapa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 27ms
27ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ja.natapa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Aug 2022 16:11:23 GMT
server: cloudflare
etag: W/"62ffb62b-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjQvrpi9uKgQ%2BFsDlv2YADWouC1f5a%2FhOrVLe3zieA0RqAqklI%2FsxONji%2BYo28e0qVPSrtRBH437Q5%2FMUzHWEKtoeEA5DMHumy0MQyZewHd663ry2R6wpMp2EIfuTIavrzrhVhP4dMBP9dDU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74031182fa4c4260-AMS
vary: Accept-Encoding
expires: Sat, 27 Aug 2022 08:48:23 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/09e64235-f9ef-4d3c-a201-5871a400bf2f/ 284 KB
60 KB 232ms
127ms Script
application/javascript 2600:9000:21f3:ba00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/09e64235-f9ef-4d3c-a201-5871a400bf2f/plugin.min.js
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 111a54d2dab6f6fd83bd4e3cc76bd6d800934682226748eb38efb90d93a803d9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Jul 2022 08:58:47 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"9cfe167a555e0dd47e698f5f392a3f7d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: F9LmU0dsDBCu1UD90hA_dg5Ife_ZvDu4YDG74c9E_NWlkw6x37SJiA==

GET
H3 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/ 20 KB
7 KB 63ms
34ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.js

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 55424
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5978
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-5148"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYbLKC%2FNKtc8X7S9%2FX%2FfGh8mKeZdGc%2FBwr%2Fzed1xDebFK3RK9Hm2eS0Gs8yjXv%2B%2FSNoA8qXmlU3LRpuW9dmzj4U4CM%2BMsiDFtbJW4%2Bdb4oJCNpEP1dDK8oJ0%2FT4f73Kob%2Bg%2F5%2F3sTpyeyoe78GZWOIR4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 74031183ad40b7e8-AMS
expires: Tue, 15 Aug 2023 08:48:23 GMT

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 273ms
133ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

77b6fe453bf4160611ada0c455fc32e374bb645ed70e225087e98c041147bf5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
last-modified: Tue, 23 Aug 2022 14:08:03 GMT
etag: "6304b513-11925"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71973
expires: Thu, 25 Aug 2022 09:48:24 GMT

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 66 KB
19 KB 272ms
126ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?168d7af

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
server: cloudflare-nginx
duration: 1115379
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Thu, 25-Aug-2022 11:53:24 EEST

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 144ms
55ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/09e64235-f9ef-4d3c-a201-5871a400bf2f/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

11e5548832c10b52134d70a26244365910409ad1facfe76e0a965537c635d14f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28501
x-xss-protection: 0
server: sffe
etag: "1313 / 850 of 1000 / last-modified: 1661379059"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Aug 2022 08:48:24 GMT

GET
H2 200 prebid6.23.1.js Show response
get.optad360.io/sf/ 495 KB
496 KB 37ms
36ms Script
application/javascript 2600:9000:21f3:ba00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid6.23.1.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/09e64235-f9ef-4d3c-a201-5871a400bf2f/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ba00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd02260c5d4f77750ced52c982c33eb066d8d0d8e25eeee50ee5953e7a41f098

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 20 Jun 2022 19:43:54 GMT
via: 1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 12:45:38 GMT
server: AmazonS3
age: 5663071
etag: "44ba356b06aa5e627ab06abf80f24b6c"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 507029
x-amz-cf-id: U3IcSLBVeAYWHmsf7UzpXY2cj_jO85a8ZuaIfvMqFkyVKEUpeCdKYw==

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 537ms
178ms XHR
application/json 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220825

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 20839
x-jsd-version: 1.0.1442
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 917
etag: W/"66c-X0qOsT95Dju0AixUjbkkTzLojuY"
x-served-by: cache-fra19157-FRA, cache-maa10249-MAA
x-jsd-version-type: version
date: Thu, 25 Aug 2022 08:48:24 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
937 B 121ms
48ms Script
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1434313
x-amz-request-id: tx71de9a623ae143c39231a-00629f978d
x-amz-id-2: tx71de9a623ae143c39231a-00629f978d
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrgoOPXgK6VydTF2pFcYiERh6P2R9HBnO3%2BYoaqhKJ1Ccga9CeIpEdgc89Rw%2BU1dfs9W8Y%2Fxr9qMw740W9Yi9QypNDvtVIGSOE5l7Cp2slN8bzs38v6bCfrzq4WK8lDoh3z7MaBdrfnF2tT4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 740311878ee84260-AMS

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 131ms
34ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.natapa.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.natapa.org
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
221 B 182ms
51ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.23.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
server: nginx
vary: Origin
accept-ch-lifetime: 604800
access-control-allow-origin: https://ja.natapa.org
access-control-allow-credentials: true
uber-trace-id: 000000000000000080e865039de14a0e:a4f9e6c3ff8676aa:0:0
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 115ms
34ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.natapa.org
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 94ms
33ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.natapa.org
date: Thu, 25 Aug 2022 08:48:24 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
134 B 200ms
127ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ja.natapa.org
access-control-allow-credentials: true
cf-ray: 74031187bdf59b76-FRA

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 175ms
98ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 247ms
188ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

43ba3be3cfd5e70dbc989bb171458166df7112cf93bfcd43038fab5049279ef4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:24 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2007ec62-f012-4d7a-9072-5ef0c96b6359
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.natapa.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
168 B 310ms
100ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Thu, 25 Aug 2022 08:48:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.natapa.org
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 122ms
35ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.natapa.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.natapa.org
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 20 KB
13 KB 234ms
180ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

998c8fea340735d7035ee255714187e51fdc58cd7ee12da43fffd56df861b042

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 25 Aug 2022 08:48:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b028a205-0ec3-49d1-b3c3-b87b125590b5
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://ja.natapa.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 171ms
53ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.23.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
server: nginx
vary: Origin
accept-ch-lifetime: 604800
access-control-allow-origin: https://ja.natapa.org
access-control-allow-credentials: true
uber-trace-id: 0000000000000000d5d3db1721d2a347:9dc48de34519f098:0:0
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 305ms
100ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Thu, 25 Aug 2022 08:48:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.natapa.org
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
134 B 192ms
129ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ja.natapa.org
access-control-allow-credentials: true
cf-ray: 74031187bdf99b76-FRA

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
406 B 229ms
153ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 100ms
34ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.natapa.org
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 81ms
34ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.natapa.org
date: Thu, 25 Aug 2022 08:48:24 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 118ms
35ms Preflight 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ja.natapa.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://ja.natapa.org
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
406 B 226ms
149ms XHR
text/plain 37.157.2.237
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
18 B 300ms
101ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

x-nbr: 1
date: Thu, 25 Aug 2022 08:48:23 GMT
server: envoy
vary: origin, Accept-Encoding
access-control-allow-origin: https://ja.natapa.org
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 78ms
34ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.natapa.org
date: Thu, 25 Aug 2022 08:48:24 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 pbjs Show response
useast.quantumdex.io/auction/ 0
336 B 181ms
124ms XHR
text/plain 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://useast.quantumdex.io/auction/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: POST, GET
access-control-allow-origin: https://ja.natapa.org
access-control-allow-credentials: true
cf-ray: 74031187bdfa9b76-FRA

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 241ms
191ms XHR
application/json 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

5fc134eff673f50443d2ed6948664638ceeff3051bf3a6d0b0634853248357f8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:24 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1847d54b-c6d8-4aff-b5b7-2f97da84157d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://ja.natapa.org
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
360 B 93ms
33ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://ja.natapa.org
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
57 B 160ms
52ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.41&pbver=6.23.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
server: nginx
vary: Origin
accept-ch-lifetime: 604800
access-control-allow-origin: https://ja.natapa.org
access-control-allow-credentials: true
uber-trace-id: 00000000000000003c39fd33d9f552d1:8a587936ccb124e7:0:0
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
269 B 201ms
70ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?168d7af

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

6616e73f394e4dc651d8bd6db68fcad67ff8baebf617894323d992304d13b198

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 616 B
568 B 201ms
70ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?168d7af

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

d06f859375be6e10248a908c142ef75be0ae311caf0c888e72c600de9d4f623f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 pubads_impl_2022082302.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 96ms
31ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 20:04:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132097
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 21:23:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Aug 2023 20:04:33 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 68 B
96 B 131ms
66ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ja.natapa.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a03b4c86fe824e964c2ea1fde2f35491a16e4e0314b6602c24a4499178f9728c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Thu, 25 Aug 2022 08:48:24 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/52786231/
Redirect Chain

https://mc.yandex.ru/watch/52786231?wmode=7&page-url=https%3A%2F%2Fja.natapa.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A499%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.ru/watch/52786231/1?wmode=7&page-url=https%3A%2F%2Fja.natapa.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A499%3Afu%3A0%3Aen%3Autf-8%3A...

350 B
432 B

68ms
68ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/52786231/1?wmode=7&page-url=https%3A%2F%2Fja.natapa.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A499%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A1379096614490%3Ahid%3A952718388%3Az%3A0%3Ai%3A20220825084824%3Aet%3A1661417304%3Ac%3A1%3Arn%3A588413789%3Arqn%3A1%3Au%3A1661417304771849067%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661417303195%3Ads%3A0%2C60%2C83%2C40%2C111%2C0%2C%2C5%2C0%2C668%2C668%2C1%2C383%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661417304%3At%3A%E8%A8%98%E8%BF%B0%E5%88%86%E6%9E%90%E3%81%A8%E6%AF%94%E8%BC%83%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

c36ff11970b2969b18bb7c2dce6cc9d74e8c2fd8da8cf29624c6621ea1cb097a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:24 GMT
x-content-type-options: nosniff
last-modified: Thu, 25-Aug-2022 08:48:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.natapa.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Thu, 25-Aug-2022 08:48:24 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:24 GMT
last-modified: Thu, 25-Aug-2022 08:48:24 GMT
location: /watch/52786231/1?wmode=7&page-url=https%3A%2F%2Fja.natapa.org%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ofv6mafcjh9urjbdp7e2g%3Afp%3A499%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A880%3Acn%3A1%3Adp%3A0%3Als%3A1379096614490%3Ahid%3A952718388%3Az%3A0%3Ai%3A20220825084824%3Aet%3A1661417304%3Ac%3A1%3Arn%3A588413789%3Arqn%3A1%3Au%3A1661417304771849067%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661417303195%3Ads%3A0%2C60%2C83%2C40%2C111%2C0%2C%2C5%2C0%2C668%2C668%2C1%2C383%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661417304%3At%3A%E8%A8%98%E8%BF%B0%E5%88%86%E6%9E%90%E3%81%A8%E6%AF%94%E8%BC%83%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://ja.natapa.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 25-Aug-2022 08:48:24 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 67ms
67ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
last-modified: Tue, 23 Aug 2022 14:08:03 GMT
etag: "6304b513-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 25 Aug 2022 09:48:24 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 87ms
37ms Fetch
application/javascript 2606:4700:20::681a:9a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2200269
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: tx272dac4c177341689b477-0062bcb6dc
x-amz-id-2: tx272dac4c177341689b477-0062bcb6dc
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zD0u%2BwZg3U0fFnn3So4ES78O4okIU7DE1xrrI2Uf3Y5qTkEyjQzA7m64uNHOeADNokBqMLhaoETBkJzvy3KRVQ2Dl3QJChEIYbqFw27yN9oNNJM535vyktlOhSbFuDWgzuAb1k6XxOgEHH8a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 7403118839cdb903-AMS
access-control-allow-headers: Authorization

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 65ms
65ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?168d7af

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

96b63fd8b169d03e9e199a28f2e68bd79ec432d68aa0eab1180d9282762e0ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fondoperlaterra.org.1228643.js Show response
jsc.mgid.com/f/o/ 2 KB
2 KB 98ms
34ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Requested by: Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?168d7af
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f86fc1c5bd806aa6d93828177336ea09c88149b4a1b602a472100aa359b23bd3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 5591
cf-polished: origSize=2332
last-modified: Wed, 15 Jun 2022 13:26:58 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: SSGX5729P5F35C5Q
x-amz-id-2: d5Z4wKNLvhQwFaXfQQ4/bfMKvH95BGMkCXzcRwgoV3A95eEIIVDFZqXV4vt17bnRFORMGsqY7gI=
cf-bgj: minify
server: cloudflare
etag: W/"249cc7a0057427427b4ce45014168891"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: I0QWxhx7ffivNtldxVUaYDoyFIxs9c59
cf-ray: 74031189390ab969-AMS
expires: Thu, 25 Aug 2022 11:48:24 GMT

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 178ms
39ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=ja.natapa.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 122ms
39ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ja.natapa.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
10 KB 361ms
360ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3075341488024043&correlator=4074585448309236&eid=31068457%2C31069153%2C31064019&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cnatapa.org_adi_W1&enc_prev_ius=%2F0%2F1&prev_iu_szs=250x250%7C250x300%7C280x250%7C280x300%7C300x250%7C300x600&ifi=1&adks=2520656929&sfv=1-0-38&fsapi=false&cust_params=pubcid%3D8cdcc2ed-0635-46e2-b5df-130d93f417ca&sc=1&cookie_enabled=1&abxe=1&dt=1661417304518&lmt=1661417304&dlt=1661417303455&idt=950&adxs=1123&adys=1345&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.natapa.org%2F&frm=20&vis=1&psz=0x-1&msz=250x-1&fws=644&ohw=305&ga_vid=557188566.1661417305&ga_sid=1661417305&ga_hid=765135995&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

b400525eb707caf87080397f1cf9a50544dbbcae14308cc8ef19621a36f3533c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9972
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 146ms
78ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022082302&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ad03581f05253e5b78b1e060f2a0adcf2fcfa8e4a2228f3a556aa1113a45bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11137
x-xss-protection: 0

GET
H2 200 container.html Show response
a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 26F0 6 KB
4 KB 182ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: Fri, 25 Aug 2023 08:48:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 65ms
65ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?168d7af

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

a51833c9266515c756e1c6483f23479a01034781a58465b10bb6520193b02958

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 fondoperlaterra.org.1228643.es6.js Show response
jsc.mgid.com/f/o/ 264 KB
76 KB 67ms
39ms Script
text/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb0de09f4b625608d88083f138701f4bb6e713e6f4fb9ea3e93f285d9e10c91

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 972
cf-polished: origSize=270840
last-modified: Wed, 24 Aug 2022 10:16:48 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: RCEHQGFP21TY1AAD
x-amz-id-2: n+81GpOApNsCG09ixYDfAhYMnzQC5xeGdfLYpXwdy0LzpW/NCjAcTqXs7xYm8IvMeT/3aC4filo=
cf-bgj: minify
server: cloudflare
etag: W/"b36bcf59c60cbff1cf4b3ab83716419e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
x-amz-version-id: BBLXjl1T8wgGBtllAdNaWMVONf2Q0y..
cf-ray: 74031189a83a41bc-AMS
expires: Thu, 25 Aug 2022 11:48:24 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 115 KB
33 KB 647ms
646ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3075341488024043&correlator=4074585448309236&eid=31068457%2C31069153%2C31064019&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cnatapa.org_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=2&adks=2075362144&sfv=1-0-38&fsapi=false&cust_params=pubcid%3D8cdcc2ed-0635-46e2-b5df-130d93f417ca&sc=1&cookie_enabled=1&abxe=1&dt=1661417304550&lmt=1661417304&dlt=1661417303455&idt=950&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.natapa.org%2F&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=640&ohw=0&ga_vid=557188566.1661417305&ga_sid=1661417305&ga_hid=765135995&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

95a73fabccb4d1f6dc4ec4d6533f7e66ce4aa3b5f3e3fa61e1bd3ca88c74458d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34092
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 65ms
65ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?168d7af

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

9ac192e22feac750972021a8588dbbaed10ea538869ad645e97f995cc90384df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 137ms
53ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 08:48:24 GMT

GET
BLOB 200
OK cf84ed77-14a7-4d38-bb49-734c7a793adc
https://ja.natapa.org/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ja.natapa.org/cf84ed77-14a7-4d38-bb49-734c7a793adc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 6125d2e5-ed72-4370-8896-7f8ae686c7b5
https://ja.natapa.org/ 245 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ja.natapa.org/6125d2e5-ed72-4370-8896-7f8ae686c7b5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length: 245
Content-Type: text/javascript

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 729ms
728ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3075341488024043&correlator=4074585448309236&eid=31068457%2C31069153%2C31064019&output=ldjh&gdfp_req=1&vrg=2022082302&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cnatapa.org_adi_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C728x200%7C970x100%7C970x250%7C970x300&ifi=3&adks=4168635629&sfv=1-0-38&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.04%26hb_adid_appnexus%3D43f88a13e15154f%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.04%26hb_adid%3D43f88a13e15154f%26hb_bidder%3Dappnexus&cust_params=pubcid%3D8cdcc2ed-0635-46e2-b5df-130d93f417ca&sc=1&cookie_enabled=1&abxe=1&dt=1661417304701&lmt=1661417304&dlt=1661417303455&idt=950&adxs=436&adys=404&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fja.natapa.org%2F&frm=20&vis=1&psz=0x-1&msz=728x-1&fws=644&ohw=1600&ga_vid=557188566.1661417305&ga_sid=1661417305&ga_hid=765135995&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e9ff25760e71ae392b397cb8d4cc3d1ced03688cbd7708c07a53da110f57a930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8034
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
c.mgid.com/pv/ 0
36 B 161ms
146ms Script
text/plain 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1661417304772170616317&lct=1661299200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fja.natapa.org%2F&lu=https%3A%2F%2Fja.natapa.org%2F&sessionId=63073759-10065&pageView=1&pvid=182d43032c49b8750e7&site=761202&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403118b0c8db969-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
BLOB 206
Partial Content 9ea5fe12-4842-4158-890b-631b1cd67efb
https://ja.natapa.org/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://ja.natapa.org/9ea5fe12-4842-4158-890b-631b1cd67efb
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 45ms
31ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 4750
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: GPSDD35ZF382QJSB
x-amz-id-2: UmWBoy2G0pdlxXHnM2h8xHRxhFh3TuuFjy/oOXpsxedhXOkHMZQYJyH7dlnR0IIY1kMReJyRY88=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 7403118b1ce2b969-AMS
expires: Fri, 26 Aug 2022 08:48:24 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
812 B 59ms
45ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 4750
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: CBFAV854SQX1GD5V
x-amz-id-2: /iQeP2TkOMwIXLBxLzVjPkP5Y7mMFKuMsREdk80F0O5/Z/VzymWJ2OImK8Hw6yUVPK/JKl/kMl0=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 7403118b2ce4b969-AMS
expires: Fri, 26 Aug 2022 08:48:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C4A 13 KB
5 KB 100ms
31ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 2783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:02:01 GMT
expires: Fri, 25 Aug 2023 08:02:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 35A1 783 B
1 KB 125ms
45ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c58ac8244fea4ec82d42492895a69af46b21b2813a250ee37e8d94e68b2e8e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-amUQLSIKMVCvUs_JFcI3Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-amUQLSIKMVCvUs_JFcI3Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: Thu, 25 Aug 2022 08:48:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 1 Show response
servicer.mgid.com/1228643/ 4 KB
2 KB 45ms
37ms Script
application/x-javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1228643/1?pv=5&cbuster=1661417304841383912120&lct=1661299200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1200&h=284&maxw_3=228&maxh_3=238&cols=5&ref=&cxurl=https%3A%2F%2Fja.natapa.org%2F&lu=https%3A%2F%2Fja.natapa.org%2F&sessionId=63073759-10065&pageView=1&pvid=182d43032c49b8750e7&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1fad176a5d119bc85863656679adf0da30c1f14da91a89972510dfde161e2e6c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 7403118b7d8eb969-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 container.html Show response
a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1951 6 KB
3 KB 105ms
39ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: Fri, 25 Aug 2023 08:48:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget-ssp-performance
c.mgid.com/ 43 B
126 B 127ms
127ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=50
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403118beec4b969-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 35ms
34ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 5415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SG1V0WFRNKXC6R
x-amz-id-2: 2ywp9fgknp8c4HO0Z1cJ5C+4aMUUPCMjGdBA1cI/wAWAxrlaPAi52xxpkj8rcWWqMPvoQLnyl6w=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 7403118bfa2041bc-AMS
expires: Fri, 26 Aug 2022 08:48:24 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1 KB 35ms
32ms Image
image/svg+xml 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:24 GMT
content-encoding: br
cf-cache-status: HIT
age: 5415
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 31SYWNNYNESPJ6F1
x-amz-id-2: 3myD4nXSsv4qiYMx2Hi56efn2ys0sdKXq9O5ZJG39ML6YXsxmNdK6iip2d5CSfCah3Py/VE8AbU=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
x-amz-version-id: null
cf-ray: 7403118bfa2541bc-AMS
expires: Fri, 26 Aug 2022 08:48:24 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC82MDVlNmQ1MGI3MjEwNjRjN...
s-img.mgid.com/g/12068031/492x328/-/ 34 KB
35 KB 126ms
58ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12068031/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8sd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIxLTEyLzEwMTkyNC82MDVlNmQ1MGI3MjEwNjRjNzJjNDgxMzZhMzRiYWQ3NS5qcGVn.webp?v=1661417304-zOqb-lmb_SI2VTxJajyGUI2NlGrKxne_MMxIz0FV-Qg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3d6775a65f3631abbaf5ece8875cc3987d776073e425c434c5e9f3c19282059

Request headers

Referer: https://ja.natapa.org/
Origin: https://ja.natapa.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Jan 2022 14:13:10 GMT
x-mg-request-uuid: 8c443502-7c47-47bd-a717-fa987cc04d44
age: 6659367
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7403118c5812b90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35112
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzM0ZTk1MjczMGY0NjMzODZjOWY1ZjFhMTliNmUxYThmLmpwZWc.webp
s-img.mgid.com/g/8052389/492x328/0x0x855x570/ 8 KB
9 KB 101ms
33ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/8052389/492x328/0x0x855x570/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMTAvMTAxOTI0LzM0ZTk1MjczMGY0NjMzODZjOWY1ZjFhMTliNmUxYThmLmpwZWc.webp?v=1661417304-69gs865EPZOgR_Xcts1b7yvBOeI75QiqwIZCLFAtTBE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 823ef8a81e53321e12a373f5fdfc732775441a65465538a785fea2e7b103243b

Request headers

Referer: https://ja.natapa.org/
Origin: https://ja.natapa.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:58:46 GMT
x-mg-request-uuid: d96d7d31-bb10-4d83-8ffc-f85ed9378a26
age: 6659337
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7403118c6816b90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8636
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTIseV80MDEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0L2YyNmQxY...
s-img.mgid.com/g/12578182/492x328/-/ 22 KB
22 KB 104ms
36ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12578182/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF81NTIseV80MDEvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMTAxOTI0L2YyNmQxY2I4YjhlNDk0MjExZDhmZmFkMmU1ZTM0ZDNkLmpwZWc.webp?v=1661417304-JZ_TehipG-zePKNxi_vDiwFm6epzn6EA908OvLxeBKU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70404e1ef36bed8361ccfbbe69fa00a7b25e9a53c0e88b41c31ac2d7c1cca7fa

Request headers

Referer: https://ja.natapa.org/
Origin: https://ja.natapa.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: HIT
last-modified: Tue, 29 Mar 2022 06:53:54 GMT
x-mg-request-uuid: f37990cb-24bf-4bc0-aca1-4263e3b2d8b1
age: 31639
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7403118c6818b90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22044
server: cloudflare

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC8zOTkwO...
s-img.mgid.com/g/13404744/492x328/-/ 16 KB
16 KB 127ms
59ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/13404744/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA2LzEwMTkyNC8zOTkwOTE4MDA2NjVjODI3Y2UwZTk3OWQ5ZGNiYzE0OC5qcGVn.webp?v=1661417304-8T0EG4ra4gCuMgoT_MwWP6bkFtQeRd86cEBjV85ia_M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a909934afd4725a7d1cd9279f1955b4c73656f9b170e3784bad0873f6c4f38

Request headers

Referer: https://ja.natapa.org/
Origin: https://ja.natapa.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: HIT
last-modified: Fri, 01 Jul 2022 07:18:11 GMT
x-mg-request-uuid: 8e662f46-ee2a-4e43-9214-d992a84c3392
age: 4755945
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7403118c681db90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16432
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc.webp
s-img.mgid.com/g/4039678/492x328/0x83x640x426/ 35 KB
35 KB 103ms
36ms Image
image/webp 104.19.133.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4039678/492x328/0x83x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzZkMTExMmMxNDU2YzNlMTJjNmNmOThkNTBiOTkzYWU0LmpwZWc.webp?v=1661417304-vAxehgwaKTYidBVhgNWj7BVaO2pe4v-D5dey_sJ8_48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.133.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9209d48b4a8d865429efe3b68bc26eb71b47b22f06caa91aedce506dc4725a

Request headers

Referer: https://ja.natapa.org/
Origin: https://ja.natapa.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: HIT
last-modified: Thu, 11 Nov 2021 15:56:10 GMT
x-mg-request-uuid: af3fd913-3845-4144-8ab2-d0187594a65a
age: 6656890
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7403118c6819b90f-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35542
server: cloudflare

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
232 B 121ms
120ms Image
image/gif 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=162
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403118c0a2c41bc-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H3 200 BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C4A 36 KB
14 KB 103ms
39ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BcUHUABoavvpRAX3o-C5BfAq8AHsMXRVb9HgeqDHxZ8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:45:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 199
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14190
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 08:45:06 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 0
38 B 136ms
121ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1661417304955863840224
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7403118c2f5ab969-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame B94B 0
102 B 119ms
117ms Script
application/javascript 104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1661417304968403697871
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7403118c2f57b969-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/161673/7165/ 209 KB
67 KB 122ms
31ms Script
application/javascript 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/161673/7165/pwt.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 8c9bbe742162fa5293b477b57ff3dee85206b67553d0a448a672ca207edf3760

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 07:25:33 GMT
server: Apache
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=49073
accept-ranges: bytes
content-type: application/javascript
content-length: 67841
expires: Thu, 25 Aug 2022 22:26:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 35A1 0
0 105ms
65ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022082302&jk=3075341488024043&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 43 KB
13 KB 124ms
40ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/f/o/fondoperlaterra.org.1228643.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 3255
x-amz-server-side-encryption: AES256
x-amz-request-id: 40E6WHH7PVR1JRYW
x-amz-id-2: rvH40Wp7b5Se1UEo8lBpvu5OF4pD4Dq+4OV1kurhpuJrk/mjFFvXV9KycV4ZYC+tIwU8x4x2WzM=
last-modified: Tue, 23 Aug 2022 08:57:12 GMT
server: cloudflare
etag: W/"bc3c521f89b11aa48366adef8a4f24e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7403118cbda190a2-FRA

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1951 0
0 80ms
80ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ckw65WDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBO8BT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqcOGYpNBTah_eqwK4XCzGeVG2kYGnV13Gws1zsyXZxq2C358g7xfgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=Kd-c2ZR0mHU&uach_m=[UACH]&cid=CAQSLQCsnQUx06k4OSlTY3ph8ti0YQ7pwQi-fpqneWE8X4KEIG1SLT_P6t7TUmjeTxgB
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 mraidSideBridge.js Show response
cdn.optoutadvertising.com/script/ Frame 1951 9 KB
9 KB 256ms
44ms Script
text/javascript 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optoutadvertising.com/script/mraidSideBridge.js
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: cab978077b37c9a0d5feffbc9507ad58429e486f37249e0e9f4d1edad30d2724

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=gcJIiQ==, md5=opLcIy+AgKG1PpQRBS+8hw==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycdttYDH_5qFrxJAP47SADdSDu8FDIVcOiI3wQdBk1PBUpBY6ysQ--bi_hMpxw-mfha2w201F9Yq8mje34b82fUVtwBxClw
x-goog-storage-class: STANDARD
akamai-mon-iucid-del: 1170827
content-length: 8921
last-modified: Tue, 07 Dec 2021 14:44:09 GMT
server: UploadServer
etag: "a292dc232f8080a1b53e9411052fbc87"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=24364116
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Sat, 03 Jun 2023 08:37:01 GMT

GET
H/1.0

502
Bad Gateway

AdXUserMatcher.fcgi
um.adscience.nl/cgi-bin/ Frame 1951
Redirect Chain

https://rtb7.adscience.nl/cgi-bin/hnAdX2.fcgi?price=Ywc3WAAJDkcH_YcqAA6XFa-oM8PT9NWGEesjVw&campaignid=19203&bid_id=63073758000AE2A807FD86947E00EC43_1&consent=
https://cm.g.doubleclick.net/pixel?google_nid=opt_out_advertising&google_cm&external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_hm=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09
https://um.adscience.nl/cgi-bin/AdXUserMatcher.fcgi?external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_gid=CAESEOaXKopE9Xo7d4-JQRKPYhw&google_cver=1

0
0

228ms
32ms

Image
text/html

193.70.56.179
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://um.adscience.nl/cgi-bin/AdXUserMatcher.fcgi?external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_gid=CAESEOaXKopE9Xo7d4-JQRKPYhw&google_cver=1
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.0
Server: 193.70.56.179 , France, ASN16276 (OVH, FR),
Reverse DNS: ip179.ip-193-70-56.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.adscience.nl/cgi-bin/AdXUserMatcher.fcgi?external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_gid=CAESEOaXKopE9Xo7d4-JQRKPYhw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 359
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 viewability.js Show response
cdn.optoutadvertising.com/script/ Frame 1951 4 KB
5 KB 254ms
43ms Script
text/javascript 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optoutadvertising.com/script/viewability.js
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 39c85f8460fb85bd067ca83dbfdf057b73161650aa21f04fac887b8ad25c98c3

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=cCl+Vg==, md5=CONYI6XFI54pPihuDnJToA==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycdsYDYVxquyIS8JvU49InjRNZvo9Ag2duR4F-EIDmlcoTr1_BnFJ8qe7182Er9t0KzOYfbv-A2l0Wugb_rQFGas
x-goog-storage-class: STANDARD
akamai-mon-iucid-del: 1170827
content-length: 4188
last-modified: Tue, 07 Dec 2021 14:49:30 GMT
server: UploadServer
etag: "08e35823a5c5239e293e286e0e7253a0"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=9007310
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Wed, 07 Dec 2022 14:50:15 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 1951 3 KB
1 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:37:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1951 140 KB
44 KB 1837ms
1751ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 08:48:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 1951 17 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:46:35 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1951 22 KB
7 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 06:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 525454
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 19 Aug 2023 06:50:51 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 112ms
25ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.natapa.org%2F&domain=ja.natapa.org&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ja.natapa.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1103
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.natapa.org%2F&domain=ja.natapa.org&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=BXxwkXxBZ0Vpa3FIdjZOWTR4b2w4c1lnaUluUDlCNjAxNVpCMHpEV1h1c1VvbFpFc3lrZE5uUjY2L0kvNkpXKzZSeEdzdUtmVUlTdFRrb1hMdDZmalJNQjhlRHBLVnJsVkZkQTUvT0plMzM4TUpVTTc4dDc1amxoQ0twTk...

345 B
618 B

308ms
104ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=BXxwkXxBZ0Vpa3FIdjZOWTR4b2w4c1lnaUluUDlCNjAxNVpCMHpEV1h1c1VvbFpFc3lrZE5uUjY2L0kvNkpXKzZSeEdzdUtmVUlTdFRrb1hMdDZmalJNQjhlRHBLVnJsVkZkQTUvT0plMzM4TUpVTTc4dDc1amxoQ0twTkJzY2g0cGt0TS81YmpVY24zK2kzYjJXNERhRlZKdVZrc3hmcFdVYzUvalJoREsrWS9Gc1kyWUY4SC9qNXg2TVZhK0VsMFl3M2xobm1LUnczYktRREcyS0V1K1Q3VHhDWHJkWjNvYzdTZ1JxRWQ3d1dUMk5ZPXw&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

0dfd0957506a73a6f324d7319734dc847d25ce0b8d292bab0d7b17be682c67ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2631
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:24 GMT
location: https://mug.criteo.com/sid?cpp=BXxwkXxBZ0Vpa3FIdjZOWTR4b2w4c1lnaUluUDlCNjAxNVpCMHpEV1h1c1VvbFpFc3lrZE5uUjY2L0kvNkpXKzZSeEdzdUtmVUlTdFRrb1hMdDZmalJNQjhlRHBLVnJsVkZkQTUvT0plMzM4TUpVTTc4dDc1amxoQ0twTkJzY2g0cGt0TS81YmpVY24zK2kzYjJXNERhRlZKdVZrc3hmcFdVYzUvalJoREsrWS9Gc1kyWUY4SC9qNXg2TVZhK0VsMFl3M2xobm1LUnczYktRREcyS0V1K1Q3VHhDWHJkWjNvYzdTZ1JxRWQ3d1dUMk5ZPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1417
content-length: 482
expires: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
327 B 119ms
32ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lb.eu-1-id5-sync.com/lb/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3203177.ip-141-95-33.eu
Software: /
Resource Hash: b0ca4483aae7c364715d8d950a5a512465c9d5705ab506b4700cf15ea9dcd4b7

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.natapa.org
date: Thu, 25 Aug 2022 08:48:24 GMT
transfer-encoding: chunked
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type: application/json;charset=UTF-8

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5C4A 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qbXkww
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 container.html Show response
a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4BB9 6 KB
3 KB 35ms
32ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: Fri, 25 Aug 2023 08:48:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 4BB9 2 KB
1 KB 201ms
29ms Stylesheet
text/css 2a00:1450:400e:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Aug 2022 07:35:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Aug 2022 08:48:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Aug 2022 08:48:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4BB9 2 KB
902 B 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:40:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 496
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:40:09 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 4BB9 0
0 76ms
76ms Fetch
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C9BzxWDcHY77UNK6k9u8PjcOG2A_ngcLra_mk4MqxEPmip46yMBABIKqAwyJgkYSghYwYoAGC_vHeA8gBCakCb8k-9JrBsD7gAgCoAwHIA8sEqgTtAU_QVDVLVLyg80tJEZdPrlrr-lXa2hdQWI_j_2TQGp9Ob88zizgTV1li53dyfEHMrY5qUWsKgAmMQjiC1alEoW6PY6z6UqQKDo9WwhIuYnFkFH2teZRckvk9Nw6tccyJWqKjev2CFCMaYicxOCRgqNFihaGgbd-GQJlbzEzkhzjcbOXyfQWa_ZrNfwmT_gkMrbzTPWTo1ZzDRYB1dJHNntr4WaugmX6xOzE5-5bOtzDLWtU8CTBBljLlT-38VfWx_U8sbXecw1KEOtVnJ4t3RPmf1APhlk7iv7MnE6a6RHciszYK2LFxaoGDAbnmZsAE1bvHo_QD4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-aBjiGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQsbwF0ggSCIjhgBAQARgdMgOqggE6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4gAoDyAsB2BML0BUBmBYBgBcBshceChwIABIUcHViLTU1MTIzOTA3MDUxMzc1MDcYku8h&sigh=ZBYP84EaDgk&uach_m=[UACH]&template_id=494
Requested by: Host: ja.natapa.org
URL: https://ja.natapa.org/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 4BB9 23 KB
9 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:39:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 549
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:39:16 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4BB9 3 KB
1 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:37:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 4BB9 17 KB
7 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:46:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4BB9 0
0 217ms
41ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQa7jo1Ez_pjLHi1X_hMr6LXrcfzhOD_Q6Asu3Isft-dvOabvsNSB1I3iZzyvGV92TdgiqQQ9iEv6FunOrCtr6Dn70gcA
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4BB9 140 KB
43 KB 1648ms
1647ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 08:48:26 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 4BB9 33 KB
14 KB 207ms
30ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H2 200 index.html Show response
cdn.optoutadvertising.com/prod/display/77661// Frame E722 3 KB
4 KB 43ms
42ms Document
text/html 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: ef079280d21ad674b835a85e4260b046487bb49025558136c2a8eeca93ef86db

Request headers

Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: origin,range,hdntl,hdnts
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
access-control-max-age: 86400
akamai-mon-iucid-del: 1170827
cache-control: private, max-age=31463703
content-length: 3416
content-type: text/html
date: Thu, 25 Aug 2022 08:48:25 GMT
etag: "ff106eb6ded7c61a6945d2d8eca34637"
expires: Thu, 24 Aug 2023 12:43:28 GMT
last-modified: Wed, 24 Aug 2022 12:43:55 GMT
server: UploadServer
x-goog-generation: 1661345035026945
x-goog-hash: crc32c=5s5sHA== md5=/xButt7XxhppRdLY7KNGNw==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 3416
x-guploader-uploadid: ADPycdtkRiE0FFqQ-OUTi8uAJqgLjncK6rIdo9z9uscK-ViBZccCMIDvNgPYIvCMM92BHMRVDF-Ue47EfaV_X-qyX2y93w

GET
H/1.1 200
OK viewable
views.adscience.nl/ Frame 1951 43 B
107 B 201ms
32ms Image
image/gif 51.255.118.95
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.adscience.nl/viewable?bid_id=63073758000AE2A807FD86947E00EC43_1&ssp=AdX&event=measurable&m=2
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 51.255.118.95 , France, ASN16276 (OVH, FR),
Reverse DNS: ip95.ip-51-255-118.eu
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-length: 43
content-type: image/gif

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4BB9 24 KB
24 KB 217ms
47ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR3HWIKszWn9Qos02ULbbBerKc0sTh5w_fAqCcyJF8DzlIkon4&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf0626431bb0f33179432cdf9828ffe728520b6ef4f9654c05651ec9022853f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 22:23:07 GMT
x-content-type-options: nosniff
age: 296718
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 12:05:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 22:23:07 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4BB9 16 KB
16 KB 210ms
41ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRGWppK-tjLK46SeLVzOdIJ7szlKcEyJ4wtU1V6SCVeO1h1buKn4GWUhXW4dw&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

facfbcb8b8dd1dccf03b8f62ce64aed298bb3bb9834aec977a8c3062430ff8fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:06:13 GMT
x-content-type-options: nosniff
age: 34932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
last-modified: Fri, 21 Aug 2020 10:20:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Aug 2023 23:06:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4BB9 26 KB
26 KB 200ms
31ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQWaxzyuf2NhJkBta9RDIho7Jr4H--cdUbzuy9PrqYdEqI5h3gt6Gg-b-j7HA&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

211d6fc7bd7dcb9613f9995876de0650e179c8fcd2f8cd6afb7805c3ea331434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 05:40:19 GMT
x-content-type-options: nosniff
age: 443286
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26195
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 12:05:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 05:40:19 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4BB9 15 KB
15 KB 204ms
35ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRvM1iVjDdjqSqxM1sIVMdGWD54xTqQCgbFY7Ini7-Hdz0y06sB8t_5NfOpFA&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2024aa102d71ee7da423b6bdba6342692dd1dd3847cd5647096463622b2b1fc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:06:13 GMT
x-content-type-options: nosniff
age: 34932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14935
x-xss-protection: 0
last-modified: Sun, 03 Mar 2019 10:21:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Aug 2023 23:06:13 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 4BB9 19 KB
20 KB 201ms
33ms Image
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTVuFL5z6fUQNRGQqjq5rJQ3J5XUFjCfWXxN666XmX8Sg9KoQiwt2rIyQfNvrk&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

218efb850d39da8bde11a78ff93a377c21f7234a7185b5a0af9718b97d429908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:06:13 GMT
x-content-type-options: nosniff
age: 34932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19832
x-xss-protection: 0
last-modified: Fri, 19 Jun 2020 19:20:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 24 Aug 2023 23:06:13 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4BB9 17 KB
18 KB 201ms
32ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTAeYZr_dth-FUJlugC69t0Po7h4uwX6cICv2xLDhLvwu815rVz&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfd61d00e6398f0462577b61965c50f3c0cac4f9fe42cd1be6a3108b78137235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 22:08:50 GMT
x-content-type-options: nosniff
age: 470375
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17520
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 12:07:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 19 Aug 2023 22:08:50 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 4BB9 16 KB
16 KB 237ms
69ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT-6uoGodvglGNN79KMkvwd5V293Y34BZTQa521c52mkXbQSZX7pb6zj-DlSw&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6d16ca5a0855293a11ed8cc284b74bdf097abb1b4b5443da252d4a6b8c1ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 23:16:27 GMT
x-content-type-options: nosniff
age: 379918
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16456
x-xss-protection: 0
last-modified: Thu, 20 Aug 2020 12:05:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 23:16:27 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 4BB9 22 KB
23 KB 246ms
78ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTajVFMhlQNoDgdV8mYedQDiEWXl-eLniQdsEDhwv1jjUQWV2Mw3d12KxwdjUQ&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae4bfaf9839a380674f9b60c0983b92b55d4aaccd05b232fd207b65d04de56b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 22:19:50 GMT
x-content-type-options: nosniff
age: 296915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22972
x-xss-protection: 0
last-modified: Sat, 16 Feb 2019 06:40:15 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 21 Aug 2023 22:19:50 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 4BB9 7 KB
7 KB 228ms
60ms Image
image/png 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTpW9-NrNJWu7SQGiZFw5ofPc9x_mirHjSYHi5famIZVMwSDfTo&usqp=CAI

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c077f3a6e6c9d761a09f655e0e12f6d9baaf8b5fdd2ddeb2f03297511f478bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 09:11:16 GMT
x-content-type-options: nosniff
age: 171429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7110
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 10:31:20 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 23 Aug 2023 09:11:16 GMT

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
623 B 166ms
35ms XHR
application/json 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

c89bcdebee6dc2242b44fba0dc0469d7f7a8aa994b5a79a31e4bc1ee5ab03364

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ja.natapa.org
date: Thu, 25 Aug 2022 08:48:25 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 4BB9 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f672105141175e892c496cc1848ec07e59eaa289ab9a3e4f0debf3cee5775351

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 83CB 6 KB
3 KB 33ms
31ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022082302.js?cb=31069153

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:48:24 GMT
expires: Fri, 25 Aug 2023 08:48:24 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 515ms
100ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 25 Aug 2022 08:48:25 GMT
expires: 0
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 236072
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 mraid.js Show response
cdn.optoutadvertising.com/script/ Frame E722 9 KB
9 KB 52ms
46ms Script
text/javascript 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optoutadvertising.com/script/mraid.js
Requested by: Host: cdn.optoutadvertising.com
URL: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 7c373f6cfd428eec140958b98a1e7e45986f900b6dde3c75a2fde3bbec493a01

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=N3bqJA==, md5=R9fvv7vqO2oEehoXWMdP/Q==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycdt_8yNF39GzmN9_hWb3gPXQ2zrNhCsAWKdXk8vjPiZMdN5QTkr_XLZK0vJjYtFGeWjPg12rNUi5cdjpSkRk1GagLFQZow
x-goog-storage-class: STANDARD
akamai-mon-iucid-del: 1170827
content-length: 8745
last-modified: Tue, 07 Dec 2021 14:43:24 GMT
server: UploadServer
etag: "47d7efbfbbea3b6a047a1a1758c74ffd"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=12558165
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Tue, 17 Jan 2023 17:11:10 GMT

GET
H2 200 adscience_dynamic_banner.js Show response
cdn.optoutadvertising.com/script/ Frame E722 12 KB
13 KB 54ms
46ms Script
text/javascript 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optoutadvertising.com/script/adscience_dynamic_banner.js
Requested by: Host: cdn.optoutadvertising.com
URL: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 424d3d4fdffc74c5412122be43f54e41b5fe5a5477a6410db80f0c680dc1cde2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=CXZoAA==, md5=xi3OIWrqr54LnssEpGwDYQ==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycduljya_G-vtqUEV1SdTvuSHvAAg-s3yFAQNjw0SQqcnRk7JFyJXxvkTSAtte2F4oAH7AsxTwetDYu0FLL7LsDg
x-goog-storage-class: STANDARD
akamai-mon-iucid-del: 1170827
content-length: 12165
last-modified: Tue, 22 Feb 2022 11:25:37 GMT
server: UploadServer
etag: "c62dce216aeaaf9e0b9ecb04a46c0361"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=18572562
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Tue, 28 Mar 2023 07:51:07 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E722 236 KB
63 KB 152ms
44ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: cdn.optoutadvertising.com
URL: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.optoutadvertising.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 25 Aug 2022 08:48:25 GMT

GET
H2 200 Grease_banner_HTML5_hPage_300x600px.js Show response
cdn.optoutadvertising.com/prod/display/77661// Frame E722 43 KB
44 KB 57ms
50ms Script
application/javascript 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.optoutadvertising.com/prod/display/77661//Grease_banner_HTML5_hPage_300x600px.js
Requested by: Host: cdn.optoutadvertising.com
URL: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 14e05df0d2bfb0d9daffae622c14272e307f32552385b06e33460bbe0fd87df7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=9cS3Vg==, md5=1DreEEUDO28CQw/VHDhDVg==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycdtR5A2CnVV63WQ_VVa2FjGg2IuOFCXWUAMoInYnnrL5vib6OeYpIB6ZZzHL6fWrLW7YNk2Qh_ErVYA1manx6sIDwFWnDg8u
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
akamai-mon-iucid-del: 1170827
content-length: 44368
last-modified: Wed, 24 Aug 2022 12:43:55 GMT
server: UploadServer
etag: "d43ade1045033b6f02430fd51c384356"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
x-goog-generation: 1661345035108023
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=31463741
access-control-allow-credentials: true
x-goog-stored-content-length: 44368
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Thu, 24 Aug 2023 12:44:06 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3A71 624 B
474 B 88ms
79ms Document
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLWwChD6s57xAxje_qHRATAB&v=APEucNV9pnlqTBnIVc5CYVRblEnehq9lELvAqU8pOTzokm9jDpZqeAw66HFKx7kvTEloDBR8DjP0fezHDEhHtx_-qUxO5r8SCkAdjFMZgJ3qQdJBb3AFBnAR43uY6QPQMIWx5p53y-LLVdeQ9tu5e8_oxfQIPUtx81am9PXPkOgHdriW4mzNEHoJQDFEgoLsziqGJgJ3fPBU9jfx9HVNcdibqSlrxpE6ZA

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Aug 2022 08:48:25 GMT
expires: Thu, 25 Aug 2022 08:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 83CB 80 KB
34 KB 79ms
71ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CplhdObo3oaPu1d9ySx1pSXuZ4yMrmeyYLGalplytT4Hi2ZkFxj3Jjq-PZ31va6ndaaaa3OMDnqTJd78JZhXAUrUs0kQ&cry=1&dbm_d=AKAmf-Dsh9a0WSSKdrNZ8xQdw-0IRdPAp3ZSFc2EtWi5f0l8W0qPWu1e6KKBu6ITWFqP9nPnbBawIvzthrmlYuBjl2eU0iMXSEp96LuWvYLXLFR8v_kcWb52yjyGzK4aPI1--jIhGgZiGFtbLZj6tHX8k39AuF9OQy8AmeiV2FnYhBBwSVlTfe3UVWOfJvQqWA-_AIGZVkPwSws6ngbdWoqD91XyHOKeCtj7RLaupQYVYy_js-LGoGhVxn1SrmpeBNr6uW5yLf6LnZdOG4y12une-ho2YLazDG0tcsedNURCNyjnfgGUZxFju8CJuU8Ms_nS5B3KT4DSTIXhF8zDJzm3VN6BoKNuUAvjR0i0J6UzYO6be3SDGnAshu0kHZxzEVKtmeoD7I_cx1LfRqVCFcFtKh76Saw0JSDbRFvRxv2X3G7mlWZG_mT5xOGCMVM5sjBW0wejHATt8QDHgjK9CjVzyFRoJBEOTt5zOejYFErjmeew0FsX9h5KyNQM-Yu19otWyQV1TQ8KW8mveAru4MG5X3PTaACBAHDTgcBpiYV0VIrPLMyiekdIDO36ZSE2nXjQivjXbXGGArriqC_WACOcBdtbiKFgVNxgDnp8YTVvDE_fIXhFWO8ojFhxIav07pSrJcVj6xfc3bSnlSxHgBH00F0UFyRb_nRKEadzrfpT6ROm-n7bJ6LlFrDCnlhekNx9YxudzSxtovdyPWiMgqGwop0eJtpAMKD5vSYTe_cdgfDAOW1tXvYf2Z6X0WCLTTWMNzY92QTdfBAuVGCZb72Hqku57uEp6LoAHC_kkzTNDuYrldM2iQy2UACBeNuZKHl4cPyjJDQ3H5zA2WtJ1TVVCDHQ-e5Wpfg5bEe5aScIBP63ZPt1T29wQRfdfBkSK5K-dz0cM0KCDSc3yz0k2_a5cHYdd_q2Om1bwaxiuqy1DcBOKykOORVGbuIP26XHh5WZAQd5j171MZhm9gjxThpSSMp0YWUSYfYTc4sUQc5eQvkvjYspN4jDBUMWx5o5KYKIOCVUeoFWJji_brhYCvb44lE_gXCROPJ0Rf0Ydwe5BFpOgaTU_uxgC0Yp5bl562dDuXv_3mefF3x9SOP-SNKJUaUFGHx7EWFJxrnXOLshhDv3jSbj54Lmo-1bqCKYE-denO5vUHnwK-Stc7QWhQbUg5q0ZXvIZ7TiJ3MGS4U8_jXoCgzqnWhzQglYYJLfxCim_EfbRc6C7Lo3iPDuizAQollQPCqgThYnfX5hKJAol3QmDF3zuXXDGfJeWfMZpGT3KmZaQZrBXwnXS_Rs7kiTStlIH4tAGBc4d8zd7CRCEJyhe4RHyjuu5Ljvz6h37EiMgbEHqJjXG31W2MY33_llEVrzudJr2tyLOhrUbc4XkqLutMY58RR9IVdgKIx8rjObelNZhen4ylNFgYKfJ9XRm69XqscAZaJWyCJvpbnkCvW6fStc_yLL9w0fgiUiN708CC9Fizlh1rXfNWIzNp-szenJ_gYDemMToCPtMVL-7Q_A5MCMZDi1RoTdU3V6fkX2RIAfDjxV6ClI9NvRlE_Thx_KGhNFMuQRJwRYGNnHJCz5mi4z3tX5g7NwlweCs7Ko516nPOkEh-a2LUnpVeyJk7mxMNKVixVkNbkAYxBirAIj4D8VjK-O_d_KRm7ywWXYwU_RCgXO59FxVh0Wx9KZFeV4md7WZT0aSMOa4wJV12sq5HQpba25Zdm-8kAAstPCx01YALLetESK96Fs3qd4Hksk7inRltP3Umv6od-9Nu0dnntRito9MYn-l9aOYzhtpSOuzTs7PfXgxt_hPeaAB5VPHBxlPFVEPgBo3IloZTNLPRor4ceyeQzWwBM72tfhWmvIhvFABoqNTfBsaJXLq8etZfgXks7QFKy0trSJYNZMdNrdF6IykPC29CNyiRXaEwDGvc6EJEhVJNzNC74clP9ORPFnanTgPJtE-DaJNrlXwFNxHhwWv-uqpMTR839L4SljuPzTtV9ygkQ7brHThndhqHDzwXOEyzU-xu7TMvR_8LMS7oBpr906BJVTJENAHs5nJdPPAYbk1yNQfH3V8DKGeOh5Yp7fbDUt-3gwewGeXFqnz7ZbNL_xyAVBYzQBjE3uEwHR6_xJDdOP0CwctbifW1BwmUGuWRGnd3X0tZp3FPdkXgTWQPVkQmDioai2lfbG2z8xL2WKcy404LNHDXUi-6uZT08mY3DA4OHVWdag-cw4_6fBGbudBUP_3Ik9mqYYpZlaxvv-l6W6oKUT6e0wJS_zRbMrGPhPnPwHXqMcbb_l7kLAcxWrIJ2aXhmk4rmmoRXIAGpaIr_hvfldhlOEUvVB-4gz_O0E3bz8XXYTwSmR83M2b60SqfhgfepR2qayzgSNBo3eYrP81hw4udw7ROqlDECY5cdow2tJv0BEzckmzz1m2H4lGh7URicC3zllgrvjZiDhoAvsuXWG_QfhfgXSAwa2td7wEpQvi-N1kYfkt4K_eBoNgcUxdKH86SumKj5vwz3hSa2yQwxmDrORBCaqSgQkfGgLN88Bv2T2RNzKP1lq6Zx0FFNYhhBuNv528HLuweeRitYgVbuxm3XO-ugV4TfGbHrJ9TW_X_FW2BcNNl-yPZGEN5IZ2VV8EgaPKb-EBeqNesKsF7fnnTUlSOZr87ZTDJt-YfbOPy1MV7jZEXfRdGK23gMtBJSTuFRwcUofLiK-r7l_2Q0Mwmy3VS5lK4ESnTQYbky5jemqreWyCrgg9zK6XZvOn9kxtEbA1OIXaTAPk_GyEp7kU3FhwMGi4ZTNJWQNq3Wht8oOud_mvckJPa2bKpokMksH-DDIsaYkfrlenTy8h3SllMCbaZCTrp-bl7lIqx1CoSKBGQsLgIxv0oxrrvDEve7E2V_UOKohiLDKOqbk8p7D3DFYbOOHvn562-3TSbbSA1g17bSC0K5CiJYDZtKBtDfvzPLO9VrF8SQFGkiEgcGHkg9GVzGDhIsVWtObxpx_tCKOIJ7GQGnlIj_wG-FGseCaFQxMFRJhKUymVUpGR_Ayck71ZNcRRekH4jk7K_49u64wssG2R3U3HL7IPrsVpITxBcrPEnQnaMW1qMbEm9P20GXKxOG1JwzzxPUDW5UZFeJrT15qiwEqphJiFtCEZWrOIFPxB2CtMMJqiRFhSNvGfxVDSIwftqWTQ9FVqtMJXeVv_lorLNihu1-xndCZybtWQ5oq47v-doCnYXJzdFtQ4RK69hJspXZrI0YEFiC55Tu1rRYX3X8&cid=CAASKORoN_9r4je-FT59h9GLx2RtKRZovorvyNVY2Ps-Y82dw51cQ8Vk8o4&rfl=1%2Chttps%253A%252F%252Fja.natapa.org%252F%240

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7c56df09801b7fe134b783fea51cd196d152b5bbe3fcfbcefe6de14d600e9811

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34378
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83CB 42 B
63 B 70ms
65ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D71AkaSzsZtF--puZjfWF-y4XZaL954rjlSWJjrdJT9BLIX4C_qpzirsiNroeEO8Ipe9vdaafVs72gpnF_GAuuq3vN2uWqh2paBfkuKElmLSVFVAM

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 83CB 3 KB
1 KB 37ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:37:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 666
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:37:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 83CB 140 KB
43 KB 1441ms
1434ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 08:48:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 83CB 17 KB
7 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:46:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:46:35 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 83CB 0
0 54ms
48ms Image
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRWcFt637C-CSMTZMf_u9R3FHOQE6K2ONTWq80MIUAbYxaFfQb9a5h5znUKjoUa_vCXA5CJGMwj8YpHnEEFlpXEADKI_w
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3A71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1&C=1

43 B
948 B

66ms
65ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLWwChD6s57xAxje_qHRATAB&v=APEucNV9pnlqTBnIVc5CYVRblEnehq9lELvAqU8pOTzokm9jDpZqeAw66HFKx7kvTEloDBR8DjP0fezHDEhHtx_-qUxO5r8SCkAdjFMZgJ3qQdJBb3AFBnAR43uY6QPQMIWx5p53y-LLVdeQ9tu5e8_oxfQIPUtx81am9PXPkOgHdriW4mzNEHoJQDFEgoLsziqGJgJ3fPBU9jfx9HVNcdibqSlrxpE6ZA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740311918efab706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58uScrYrkpP%2BvTeMQI49djVbIHphGNUl8Y7yPZiGLxdlpRDYjxXH39x7XIi%2FCsVG8rWKlt3gE6iWsT3R9ldVvY7j1sEgGe1oZPHwluio%2BhgyZtkE%2B4O3BF3IFxEGkdNnUpo%2FkQLO0MyBvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

cf-ray: 740311910a0bb995-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAKoC6YfhDqsrHgwcqtn1C1Up%2FntutoenHnwVWuV6xZwUZDDWXgqVlX3LGsbSIFJJqztc%2FMG2RtiJrGn%2BHsXERR4FDffqKU97f5Pq35LiNj3z1UfyhU%2BOJR8qd%2Fv%2FM1ROFftnAHrOyvBVg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1&C=1
cache-control: no-cache
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3A71
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Ywc3WfJoCUgTQQ2UU3qdNQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1

43 B
915 B

107ms
104ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLWwChD6s57xAxje_qHRATAB&v=APEucNV9pnlqTBnIVc5CYVRblEnehq9lELvAqU8pOTzokm9jDpZqeAw66HFKx7kvTEloDBR8DjP0fezHDEhHtx_-qUxO5r8SCkAdjFMZgJ3qQdJBb3AFBnAR43uY6QPQMIWx5p53y-LLVdeQ9tu5e8_oxfQIPUtx81am9PXPkOgHdriW4mzNEHoJQDFEgoLsziqGJgJ3fPBU9jfx9HVNcdibqSlrxpE6ZA
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740311926fd7b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:26 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DWz33jfpLjWho4SV2YInmpx3iume8P%2ByddrLSv%2BqBXHPgQWjvRzHDe%2FfUQ9Xcu%2B16xhw9u2Bh558SqXkNgvpOuWemDvOxK96fUyX3JYvWEQG%2F85mEZBWzfUnloka9fLByrc7mQ7yJRA%2FOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFw_b8wh9ZXAyiiYO3U57_8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3A71
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFFjDV0LAaVfhQd_z7Qbb9s&google_cver=1

43 B
1018 B

36ms
35ms

Image
image/gif

185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFFjDV0LAaVfhQd_z7Qbb9s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLWwChD6s57xAxje_qHRATAB&v=APEucNV9pnlqTBnIVc5CYVRblEnehq9lELvAqU8pOTzokm9jDpZqeAw66HFKx7kvTEloDBR8DjP0fezHDEhHtx_-qUxO5r8SCkAdjFMZgJ3qQdJBb3AFBnAR43uY6QPQMIWx5p53y-LLVdeQ9tu5e8_oxfQIPUtx81am9PXPkOgHdriW4mzNEHoJQDFEgoLsziqGJgJ3fPBU9jfx9HVNcdibqSlrxpE6ZA

Protocol

HTTP/1.1

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:25 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4fde8052-abbd-4151-bd82-17b801069380
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFFjDV0LAaVfhQd_z7Qbb9s&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3A71
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjIxNjc3MDE5MTAyNTI4Mg%3D%3D

170 B
188 B

55ms
49ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjIxNjc3MDE5MTAyNTI4Mg%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:25 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 289c2aab-f493-405b-bce9-08a8fcf503bd
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODg1NjIxNjc3MDE5MTAyNTI4Mg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 83CB 106 KB
37 KB 157ms
48ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
Origin: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3449
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 26 Aug 2022 07:50:56 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame 83CB 8 KB
3 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CplhdObo3oaPu1d9ySx1pSXuZ4yMrmeyYLGalplytT4Hi2ZkFxj3Jjq-PZ31va6ndaaaa3OMDnqTJd78JZhXAUrUs0kQ&cry=1&dbm_d=AKAmf-Dsh9a0WSSKdrNZ8xQdw-0IRdPAp3ZSFc2EtWi5f0l8W0qPWu1e6KKBu6ITWFqP9nPnbBawIvzthrmlYuBjl2eU0iMXSEp96LuWvYLXLFR8v_kcWb52yjyGzK4aPI1--jIhGgZiGFtbLZj6tHX8k39AuF9OQy8AmeiV2FnYhBBwSVlTfe3UVWOfJvQqWA-_AIGZVkPwSws6ngbdWoqD91XyHOKeCtj7RLaupQYVYy_js-LGoGhVxn1SrmpeBNr6uW5yLf6LnZdOG4y12une-ho2YLazDG0tcsedNURCNyjnfgGUZxFju8CJuU8Ms_nS5B3KT4DSTIXhF8zDJzm3VN6BoKNuUAvjR0i0J6UzYO6be3SDGnAshu0kHZxzEVKtmeoD7I_cx1LfRqVCFcFtKh76Saw0JSDbRFvRxv2X3G7mlWZG_mT5xOGCMVM5sjBW0wejHATt8QDHgjK9CjVzyFRoJBEOTt5zOejYFErjmeew0FsX9h5KyNQM-Yu19otWyQV1TQ8KW8mveAru4MG5X3PTaACBAHDTgcBpiYV0VIrPLMyiekdIDO36ZSE2nXjQivjXbXGGArriqC_WACOcBdtbiKFgVNxgDnp8YTVvDE_fIXhFWO8ojFhxIav07pSrJcVj6xfc3bSnlSxHgBH00F0UFyRb_nRKEadzrfpT6ROm-n7bJ6LlFrDCnlhekNx9YxudzSxtovdyPWiMgqGwop0eJtpAMKD5vSYTe_cdgfDAOW1tXvYf2Z6X0WCLTTWMNzY92QTdfBAuVGCZb72Hqku57uEp6LoAHC_kkzTNDuYrldM2iQy2UACBeNuZKHl4cPyjJDQ3H5zA2WtJ1TVVCDHQ-e5Wpfg5bEe5aScIBP63ZPt1T29wQRfdfBkSK5K-dz0cM0KCDSc3yz0k2_a5cHYdd_q2Om1bwaxiuqy1DcBOKykOORVGbuIP26XHh5WZAQd5j171MZhm9gjxThpSSMp0YWUSYfYTc4sUQc5eQvkvjYspN4jDBUMWx5o5KYKIOCVUeoFWJji_brhYCvb44lE_gXCROPJ0Rf0Ydwe5BFpOgaTU_uxgC0Yp5bl562dDuXv_3mefF3x9SOP-SNKJUaUFGHx7EWFJxrnXOLshhDv3jSbj54Lmo-1bqCKYE-denO5vUHnwK-Stc7QWhQbUg5q0ZXvIZ7TiJ3MGS4U8_jXoCgzqnWhzQglYYJLfxCim_EfbRc6C7Lo3iPDuizAQollQPCqgThYnfX5hKJAol3QmDF3zuXXDGfJeWfMZpGT3KmZaQZrBXwnXS_Rs7kiTStlIH4tAGBc4d8zd7CRCEJyhe4RHyjuu5Ljvz6h37EiMgbEHqJjXG31W2MY33_llEVrzudJr2tyLOhrUbc4XkqLutMY58RR9IVdgKIx8rjObelNZhen4ylNFgYKfJ9XRm69XqscAZaJWyCJvpbnkCvW6fStc_yLL9w0fgiUiN708CC9Fizlh1rXfNWIzNp-szenJ_gYDemMToCPtMVL-7Q_A5MCMZDi1RoTdU3V6fkX2RIAfDjxV6ClI9NvRlE_Thx_KGhNFMuQRJwRYGNnHJCz5mi4z3tX5g7NwlweCs7Ko516nPOkEh-a2LUnpVeyJk7mxMNKVixVkNbkAYxBirAIj4D8VjK-O_d_KRm7ywWXYwU_RCgXO59FxVh0Wx9KZFeV4md7WZT0aSMOa4wJV12sq5HQpba25Zdm-8kAAstPCx01YALLetESK96Fs3qd4Hksk7inRltP3Umv6od-9Nu0dnntRito9MYn-l9aOYzhtpSOuzTs7PfXgxt_hPeaAB5VPHBxlPFVEPgBo3IloZTNLPRor4ceyeQzWwBM72tfhWmvIhvFABoqNTfBsaJXLq8etZfgXks7QFKy0trSJYNZMdNrdF6IykPC29CNyiRXaEwDGvc6EJEhVJNzNC74clP9ORPFnanTgPJtE-DaJNrlXwFNxHhwWv-uqpMTR839L4SljuPzTtV9ygkQ7brHThndhqHDzwXOEyzU-xu7TMvR_8LMS7oBpr906BJVTJENAHs5nJdPPAYbk1yNQfH3V8DKGeOh5Yp7fbDUt-3gwewGeXFqnz7ZbNL_xyAVBYzQBjE3uEwHR6_xJDdOP0CwctbifW1BwmUGuWRGnd3X0tZp3FPdkXgTWQPVkQmDioai2lfbG2z8xL2WKcy404LNHDXUi-6uZT08mY3DA4OHVWdag-cw4_6fBGbudBUP_3Ik9mqYYpZlaxvv-l6W6oKUT6e0wJS_zRbMrGPhPnPwHXqMcbb_l7kLAcxWrIJ2aXhmk4rmmoRXIAGpaIr_hvfldhlOEUvVB-4gz_O0E3bz8XXYTwSmR83M2b60SqfhgfepR2qayzgSNBo3eYrP81hw4udw7ROqlDECY5cdow2tJv0BEzckmzz1m2H4lGh7URicC3zllgrvjZiDhoAvsuXWG_QfhfgXSAwa2td7wEpQvi-N1kYfkt4K_eBoNgcUxdKH86SumKj5vwz3hSa2yQwxmDrORBCaqSgQkfGgLN88Bv2T2RNzKP1lq6Zx0FFNYhhBuNv528HLuweeRitYgVbuxm3XO-ugV4TfGbHrJ9TW_X_FW2BcNNl-yPZGEN5IZ2VV8EgaPKb-EBeqNesKsF7fnnTUlSOZr87ZTDJt-YfbOPy1MV7jZEXfRdGK23gMtBJSTuFRwcUofLiK-r7l_2Q0Mwmy3VS5lK4ESnTQYbky5jemqreWyCrgg9zK6XZvOn9kxtEbA1OIXaTAPk_GyEp7kU3FhwMGi4ZTNJWQNq3Wht8oOud_mvckJPa2bKpokMksH-DDIsaYkfrlenTy8h3SllMCbaZCTrp-bl7lIqx1CoSKBGQsLgIxv0oxrrvDEve7E2V_UOKohiLDKOqbk8p7D3DFYbOOHvn562-3TSbbSA1g17bSC0K5CiJYDZtKBtDfvzPLO9VrF8SQFGkiEgcGHkg9GVzGDhIsVWtObxpx_tCKOIJ7GQGnlIj_wG-FGseCaFQxMFRJhKUymVUpGR_Ayck71ZNcRRekH4jk7K_49u64wssG2R3U3HL7IPrsVpITxBcrPEnQnaMW1qMbEm9P20GXKxOG1JwzzxPUDW5UZFeJrT15qiwEqphJiFtCEZWrOIFPxB2CtMMJqiRFhSNvGfxVDSIwftqWTQ9FVqtMJXeVv_lorLNihu1-xndCZybtWQ5oq47v-doCnYXJzdFtQ4RK69hJspXZrI0YEFiC55Tu1rRYX3X8&cid=CAASKORoN_9r4je-FT59h9GLx2RtKRZovorvyNVY2Ps-Y82dw51cQ8Vk8o4&rfl=1%2Chttps%253A%252F%252Fja.natapa.org%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:41:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:41:02 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 83CB 30 KB
12 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Sep 2022 08:46:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 83CB 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 11:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163508
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 11:23:17 GMT

GET
H2 200 Grease_banner_HTML5_hPage_300x600px_atlas_P_1.png
cdn.optoutadvertising.com/prod/display/77661//images/ Frame E722 15 KB
16 KB 56ms
56ms Image
image/png 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optoutadvertising.com/prod/display/77661//images/Grease_banner_HTML5_hPage_300x600px_atlas_P_1.png?1659977709216
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: cac73814754b009aff75b0892d5e2379ad349739c26e528ab10df94e98cd8740

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=dOQ6Qw==, md5=peBB3yBXMj95iKUwGdGf3A==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycdvHzqNg_rHBBYFaCG5Q30CuTX96zZ_IdA_hLN1EmSCa8b6GXM2Ml-zEOB_OeuhwZz7JU7qYrOKsToatCvN7WGT26Oxtqe1H
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
akamai-mon-iucid-del: 1170827
content-length: 15508
last-modified: Wed, 24 Aug 2022 12:43:55 GMT
server: UploadServer
etag: "a5e041df2057323f7988a53019d19fdc"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
x-goog-generation: 1661345035416278
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=31463646
access-control-allow-credentials: true
x-goog-stored-content-length: 15508
accept-ranges: bytes
content-type: image/png
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Thu, 24 Aug 2023 12:42:31 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F34 22 KB
8 KB 46ms
32ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 70810
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 13:08:15 GMT
expires: Thu, 24 Aug 2023 13:08:15 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Grease_banner_HTML5_hPage_300x600px_atlas_NP_1.jpg
cdn.optoutadvertising.com/prod/display/77661//images/ Frame E722 81 KB
82 KB 52ms
47ms Image
image/jpeg 2a02:26f0:dc::6853:41b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.optoutadvertising.com/prod/display/77661//images/Grease_banner_HTML5_hPage_300x600px_atlas_NP_1.jpg?1659977709216
Requested by: Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc::6853:41b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: bcf392264909cb87f8434a0fdce965e12396f718b7bb5304fcb225ab417cf2c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://cdn.optoutadvertising.com/prod/display/77661//index.html?fallbackcb=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&landingPage=https%3A%2F%2Fgreasemusical.nl%2F%23speellijst%3Fr%3D%26utm_source%3Dopt%26utm_medium%3Dcpc%26utm_content%3Duitmarkt%26utm_campaign%3Dbanner&ssp=AdX&latitude=&longitude=&viewerId=1661417304-74811001&bid_id=63073758000AE2A807FD86947E00EC43_1&advertiserId=498&campaign_id=19203&substrategyId=74931&bannerId=140457&substrategyName=rotterdam%20&adframeId=63073758000AE2A807FD86947E00EC43_1&frameInterface=0&parameters=&redirectThrough=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCwviqWDcHY8ecJKqO9u8Pla66kAnJpo_zZdy2t7nVDsCNtwEQASAAYJGEoIWMGIIBF2NhLXB1Yi01NTEyMzkwNzA1MTM3NTA3oAHlx-yuAcgBCakCb8k-9JrBsD7gAgCoAwGqBPIBT9DU9HrR6nbecpxVHLWexRQEVlkUY_-Fb9DSK4ZZO9V-BsxdexmKO3TDPJLca7TmA5KkmaddpkurzwYfPPVfGmAZr0hyapCL6fboZk0GdV6nTVb15kyebfIYNr7Dx-aYed8rgLgrH9MynIhlT0BZhbjAxZ_GNuprjYKQqyx8MjfzgcUuF4SNddWO-G3QLwKTPclOajyo00YJ-Ynd4x80GOuWQDSqWfCeBbYXoQn_oHJ-rBDEtOLxytVz_7ErYl6qh4pqzKLz-ApqMuO5NkG_-H8KOWlykicLn2qomymteUVeFxt4fslK0oGaTFaqj8OsQmrgBAGABpTTgayp3sWI-QGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA8ggbYWR4LXN1YnN5bi0zNDIzNzQ4MzUwMTc1Nzk4-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3e1h5KKov3I7uNlaOssbhwf2IeHw%26client%3Dca-pub-5512390705137507%26adurl%3D&consent=&CC=false&LI=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-goog-hash: crc32c=mflHAQ==, md5=kaxCOMyvpdngrtqtWPhMsQ==
date: Thu, 25 Aug 2022 08:48:25 GMT
x-guploader-uploadid: ADPycdvs1enSzkYBoPHw0mAr2nDtMznwRMPxfP7Nz9bwFtNVldn2wkPjPnLBNgXs5rsI-p_2PIl8fMMq-l-IxZZr1mX7Vw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
akamai-mon-iucid-del: 1170827
content-length: 82807
last-modified: Wed, 24 Aug 2022 12:43:55 GMT
server: UploadServer
etag: "91ac4238ccafa5d9e0aedaad58f84cb1"
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS,HEAD,PUT
x-goog-generation: 1661345035358538
access-control-allow-origin: *
access-control-expose-headers: Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
cache-control: private, max-age=31463775
access-control-allow-credentials: true
x-goog-stored-content-length: 82807
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-headers: origin,range,hdntl,hdnts
expires: Thu, 24 Aug 2023 12:44:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 70ms
69ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022082302&jk=3075341488024043&bg=!h4SlhMDNAAYUOm8VNDo7ACkAdvg8WuulZAdk89abqxwyqwdm31WtxdUF0GFvVG3ZArdAcuzypAR_TgIAAAC_UgAAAAtoAQcKAE379TQwIeYxYC66ScHMSCckY7bA9stmdHvv9kRpYGtJZHvSeED1pq7nth6FxZ4eizAm7LaCZ68QGvMf7VNIYqgEFmNsgxwntHztqQgDA5kC1tAYWXPlWvojqJlkarrjHz2jEBNbA5F04M6pK2AWlId3GPJaNnY-U5-zIbXIvZ1_WXdHI0apCbRxJ0NSz32awDjDEPuUXVSG2zov0pJ_d1wfOnNkwD-jHI2cPTG_3rMFVrPxm3sv01k94WWmwAQJo1UrwDuySoP-yPB5H4TDIRGFoNBObDqnlj56iZ18W8BnD1-MdO-kzGgW5fRM2J_qxgPRk23pzoNkiAwujTDl9L9RLXp8QCoOL6fZbyIb4OYyUJswbLPGKVboLfy3C6okGO8PFEQtNZGazcvaa-DS6zkUbSo-b_asZCMM8SNtt4f9wznJGFuaPAdAI6bclFhxX3jpDLbiaY29wvtntJrlRuTOWZfo502y_2x2fenz0S7H5AeP479oYMAcenYUjV-Cc5vm5h0az0WK7-w0JPgKBgb3Xb8br7xiOfWWebGjuuBUTZyP4pRLlXMfAbTRpqITG7o8SqUIj7SvtT9ULJj0GYhbrK5pW3xaSzawo7qa4b6I3wr-ESUXGkoMg-FR9LbR9LTaJGiBlFs8B87Cqs6m5RDQzMRSYvHaEzahCL6Xcz1sOOWyb0LZD1un1TYciAKzEtynZl5oYgC5OYh6q6s0wJrw-aIYlKikcSxIf_uEKO0BLYhZsp0fhy6NZFrGFhKALdtbb_4oVIOIazeL6ZKMzRhekDIoDYgc6Py2OFHlJ8-iAva9I6uqZF4G9VWzBCVyM0b0FeFz5VTSIAL79fz-yKvoeM1hEKxwrtPxvlNckmL1KYlzJnQWKJJeYTrZcD6MoXw0GM8-EBgiQX04GVQE6-XlrbojY091Bweqmz5otYd9NVP-ePaaxTdYf5_VDIiIwQBzWiYtFhC44xHDAcDwNTAGuW0udJ3gi6pQjr9R_6gkVVlo4pT14udqLfDQoY-Lpl8nQH2XToHrxahiHhmfHUUIUV1NRxnG3toF2ZORX-NqW9di39nZBw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 5 KB
2 KB 105ms
30ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d707dbf94ee09c9e27784a044be679b7fbf0f85b6e193990df21a7079dac4188

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 266153
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1568
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 22 Aug 2022 06:52:32 GMT
expires: Tue, 22 Aug 2023 06:52:32 GMT
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83CB 0
622 B 179ms
80ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMXEP6DLKa7XN33gZEeFEfjSOk_bbk6kjC5rHR2CenDgJqhgiN6U2fOFpuoVkd25FuNDS0yEUMMcsren55CWDziejV0jfe_KJ25fja2owvI1oxaDal-6lU9tAQZ7bRH6I7l95KJ5CxZAzvq9w1pCW5QWDoNL0vcTKnzWEe16eXKdnGnUeWUQH7Pc8cIPYZMCiv7L9nJOdhaSa1TeNOkLhdyqMb3_RMxLrCdcfFPjjZFOUd5Fpx2NZKzGwehj7DU7dZJ-hw4pxlaSABrbW_GqypsCcH-2Q7Sgb4fcMbCJ3tw_n9_bR_yap9n6TbfAXkSWayMUdFbAnqeOMJNzib6OkyelZlNnVZPRH6MyMhxKDQckseYjhH2kddIMDfnCAZbasnYdpbkM7qpOzITkq5a3m0X-Nszk88LJf3iOtNw1qtgjJJwlNh3JtJmhNH_G6PfR7jswj1KsVkZeQFm0mbkGUZFhGW8W4O_xzFtXdWKnXN7Bm-KVRCl4y4EeDYhjP7MCsR-cjtSYZhh_BR7sRgLxt7_-ZnTuxy53hjc1PnLjrasmDK59qCfnsXkDkMQMXL4yS1DWUP6k4KA-tgZPE40cksJhZ_AK71mh1FIh5UH5q1nnh0_iZa7YptfbA5tXd0trdoONOFWoAGO6OS3qFhEcdIJS0rt7jQuh1xckS5LVHXk2gjU2V0cXLWLUirYZ8aIY4Arhdpkbghybq45hLI4mtEJcyKeZy5EFXJ3ZOzMXnQJRFF1GJW-xiHOT3djjgoD2UVVAhS5lv698JwJnBWOHK_e5qrSMIpVa9qm0-GswirlSpiAztCEjRQPpGO33QPwSWcPFd30r_gkBNaMnwXnYgUXP3G-1n01gXnPqzCFCsFsNXxnO5L-jnh0Nl5DJlKA0njwoaS32TCgTfjHLX-zg9uNEk1xmPAHuEypNvI_E4GDK4RYK6eCUhU7oTRo5W4YP-yAdOVFiX_ISYlQaodQ2Flc_gWfX6t1QhYK_HLCal8suvAAEaaZ2IJzx58Yz7iL0Ci3NXjvgSKFynsXyQ2spi_tRnSNaOZTsAycz-MPqm6KigU_FBmUKsHGM7xnE_eruaN5ChuWhCIPefHYUCtWEEku9BnC9zs4JCTNJBqr3wHrekxDb-Sjvo7-CudAJkUMtKp9Pjr6xLgEqVq5up4Tw1eENKi1iJXsmHt6RvidZmACUdxHr1Wfk6r37GXkVAIy80SZkClS3ml3PhWLarj8qePI8caKlqL7O8iPm_MD4uRMdo4qiwwwUSh1A4EfpkKUCARfkRP1Q&sai=AMfl-YTnarPa0Q3oyTEiF7PNzX0Mb6hx7dWii1WSPBsGQzrIB5KVe-3apsp23uxdTGjt6keJmV6vPo3wKg72SbWk7csehi87g4ZsQ2IpUwfwM_wjFT2oBqs3BRvNFY7IDaqGVob6-k9hQwBYTnqPMyAbauPgi9pj5O9fzuMlMv4xAqj2SFP2N6xSt9yF9IZJL25yoWdIlxBJTdms1MVsxwTP-XLfPzGC-J8trQ&sig=Cg0ArKJSzAfLFHJ0Noy_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=202&cbvp=1&cstd=198&cisv=r20220822.86689&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 25 Aug 2022 08:48:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F34 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294626
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 22:57:59 GMT

GET
H3 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/ Frame EE1C 112 KB
33 KB 35ms
32ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 54350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33383
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c0ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e8%2FFjw7x9EbSj8Z64tblWERO89%2BxNu8K0VtPddpk1xXCso3BvoM3AB%2BL2fheRl5NfQB82kc8P8mqqGeBcsELolNFc%2F0Z7YUu1CZU47y8U7l19gvqCp%2BcjAzidfV18oD%2BNUqGGxMBsfwjNP%2F6VeH5x8ST"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 740311925ffab7e8-AMS
expires: Tue, 15 Aug 2023 08:48:25 GMT

GET
H3 200 srbundle.js Show response
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 37 KB
11 KB 34ms
31ms Script
application/x-javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/srbundle.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f35cb41b9372166d096339a3fd77955081f4d6e2ff0ef87af32ea9b1d059cc96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11662
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F34 0
20 B 70ms
69ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8kbBWTcHY-iTIcie3gOQ-oU4AAAAADgB4AQC&bg=!mpmlmd3NAAYUOm8VNDo7ACkAdvg8WoXnaXV5_vLqHo165M0WzfBe_3G82GrPHlmOxhXLWH-jKogGXwIAAACsUgAAAANoAQeZAyt9VaNfzMHwL7uPeanDP6pdxP5NMsG65mjTBsedKNvOQoBkID6jkm324yRG9i4d9li-8AssvXPUa4e9OqAGGGpbMSTDasxFL48t5HiqHXuxK90CzW0zgXUbQZPh6lL9mdUVmZsQ1yKk_oKqroz5xDTInYatEdG0TqXZHlD_5LwaxjtgKQfsiwFW0yUJKhGaXKTe_ajxervt0YYVqFsYjIV_2OctXyOwuAF_2TqrFUlrc_bL5lCnrFP3fyO_gCY_h1wFOseOhRnWf-F9XZRDBz4TxelAGPNXQAyjUifitUDR4husFtMO_Gpu3Q2tzpXrMgo3MU3i3BlZXXLhMjImoRJQYmZ00HV2Eq_sf_E1rUBTqHTwGTaMZmrcJp1r9DZ_GGRR8a084NlNuIaEK5GSQMySjyJzE6uYjXBePUkX0n6DqYCKnrkucNJLOlJjo-2fD_t_E7m8RikwS4Jvnsye1Aq9K8Duv0LQKYIl1pPgB2Qtc0-4SMVI0m57BdWJ4geKvebYaGixecnq_URbFe0ciXimOyoKmGd358utZ51gjOmr2IIJq_DSLdW1fvwCuYl-VZzvkuHRLkO-1O7iYeG_HH_0AN9E54Xi29fSkjQQU4Zm8lFpBGVWHf5zuoZaLDD8SSJxgOK1lKoaxkl_icFPclTF2cCBjk8JJwhvm0o1aPF9x6z7kXFN3iDGCCwunjzu8LuUSb9PPgzmiD4j6wgcWXboTFJhxQTXElq7stfEyOTDGFBZ7z4-CuoLS099XUkK1gjp-s0haWHOLntM9b-4o3DuMJpAyLdtUbe1Ceq2rtdvEZxFRrkiA_5b-Gr5k-Wi5lkEJIS04zVb1SEln6qVvH5A6vhIyvRWNABZvS7swlk2E5uyizguNndWNOt_X4fjZYZQFZQVyjHU8e__OYIE3LKmPAIEUTObmw0ustKirvDM4d0Z4SazQ9Boj7QFi5-nDxqV2MifMc_QkCy14k85v1v6SonDaY3Rqzz8ww2MLqVKjGTcOkvpk2v_FxxeXdDzYD6T6Bql_nrhOXhtAykF5Zac6fXQdPOUahw_CCZa4cX3Q4q5MGWaulzO18_-

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 83CB 0
26 B 148ms
86ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssMXEP6DLKa7XN33gZEeFEfjSOk_bbk6kjC5rHR2CenDgJqhgiN6U2fOFpuoVkd25FuNDS0yEUMMcsren55CWDziejV0jfe_KJ25fja2owvI1oxaDal-6lU9tAQZ7bRH6I7l95KJ5CxZAzvq9w1pCW5QWDoNL0vcTKnzWEe16eXKdnGnUeWUQH7Pc8cIPYZMCiv7L9nJOdhaSa1TeNOkLhdyqMb3_RMxLrCdcfFPjjZFOUd5Fpx2NZKzGwehj7DU7dZJ-hw4pxlaSABrbW_GqypsCcH-2Q7Sgb4fcMbCJ3tw_n9_bR_yap9n6TbfAXkSWayMUdFbAnqeOMJNzib6OkyelZlNnVZPRH6MyMhxKDQckseYjhH2kddIMDfnCAZbasnYdpbkM7qpOzITkq5a3m0X-Nszk88LJf3iOtNw1qtgjJJwlNh3JtJmhNH_G6PfR7jswj1KsVkZeQFm0mbkGUZFhGW8W4O_xzFtXdWKnXN7Bm-KVRCl4y4EeDYhjP7MCsR-cjtSYZhh_BR7sRgLxt7_-ZnTuxy53hjc1PnLjrasmDK59qCfnsXkDkMQMXL4yS1DWUP6k4KA-tgZPE40cksJhZ_AK71mh1FIh5UH5q1nnh0_iZa7YptfbA5tXd0trdoONOFWoAGO6OS3qFhEcdIJS0rt7jQuh1xckS5LVHXk2gjU2V0cXLWLUirYZ8aIY4Arhdpkbghybq45hLI4mtEJcyKeZy5EFXJ3ZOzMXnQJRFF1GJW-xiHOT3djjgoD2UVVAhS5lv698JwJnBWOHK_e5qrSMIpVa9qm0-GswirlSpiAztCEjRQPpGO33QPwSWcPFd30r_gkBNaMnwXnYgUXP3G-1n01gXnPqzCFCsFsNXxnO5L-jnh0Nl5DJlKA0njwoaS32TCgTfjHLX-zg9uNEk1xmPAHuEypNvI_E4GDK4RYK6eCUhU7oTRo5W4YP-yAdOVFiX_ISYlQaodQ2Flc_gWfX6t1QhYK_HLCal8suvAAEaaZ2IJzx58Yz7iL0Ci3NXjvgSKFynsXyQ2spi_tRnSNaOZTsAycz-MPqm6KigU_FBmUKsHGM7xnE_eruaN5ChuWhCIPefHYUCtWEEku9BnC9zs4JCTNJBqr3wHrekxDb-Sjvo7-CudAJkUMtKp9Pjr6xLgEqVq5up4Tw1eENKi1iJXsmHt6RvidZmACUdxHr1Wfk6r37GXkVAIy80SZkClS3ml3PhWLarj8qePI8caKlqL7O8iPm_MD4uRMdo4qiwwwUSh1A4EfpkKUCARfkRP1Q&sai=AMfl-YTnarPa0Q3oyTEiF7PNzX0Mb6hx7dWii1WSPBsGQzrIB5KVe-3apsp23uxdTGjt6keJmV6vPo3wKg72SbWk7csehi87g4ZsQ2IpUwfwM_wjFT2oBqs3BRvNFY7IDaqGVob6-k9hQwBYTnqPMyAbauPgi9pj5O9fzuMlMv4xAqj2SFP2N6xSt9yF9IZJL25yoWdIlxBJTdms1MVsxwTP-XLfPzGC-J8trQ&sig=Cg0ArKJSzAfLFHJ0Noy_EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=482&vt=11&dtpt=280&dett=3&cstd=198&cisv=r20220822.86689&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Aug 2022 08:48:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 noedisplaybold.woff
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 40 KB
40 KB 33ms
32ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/noedisplaybold.woff

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

723fb6f5dd664b347820f8ce34a8192f01ae2cd99df7525e3b1056ba6632b8d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
x-content-type-options: nosniff
age: 266154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41408
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
H3 200 nsbold.woff
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 52 KB
53 KB 47ms
47ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/nsbold.woff

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3db42d6eb77612e36b2d54f42633e0e318a38390d87ae4d943a4d74960b7891c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
x-content-type-options: nosniff
age: 266154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53732
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
H3 200 nsregular.woff
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 52 KB
52 KB 60ms
59ms Font
font/woff 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/nsregular.woff

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74c44c842e8f4b717964aa579c3c356f454e44dc09db500956e8d28f9bd7c1e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
x-content-type-options: nosniff
age: 266154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53092
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
H3 200 arrow.png
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 235 B
262 B 57ms
32ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/arrow.png

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14612b39ac66cd78e248b7a58a2a2e9cddc3b36b51c042f81e73de91c74049b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
x-content-type-options: nosniff
age: 266154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 1 KB
1 KB 58ms
33ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/logo.png

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04f5b0baa2dd929b083a4a420d2922dbdc3c98f4371f397ea4145b5776cf034

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
x-content-type-options: nosniff
age: 266154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1287
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
H3 200 freek.png
s0.2mdn.net/sadbundle/5421953796483842048/ Frame EE1C 67 KB
67 KB 62ms
37ms Image
image/png 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5421953796483842048/freek.png

Requested by

Host: a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
URL: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c71a717b55556a64b9c54411058a3f8a75b2574968fb1c63e8cc8a63c50017b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5421953796483842048/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 06:52:32 GMT
x-content-type-options: nosniff
age: 266154
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68768
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 08:46:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 22 Aug 2023 06:52:32 GMT

GET
DATA 200
OK truncated
/ Frame 1951 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe95788e61b950261b9bb28f78f4eb5ad908853427545cb7bac74bd1267856f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 83CB 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: decbfed2411ffa74056dfaa776e609f39575c76e51f2e1241d05b833227bc32f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4BB9 20 KB
21 KB 111ms
31ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 124539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 22:12:48 GMT

GET
H3 200 oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js Show response
pagead2.googlesyndication.com/bg/ Frame 941D 36 KB
14 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oORtDv9EbGDZJqtoCU6ZUa1h2CU5mRmZpTeRJMx0_5U.js

Requested by

Host: ja.natapa.org
URL: https://ja.natapa.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 22:57:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 294628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14118
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 22:57:59 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 25ms
25ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.natapa.org%2F&domain=ja.natapa.org&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ja.natapa.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 25 Aug 2022 08:48:27 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1105
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fja.natapa.org%2F&domain=ja.natapa.org&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=-yPlJHw3TDJ1NWNScktYSUhyV1BXZC9kbEpNcnVVRzVodmF6dmd2enZmazRwL0pjZVRwTVo5bndzVVVudzBNMHRtTStuc1E3QytjNDF6eTdTWTU5dDZZZ09CaWd4K09ya2pUTU14TkNodFljZDhOQ290eFNqZENxQ0lVcH...

344 B
612 B

103ms
103ms

XHR
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=-yPlJHw3TDJ1NWNScktYSUhyV1BXZC9kbEpNcnVVRzVodmF6dmd2enZmazRwL0pjZVRwTVo5bndzVVVudzBNMHRtTStuc1E3QytjNDF6eTdTWTU5dDZZZ09CaWd4K09ya2pUTU14TkNodFljZDhOQ290eFNqZENxQ0lVcHNUSU1hSThxa3JqZnZIOG9jcVdNMHR2TDRQVmYydWpRUzFUSG5keFhGdkpWT1U2KzBtM2Q4Y3B0a2lGdVRkam5HeXNzME5Gd0NSM3I0NnB4V2pXUXBUNlJ1OVBRSUlSUGUvWGN1RThZMFR1MlZNRW9KVlRJPXw&cppv=2

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

2372967afdc4c252aa3892cce9bf3d2257bc170767d9103b3430cdb233dbe71d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ja.natapa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2736
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:26 GMT
location: https://mug.criteo.com/sid?cpp=-yPlJHw3TDJ1NWNScktYSUhyV1BXZC9kbEpNcnVVRzVodmF6dmd2enZmazRwL0pjZVRwTVo5bndzVVVudzBNMHRtTStuc1E3QytjNDF6eTdTWTU5dDZZZ09CaWd4K09ya2pUTU14TkNodFljZDhOQ290eFNqZENxQ0lVcHNUSU1hSThxa3JqZnZIOG9jcVdNMHR2TDRQVmYydWpRUzFUSG5keFhGdkpWT1U2KzBtM2Q4Y3B0a2lGdVRkam5HeXNzME5Gd0NSM3I0NnB4V2pXUXBUNlJ1OVBRSUlSUGUvWGN1RThZMFR1MlZNRW9KVlRJPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ja.natapa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1582
content-length: 482
expires: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
388 B 127ms
40ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 66242ddb5240d7f9aa086c134a3fafe33c31d007d1820df8a5d8ae1faf1ab516

Request headers

Referer: https://ja.natapa.org/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ja.natapa.org
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sat, 24 Sep 2022 08:48:27 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame F8E8 0
0 33ms
33ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661417304300&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 /
onetag-sys.com/usync/ Frame 0895 0
0 33ms
32ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661417304299&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 4672 4 KB
953 B 136ms
123ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 188acb3e3ace2fb32e19ca9b22cbee1acd41df861e2020c63a5c823ed154aae8

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7403119c2ed89b76-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 25 Aug 2022 08:48:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame E06F 477 B
410 B 56ms
55ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 08:48:27 GMT
last-modified: Tue, 23 Aug 2022 14:02:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 204 /
onetag-sys.com/usync/ Frame 6FDE 0
0 32ms
32ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1661417304299&gdpr=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 43B2 52 KB
17 KB 300ms
95ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 14410
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 25 Aug 2022 08:48:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 18088
X-Served-By: cache-lga13624-LGA, cache-ewr18157-EWR
X-Timer: S1661417308.773357,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3895 52 KB
17 KB 300ms
95ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 14410
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 25 Aug 2022 08:48:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 18119
X-Served-By: cache-lga13624-LGA, cache-ewr18181-EWR
X-Timer: S1661417308.773418,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 08AE 52 KB
17 KB 298ms
94ms Document
text/html 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 14410
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Thu, 25 Aug 2022 08:48:27 GMT
ETag: W/"623de86a-cf34"
Expires: Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 17992
X-Served-By: cache-lga13624-LGA, cache-ewr18175-EWR
X-Timer: S1661417308.772981,VS0,VE0

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame CD88 4 KB
962 B 128ms
121ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79218f714263c152401276d1bed69125f25b17332539a4f01641a047bd8a3cb1

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7403119c2ed59b76-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 25 Aug 2022 08:48:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 8DDE 477 B
319 B 53ms
53ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 08:48:27 GMT
last-modified: Tue, 23 Aug 2022 14:02:12 GMT
server: nginx
vary: Accept-Encoding

GET
H2 200 pbjs Show response
sync.quantumdex.io/usersync/ Frame 192A 4 KB
1 KB 122ms
116ms Document
text/html 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.quantumdex.io/usersync/pbjs
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae26015651a0b4007235931d423720cf216185784561ed01ce6b331097b11318

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 7403119c2ed79b76-FRA
content-encoding: gzip
content-type: text/html
date: Thu, 25 Aug 2022 08:48:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 2560 477 B
319 B 52ms
52ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid6.23.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: 636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer: https://ja.natapa.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
content-length: 281
content-type: text/html; charset=utf-8
date: Thu, 25 Aug 2022 08:48:27 GMT
last-modified: Tue, 23 Aug 2022 14:02:12 GMT
server: nginx
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 102ms
102ms Preflight
application/json 74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 25 Aug 2022 08:48:27 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1144
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame E06F 45 KB
16 KB 237ms
104ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: f3c9d2011adabacbed31726954036c0a46df96156dcf537e45b272fc86356e22

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 13:16:56 GMT
server: nginx
etag: W/"2adb54fb633101dcd7bcc44a53b591ab"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 8DDE 45 KB
16 KB 227ms
104ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: f3c9d2011adabacbed31726954036c0a46df96156dcf537e45b272fc86356e22

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 13:16:56 GMT
server: nginx
etag: W/"2adb54fb633101dcd7bcc44a53b591ab"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib6/ Frame 2560 45 KB
16 KB 225ms
105ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: f3c9d2011adabacbed31726954036c0a46df96156dcf537e45b272fc86356e22

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 13:16:56 GMT
server: nginx
etag: W/"2adb54fb633101dcd7bcc44a53b591ab"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

setuid
sync.quantumdex.io/ Frame 192A
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
95 B

124ms
121ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e29f69b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 25 Aug 2022 08:48:27 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
x-mnet-hl2: E
expires: Thu, 25 Aug 2022 08:48:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 192A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A

43 B
118 B

120ms
120ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119fcc619b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A
date: Thu, 25 Aug 2022 08:48:28 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
sync.quantumdex.io/ Frame 192A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282

43 B
106 B

124ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119d28829b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:27 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 311ff5d9-96f0-4263-9ea0-2b8fc095c794
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 /
s.ad.smaato.net/c/ Frame 192A 0
239 B 113ms
32ms Image
text/plain 2600:9000:20eb:1800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: V9qeIsLMIH5zhgI2DOwS-MJeLHcfa9l1zX67ZXppQSV0sveRJnBhpw==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame 192A
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79

43 B
95 B

123ms
121ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e3a089b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H/1.1

200
OK

us
sync.go.sonobi.com/ Frame 192A
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHV...

0
498 B

453ms
106ms

Image
text/plain

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-64
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 192A 0
34 B 121ms
32ms Image
text/plain 3.127.128.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.128.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-128-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 192A 0
277 B 102ms
26ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 08:48:27 GMT
access-control-allow-credentials: true
x-sovrn-pod: ad_ap5ams1
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 192A 43 B
1 KB 33ms
32ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 29A1 15 KB
6 KB 33ms
32ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=97039
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 26 Aug 2022 11:45:46 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 9D54 1 KB
2 KB 146ms
81ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cf149c4e0272ee7520c680172e8d8d8530f1445abb8e2b30dae2540f4b7b68

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7403119d6d200c5d-AMS
content-encoding: br
content-type: text/html
date: Thu, 25 Aug 2022 08:48:27 GMT
dropped-udsids: 241|39|230|73|90|8|111|17
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=16XKHCvU2Pi%2Feun8ecoO%2BnQ99FYhFKV73aTwg4DpOQ3cM%2FoS6D9T71pMDEsP3Lw5BNTJ8hTkchC2sCrRwUEkmOY1uLFpsTxESxU0ChQjs6xkIycAqgCcf1ZWZ%2FUqnyrnPCaqFuyZ3UFpBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 14EE
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
424 B

68ms
44ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:27 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 25 Aug 2022 08:48:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 204 /
onetag-sys.com/usync/ Frame 14D3 0
0 33ms
32ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame DA77 0
0 122ms
23ms Document
text/plain 213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT

GET
H/1.1

200
OK

us
sync.go.sonobi.com/ Frame CD88
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHV...

0
498 B

460ms
114ms

Image
text/plain

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-7-18
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame CD88 0
34 B 117ms
32ms Image
text/plain 3.127.128.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.128.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-128-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame CD88 0
277 B 94ms
26ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 08:48:27 GMT
access-control-allow-credentials: true
x-sovrn-pod: ad_ap5ams1
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD88
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282

43 B
95 B

122ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119d38979b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:27 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: e0f0ffad-d9f0-4eab-af2a-233062ecfd31
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame CD88 43 B
1 KB 60ms
33ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD88
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
95 B

124ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e3a0c9b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 25 Aug 2022 08:48:27 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
x-mnet-hl2: E
expires: Thu, 25 Aug 2022 08:48:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD88
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A

43 B
95 B

122ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119fcc5e9b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-1082O35E2uGhCgGtLBDAznGWb7aLecTNXMPHC.4-~A
date: Thu, 25 Aug 2022 08:48:28 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 /
s.ad.smaato.net/c/ Frame CD88 0
239 B 103ms
33ms Image
text/plain 2600:9000:20eb:1800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: PkYH4isCK-ZXa9hn_kNCj1xYuybdr1XczQzL78TKedRZPb8PoAV9rA==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

setuid
sync.quantumdex.io/ Frame CD88
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79

43 B
95 B

124ms
122ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e3a0a9b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4672
Redirect Chain

https://ups.analytics.yahoo.com/ups/58424/occ
https://ups.analytics.yahoo.com/ups/58424/occ?verify=true
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-zoTfFchE2uEAKLSWo_T5VU86rtaI9KIi8AyvIEk-~A

43 B
95 B

121ms
121ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-zoTfFchE2uEAKLSWo_T5VU86rtaI9KIi8AyvIEk-~A
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119fdc699b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-zoTfFchE2uEAKLSWo_T5VU86rtaI9KIi8AyvIEk-~A
date: Thu, 25 Aug 2022 08:48:28 GMT
server: ATS/9.1.10.25
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 /
s.ad.smaato.net/c/ Frame 4672 0
239 B 106ms
33ms Image
text/plain 2600:9000:20eb:1800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsmaato%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: KtIGhHIxL6x0WV5AytrMbRMxLJd3ojZtpDL6LXlhvWMTe1ljHE2e5w==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H/1.1 200 0.gif
id5-sync.com/i/495/ Frame 4672 43 B
1 KB 90ms
34ms Image
image/gif 141.95.98.64
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.64 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216658.ip-141-95-98.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: image/gif;charset=UTF-8
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"

GET
H/1.1

200
OK

us
sync.go.sonobi.com/ Frame 4672
Redirect Chain

https://ssp.disqus.com/redirectuser/?partner=valueimpression&r=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dzeta-global%26uid%3DBUYERUID
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHV...

0
498 B

461ms
114ms

Image
text/plain

69.166.1.10
AS-XFERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

HTTP/1.1

Server

69.166.1.10 , United States, ASN27630 (AS-XFERNET, US),

Reverse DNS

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-73
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0xMjIwY2E3Ny02NmU3LTNhNTItODhkMS1mOGE4YmIwMTQyZWUqYGh0dHBzOi8vc3luYy5xdWFudHVtZGV4LmlvL3NldHVpZD9iaWRkZXI9emV0YS1nbG9iYWwmdWlkPXVhLTEyMjBjYTc3LTY2ZTctM2E1Mi04OGQxLWY4YThiYjAxNDJlZTIBEjgB
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
cache-control: no-store
content-length: 0
vary: origin
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 4672 0
277 B 89ms
26ms Image
text/plain 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 08:48:27 GMT
access-control-allow-credentials: true
x-sovrn-pod: ad_ap5ams1
access-control-allow-headers: X-Requested-With, Content-Type
access-control-allow-methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4672
Redirect Chain

https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dmedianet%26uid%3D%3C...
https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA

43 B
95 B

125ms
125ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119dd9909b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 25 Aug 2022 08:48:27 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location: https://sync.quantumdex.io/setuid?bidder=medianet&uid=0000EEA
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
x-mnet-hl2: E
expires: Thu, 25 Aug 2022 08:48:27 GMT

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 4672 0
35 B 106ms
31ms Image
text/plain 3.127.128.58
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.128.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-128-58.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4672
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282

43 B
95 B

125ms
124ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119d48b99b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:27 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 562aa460-877d-4ec0-b4d1-e8a4bdde622b
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.quantumdex.io/setuid?bidder=appnexus&uid=8856216770191025282
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
sync.quantumdex.io/ Frame 4672
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43894&callback_url=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dbetween%26uid%3D%24%7BUSER_ID%7D&crf=1
https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79

43 B
95 B

124ms
123ms

Image
image/gif

2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sync.quantumdex.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e3a0d9b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

Redirect headers

location: https://sync.quantumdex.io/setuid?bidder=between&uid=59ebbe0d-f767-52ed-8587-9c22e680ab79
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 204 /
onetag-sys.com/usync/ Frame B341 0
0 33ms
32ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame C96E 0
0 117ms
24ms Document
text/plain 213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame E467 2 KB
1 KB 137ms
82ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4aef5a383cf53bab2eaf72d0f03802c1a88ef3b4306789834012b8656b23010e

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7403119d6d230c5d-AMS
content-encoding: br
content-type: text/html
date: Thu, 25 Aug 2022 08:48:27 GMT
dropped-udsids: 230|241|39|46|152|65|13|24
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSuLEBBs1h99CZPYSq%2B0mSsJeMap85T3QxYf9RuJGqR0g39OXOCagsIS9jDLSb2ki85HkzEFPiBhpSR58XZ3wZC5FgrKDoYBRGqFQIO3RURgvswAdJHXegfC9OcAgiEa9LsUqGWXALGb9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 164C 15 KB
6 KB 33ms
31ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=97039
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 26 Aug 2022 11:45:46 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 3CB3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
424 B

65ms
43ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:27 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 25 Aug 2022 08:48:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 5E19 15 KB
6 KB 33ms
32ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=97039
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:27 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 26 Aug 2022 11:45:46 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 9030
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-valueimpression&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east

281 B
424 B

62ms
42ms

Document
text/html

104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Thu, 25 Aug 2022 08:48:27 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
unused62: 8096267
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 25 Aug 2022 08:48:27 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
server: AkamaiGHost

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 8418 2 KB
1 KB 158ms
108ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33f8a588fe3a37f42d271e15edf7cb949c0bb1aa50ca55f00f0d356742989b9e

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7403119d6d240c5d-AMS
content-encoding: br
content-type: text/html
date: Thu, 25 Aug 2022 08:48:27 GMT
dropped-udsids: 206|88|3|130|81|46|13|241
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhkoGTSS61kXtQUR%2FLP1IaX%2BpzSD20p70d7PvydbQUr%2F5rij9pauNdEePQ2LTifUMpF57BmSjB%2BZikcS%2Bt7345VVCu%2B6whtyqrz0VG0Pc6vrKVmHoX%2B2RwdQ8aNAEnI2vnnUbbZYS%2FMtqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 204 pbsync
usermatch.targeting.unrulymedia.com/ Frame B5B2 0
0 109ms
24ms Document
text/plain 213.19.147.45
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://usermatch.targeting.unrulymedia.com/pbsync?gdpr=${GDPR}&consent=${GDPR_CONSENT}&us_privacy=${US_PRIVACY}&rurl=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%24UID
Requested by: Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.45 Beverwijk, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 2098 0
0 32ms
32ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=2bb78272a859ca6

Requested by

Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/pbjs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://sync.quantumdex.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 29A1 0
42 B 175ms
29ms Script
text/plain 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=22820126&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:26 GMT
content-length: 0

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 9D54
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: AVG88F8DQW4SD5T3M59S
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 8YPTA779VPNFQJSFH71R
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 9D54 70 B
264 B 40ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 9D54 170 B
188 B 47ms
45ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9D54 43 B
992 B 145ms
45ms Image
image/gif 2a05:d018:d29:3605:a43d:cfec:dc69:3aee
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB?gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3605:a43d:cfec:dc69:3aee Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

204

no_match_opted_out
um.simpli.fi/ Frame 9D54
Redirect Chain

https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
https://um.simpli.fi/no_match_opted_out

0
272 B

24ms
24ms

Image
text/plain

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/no_match_opted_out

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 25 Aug 2022 08:48:27 GMT
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS

Redirect headers

date: Thu, 25 Aug 2022 08:48:27 GMT
x-content-type-options: nosniff
server: nginx
location: /no_match_opted_out
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Wed, 24 Aug 2022 08:48:27 GMT

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9D54
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=161b6d3c-f28e-4aab-80af-e9037e64f023&expiration=1692953308

43 B
912 B

65ms
65ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=161b6d3c-f28e-4aab-80af-e9037e64f023&expiration=1692953308
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740311a01d85b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuL36G323T291BSsm758M6iRJBtD8I00egQxqOZNQAEC5GziaBWy1koGFlpQwPcUSt%2FJqsqI2DYUhAMJMmeFPMOr0WbmvHlMd9mtzTTFEvZcJCsf%2B382mo%2FFW9zg0%2FgN6qUz8IF0miT%2BTg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=161b6d3c-f28e-4aab-80af-e9037e64f023&expiration=1692953308
Date: Thu, 25 Aug 2022 08:48:28 GMT
Server: Kestrel
Connection: keep-alive
Content-Length: 0

GET
H2 403 match
c1.adform.net/serving/cookie/ Frame 9D54 0
331 B 121ms
36ms Image
text/plain 37.157.6.248
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=29&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.248 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 9D54
Redirect Chain

https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1

43 B
908 B

58ms
57ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740311a0ee56b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ip7RzJiSJBCViln986mLmWyNbQDnf3UXp%2FXLtW81TokBLo8Z7TkQMXfg2a2paWR136uy1A70KxKMs%2B71insiHnPcZcvJgVzl441Bc2TYfMf77IwCKu2Qj1qmGsb6%2FJvagb%2BWnMfh6bbNpA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=&gdpr=1
Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 106
Content-Type: text/html; charset=utf-8

GET
H2 200 setuid
sync.quantumdex.io/ Frame 9D54 43 B
95 B 121ms
120ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e29f89b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame E467 170 B
188 B 42ms
41ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame E467
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

43 B
645 B

103ms
103ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: MVZG77KBDDBPYD4H7TJJ
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 1AXR3H2JM9CWJ7KN9PEC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame E467 70 B
264 B 42ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame E467 0
0 75ms
24ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E467
Redirect Chain

https://sync.extend.tv/r.gif?exchange=index
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1275e157-5747-434d-9908-ff4fab4845dd

43 B
914 B

58ms
57ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1275e157-5747-434d-9908-ff4fab4845dd
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740311a0fe65b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ty%2Bl%2B2g8IczF5n95qaKFsrc7rqWns3nP6u2ZM%2F7EjNKEneT3kGqnObc6%2FOvW4Rh09um2VaXuvd0WtOS78JZSGTyeuPl4MNKRzO6%2Ba8u06%2FzLqD4LymM3uOpbrx6z03B%2FvhwuTqIYZiLwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=1275e157-5747-434d-9908-ff4fab4845dd
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: keep-alive
Content-Length: 132
Expires: Tue, 29 May 1984 15:00:00 GMT

GET
H2

200

rum
dsum.casalemedia.com/ Frame E467
Redirect Chain

https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661503707&gdpr=1

43 B
943 B

139ms
68ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661503707&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7403119f6a1b1ead-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=852i829%2BGejgBRYn20GnbWeufjJ961%2BsUxgFQpz0mJ85i9fOPICmIS02exdMDTLP738pEJUiMuuq%2FBvnSyv5EVGqZjnjUaJbOjjxvoUlgGda7WEwZBmtNHeN0WLm47yeSrOezh2M"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1661503707&gdpr=1
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:27 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
content-length: 0
expires: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame E467
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
907 B

58ms
58ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7403119f0c80b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5L9YFNy0FltrZH2wGS5A8HYceANW1As1nM5LrJuii7bNuO8Z9dJ16wcSlkUixSWVk%2FMXMqM8G820mRSPHVC8t%2BEg8sfRxxkUKUNLbXc4mZU90Lq6gwSgZy5Ld4Qpz1kBwz00WvgK5gbigw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Thu, 25 Aug 2022 08:48:27 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame E467
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=1&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f389f684-c063-4f45-bf07-3b4ecaba5200&us_privacy=null&gdpr_consent=null&gdpr=1

43 B
562 B

58ms
58ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f389f684-c063-4f45-bf07-3b4ecaba5200&us_privacy=null&gdpr_consent=null&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkpNqrJIYNkaCJx1eis883ASoy9%2FdfjoFU%2BLJaaj2YyLtrz9EAwdYwK6%2BNd6bER0RQyKmKEibwet6RhjOW1P2fXACqAAA7Sp5kvidIvXRz%2Fc660MCSCCv%2FDQSnPpAkVzaAJDSVCILIaovg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache
cf-ray: 7403119eec5eb706-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=f389f684-c063-4f45-bf07-3b4ecaba5200&us_privacy=null&gdpr_consent=null&gdpr=1
cf-ray: 7403119e9f94b704-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 setuid
sync.quantumdex.io/ Frame E467 43 B
95 B 125ms
124ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e3a0b9b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 08AE 0
745 B 24ms
24ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:27 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 55dff2e4-3606-4da4-9cf8-a4ad7e62dce1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 43B2 0
745 B 24ms
24ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:27 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0e1261af-da78-471e-8d5d-a03bf521e4cd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3895 0
745 B 25ms
24ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:27 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6dbc49a6-7a5b-48e8-9d2a-3fef3777f14f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 sync
ups.analytics.yahoo.com/ups/55940/ Frame 8418 0
15 B 139ms
104ms Image
text/plain 52.45.33.138
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-33-138.compute-1.amazonaws.com

Software

ATS/9.1.10.25 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
server: ATS/9.1.10.25
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8418
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1&_test=Ywc3XAAI_Q0L6wBC
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ywc3XAAI_Q0L6wBC&gdpr=1&_test=Ywc3XAAI_Q0L6wBC

43 B
911 B

64ms
63ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ywc3XAAI_Q0L6wBC&gdpr=1&_test=Ywc3XAAI_Q0L6wBC
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 740311a10e7ab706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GqBLkhaLVX51WOQeCJx2wq7kRyC3Y%2FsBPAt6IlQTO3txbhGKYJz%2FHqgKDdKZ6HmGHU9sT4PnxhKXGo0nB5yTy7XRYCbxUgYc17JyO1IVjtp7iFW8rL7bvnwJFYNtWHNSQJ8kLf%2BTz7yHHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1661417308.261966,VS0,VE0
x-served-by: cache-ewr18157-EWR
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Ywc3XAAI_Q0L6wBC&gdpr=1&_test=Ywc3XAAI_Q0L6wBC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8418
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=735e6307-375b-4600-9919-57ee08801d8b&gdpr=1&gdpr_consent=

43 B
917 B

60ms
59ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=735e6307-375b-4600-9919-57ee08801d8b&gdpr=1&gdpr_consent=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7403119efc76b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jrZhr8l%2Bwh8W9%2BXb45BRdO%2FFrwR0tOYBm2rPV%2BovIJjrj5lQMt4XX8s3f9lBQTfPTNdaQ%2B5oqPRkEbyaZP2zCyIm0TDAfSI9ioDchd2i8KHKgOFK6CbopSUJXl2FFR5%2FiabKNW%2BuajAE%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Date: Thu, 25 Aug 2022 08:48:27 GMT
Server: MT3 4494 7cf1da7 master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=735e6307-375b-4600-9919-57ee08801d8b&gdpr=1&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 25 Aug 2022 08:48:26 GMT

GET
H/1.1 200
OK ie
match.prod.bidr.io/cookie-sync/ Frame 8418 43 B
430 B 173ms
40ms Image
image/gif 52.19.186.186
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/ie?gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.19.186.186 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-186-186.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8418
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=KTOvNiw3qmIyMK9lfDWyMH42qGQyMahnLTacz90w

43 B
912 B

72ms
72ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=KTOvNiw3qmIyMK9lfDWyMH42qGQyMahnLTacz90w
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7403119f3caeb706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BIayr4JcvPEiSSQ4vFK57glysE6G8iP56hqE%2BDApb1kVsXR82UbIODI8lDUIPXgzM%2FM8f5TeC9STRPEIN9OAOH9Lh9M%2BLFSF4we5j%2FGn2hGYIJ7IvOZcJzWSBCDhRdzY050yJtH3eLVWTA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=KTOvNiw3qmIyMK9lfDWyMH42qGQyMahnLTacz90w
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 400
Request failed due to privacy signals getuid
secure.adnxs.com/ Frame 8418 0
0 81ms
33ms Image
text/html 185.89.210.153
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.89.210.153 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 943.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3

200

crum
dsum-sec.casalemedia.com/ Frame 8418
Redirect Chain

https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1

43 B
908 B

63ms
63ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 7403119f0c82b706-AMS
pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eSAmtXp0nal8jeoyUz9ypPavDVeDnDxPIAYPGLAfwwZ1uXAt2QGAfbPJU2whCjE3GsZOc9rnoliUI%2F%2F4%2FxTOS8TD0rHj91crqikjBN7apM9qupze8wcbLmtURbYkYIE%2FEAjpu1ofAtfaA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date: Thu, 25 Aug 2022 08:48:27 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 0
vary: Origin
keep-alive: timeout=5

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 8418
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

43 B
645 B

104ms
104ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: D9B1BJPA5PS82SJDXQF6
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: T2GVZDR841REHRHBRRAC
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 setuid
sync.quantumdex.io/ Frame 8418 43 B
95 B 125ms
125ms Image
image/gif 2606:4700:10::ac43:2ac9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.quantumdex.io/setuid?bidder=ix&uid=Ywc3WfJoCUgTQQ2UU3qdNQAAFCsAAAAB
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2ac9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7403119e5a3a9b76-FRA
content-length: 43
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 9030 31 KB
9 KB 42ms
42ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 20:46:18 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=71171
content-type: text/html; charset=UTF-8
content-length: 9377
expires: Fri, 26 Aug 2022 04:34:38 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 3CB3 31 KB
9 KB 43ms
43ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 20:46:18 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=71171
content-type: text/html; charset=UTF-8
content-length: 9377
expires: Fri, 26 Aug 2022 04:34:38 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 14EE 31 KB
9 KB 47ms
47ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 08:48:27 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 20:46:18 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=71171
content-type: text/html; charset=UTF-8
content-length: 9377
expires: Fri, 26 Aug 2022 04:34:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 9030 284 B
536 B 142ms
35ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3CB3 284 B
536 B 132ms
35ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 14EE 284 B
536 B 131ms
34ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 83CB 42 B
64 B 132ms
69ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssKSoSoQEqfVZMlKZ6mSsQcF4zpWZ576Pp9IJ21gPDoI-_mX0mYngMkVvOFZiReMROhOX58Y_rgJ7aXkgymzu_fw7cBbP1x_ike-MIsvuk5-zxHPSMc2bwRNYmht9_GGOuVeu1hhb4&sai=AMfl-YSXxYj8hbXLbFfVgjcP0hbZRVevA_108BR2G97--hqmyl_dPa3nB_XRSIrT6OqoC3O5hcAFsUf1nkqumpASh2t2r6Njph4e3siXpXfU9vA9aB3_9HKQGEQ9TqmIx5sj&sig=Cg0ArKJSzFY06Aqpc5YOEAE&cid=CAASKORoN_9r4je-FT59h9GLx2RtKRZovorvyNVY2Ps-Y82dw51cQ8Vk8o4&id=lidar2&mcvt=1000&p=406,315,656,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4168635629&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661417305437&rpt=1539&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4BB9 42 B
64 B 86ms
70ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiXN_Gfw-kXp9Lq7aUDuca-cgCCMK01c1ktMZOE0vyZmqWOkd4cxLq0kJ7IBOzWibQVZ2pC-1ns_nbTwCTkFg1Agpr8pcy3QPBPyeXRL09x7MVb31V5XqHNMHETsPRRmf9vq8KWfQ&sai=AMfl-YRtEFW-W2rX9qLUl4T9d8iJj9Jr7nyCBpltuvs0i49SRDdByHgXtZAkuF4S6v9VDnFiAzoQkudlQ3I0He-WQWaQbLc2h2n-XaOPaCcCvgdtSVqBFisXEFDNz2EgaR0j&sig=Cg0ArKJSzKao86k25iw-EAE&id=lidar2&mcvt=1000&p=1100,315,1200,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2075362144&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661417305232&rpt=1794&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Aug 2022 08:48:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 9030 0
239 B 421ms
99ms Image
image/gif 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=pbs-valueimpression
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-valueimpression&endpoint=us-east
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: c3b5432477546c086cd062707f625a76
Content-Type: image/gif

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 08AE 0
745 B 24ms
23ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8c05d573-787f-410b-b9b7-f906359a24ba
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 43B2 0
745 B 24ms
23ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7607c39d-2e5b-4f68-8e50-6e366e62fba1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3895 0
745 B 23ms
23ms Script
text/html 185.89.210.141
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Aug 2022 08:48:28 GMT
X-Proxy-Origin: 31.204.150.152; 31.204.150.152; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: bf9f0b0a-5d57-4922-94ae-c52ccfd3974b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.natapa.org/	1970-01-20 14:15:53	Name: _sharedID Value: 8cdcc2ed-0635-46e2-b5df-130d93f417ca
.natapa.org/	1970-01-20 14:15:53	Name: _ym_uid Value: 1661417304771849067
.natapa.org/	1970-01-20 14:15:53	Name: _ym_d Value: 1661417304
.natapa.org/	1970-01-20 05:31:29	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 14:15:53	Name: yandexuid Value: 6724954811661417304
.yandex.ru/	1970-01-20 14:15:53	Name: yuidss Value: 6724954811661417304
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2588398251661417304
.yandex.ru/	1970-01-20 15:06:17	Name: i Value: /dJGoWO2U+XrMVECKjXsWdzKTIWL03jTKvD21Y0f6it3EXdjsWhhRBGUs6QRsq9Quc/miFPWTdTdP83rMaX1kNsmsYs=
.yandex.ru/	1970-01-20 14:15:53	Name: ymex Value: 1692953304.yrts.1661417304#1692953304.yrtsi.1661417304
.quantumdex.io/	1970-01-20 05:44:41	Name: uid Value: 88925069-8f0e-47ee-8887-741384baaa77
.adnxs.com/	1970-01-20 07:39:53	Name: icu Value: ChgIis9gEAoYASABKAEw2O6cmAY4AUABSAEQ2O6cmAYYAA..
.adnxs.com/	1970-01-20 07:39:53	Name: uuid2 Value: 8856216770191025282
.mgid.com/	1970-01-20 05:30:19	Name: __cf_bm Value: z1utGAamtW2ARZ4vcCjLrOMSxM8ALE8zrk8S0wieYYE-1661417304-0-AfrcxXksDV6aOwXQ0tGmfYhScWEvsWVsd5PkQtcZ8acmJQWoMsKauKsZvjAuH4jsmP+pUWYpchzbka7gvqf2Sns=
ja.natapa.org/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1228643%22%3A%7B%22page%22%3A1%2C%22time%22%3A1661417304933%7D%7D
.doubleclick.net/	1970-01-20 14:51:53	Name: IDE Value: AHWqTUlrVDpysZxTXYWVUozPVHaFZ6XxzIrAH9TbAgsEpAaq-_cyGCr5crjY6R6XiVk
ja.natapa.org/	1970-01-20 06:13:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.natapa.org/	1970-01-20 14:51:53	Name: __gads Value: ID=b16129f215602c90-223a1f3304ce0087:T=1661417304:S=ALNI_MZO15NY9b8MtxpFUaRsDvX89V8dYg
.adnxs.com/	1970-01-20 07:39:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVPreq<!]tbPl1M>e)ZlrFUfJ+tGXxp2BJ'uPN[J?QAFa4'<uqsPCwI2!_/#Z1JZ]N3If)y3KL9D3I?+@m'oI!
.casalemedia.com/	1970-01-20 07:39:53	Name: CMPS Value: 1122
.casalemedia.com/	1970-01-20 14:15:53	Name: CMID Value: Ywc3WfJoCUgTQQ2UU3qdNQAA
.casalemedia.com/	1970-01-20 07:39:53	Name: CMPRO Value: 5163
ja.natapa.org/	1970-01-20 14:51:53	Name: cto_bidid Value: 3zbnuV9maGpkZGpGYVdwalRqdXlBcTZ1UEtZMSUyQjM4ckwlMkZjaFFJOGt0cmpXaHF5NFhoNVBmcFhKV2p1dmZvcyUyQm9OUlg2N0lxZ0pySnJmZlA0RmpkMmVXR3lLZyUzRCUzRA
ja.natapa.org/	1970-01-20 14:51:53	Name: cto_bundle Value: l0srt182NlBYNk1MWDZoeG91RVg5U09zRzBXb2pXUDNyWTYwbkRwaFBNVzZaWG5MQzFaR1lyZDVyRlRFY3pIdDVvV0lZYWhpSVZOcUc3QWRUeUdZeDJrMHJoOGloWFVOaGglMkJNcE5Ddzljbmt6eldwWmpOMFRrVFJJVHZJbDA5SGUlMkZmcko
ja.natapa.org/	1970-01-20 14:15:53	Name: unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-25T08%3A48%3A27%22%7D
.id5-sync.com/	1970-01-20 05:30:17	Name: cf Value:
.id5-sync.com/	1970-01-20 05:30:17	Name: cip Value:
.id5-sync.com/	1970-01-20 05:30:17	Name: cnac Value:
.id5-sync.com/	1970-01-20 05:30:17	Name: car Value:
.id5-sync.com/	1970-01-20 05:30:17	Name: gdpr Value:
.id5-sync.com/	1970-01-20 05:30:17	Name: callback Value:
.ads.pubmatic.com/	1970-01-20 05:31:43	Name: KCCH Value: YES
.natapa.org/	1970-01-20 14:51:53	Name: cto_bundle Value: lYLTWl9CeFJORTlZZ1pESVBzbTJyTU5NM0tXOHFtdEwlMkJzVXlpWWtvdUZtZXZDVTNWSTYlMkZjTjlCREVaeDJFMklkcFVqaUwlMkJUR1VuTlhxY3B2SVV1TWI5S2RtcTRIY0ZMRkRoS29PU2l0WlFpbVFRQnFiQm5tMHBZbThmTiUyQkhzQTRTSXhH
.ja.natapa.org/	1970-01-20 14:51:53	Name: cto_bundle Value: lYLTWl9CeFJORTlZZ1pESVBzbTJyTU5NM0tXOHFtdEwlMkJzVXlpWWtvdUZtZXZDVTNWSTYlMkZjTjlCREVaeDJFMklkcFVqaUwlMkJUR1VuTlhxY3B2SVV1TWI5S2RtcTRIY0ZMRkRoS29PU2l0WlFpbVFRQnFiQm5tMHBZbThmTiUyQkhzQTRTSXhH
.natapa.org/	1970-01-20 14:51:53	Name: cto_bidid Value: pBlrYl9nVnJrVGdyMXd2aDhHWVRTbjZua1BORzdmTzczJTJCaWhGSGhyQWtoTURsckgxc28za0pSVTE5ZVpiRXYxRGpIYUl5YnU0T0hGeHpvTU1IMVI3UEhFZk5BJTNEJTNE
.ja.natapa.org/	1970-01-20 14:51:53	Name: cto_bidid Value: pBlrYl9nVnJrVGdyMXd2aDhHWVRTbjZua1BORzdmTzczJTJCaWhGSGhyQWtoTURsckgxc28za0pSVTE5ZVpiRXYxRGpIYUl5YnU0T0hGeHpvTU1IMVI3UEhFZk5BJTNEJTNE
.media.net/	1970-01-20 14:15:53	Name: data-pbs Value: setstatuscode~~1
.betweendigital.com/	1970-01-20 14:15:53	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 14:15:53	Name: ss Value: 1
.betweendigital.com/	1970-01-20 14:15:53	Name: tuuid Value: 59ebbe0d-f767-52ed-8587-9c22e680ab79
.casalemedia.com/	1970-01-20 05:31:43	Name: CMST Value: Ywc3W2MHN1sA
.casalemedia.com/	1970-01-20 14:15:53	Name: CMRUM3 Value: 2d6307375a05a0CAESEFw_b8wh9ZXAyiiYO3U57_8&416307375b05a0&f16307375b05a0&116307375b05a0&496307375b05a0&826307375ba8c0&5a6307375b05a0&586307375b05a0&516307375b05a0&0d6307375b05a0&086307375b05a00&2e6307375b05a0&186307375b05a0&036307375b05a0&6f6307375b05a0&ce6307375b05a0&276307375b0b40&986307375b05a00&e66307375b2760
.betweendigital.com/	1970-01-20 14:15:53	Name: ut Value: Ywc3WwAMqjDeNmsEWgRTNY8nPvBtZi-tGIjxWQ==
.simpli.fi/	1970-01-20 14:17:19	Name: suid Value: 01478BAC1C17499E87CCA491CD4ED75B
.csync.loopme.me/	1970-01-20 07:42:46	Name: viewer_token Value: f389f684-c063-4f45-bf07-3b4ecaba5200
.mathtag.com/	1970-01-20 14:56:12	Name: uuid Value: 735e6307-375b-4600-9919-57ee08801d8b
.disqus.com/	1970-01-20 14:15:53	Name: zeta-ssp-user-id Value: ua-1220ca77-66e7-3a52-88d1-f8a8bb0142ee
.quantserve.com/	1970-01-20 07:39:53	Name: d Value: ECUBDQH4JrjvsQA
.quantserve.com/	1970-01-20 15:00:31	Name: mc Value: 6307375c-00dc5-1a67e-17f26
.analytics.yahoo.com/	1970-01-20 14:15:53	Name: IDSYNC Value: 192w~26s8
.yahoo.com/	1970-01-20 14:16:14	Name: A3 Value: d=AQABBFs3B2MCEFg9BUmx4mB8gXW0YfKIBgQFEgEBAQGICGMRYwAAAAAA_eMAAA&S=AQAAAqOTqR-c5HUnoEUJt4zClkc
beacon.lynx.cognitivlabs.com/	1970-01-20 14:15:53	Name: UID Value: 161b6d3c-f28e-4aab-80af-e9037e64f023
beacon.lynx.cognitivlabs.com/	1970-01-20 14:15:53	Name: ss Value: D4MttUShaNxRh78j8QVwLaTSwOD4LQrz7jaC9F3RtYtsl7kDCwkFcQYexYeBJmAZX5bEfrGWFnZbp1aq58nWvg%3D%3D
.everesttech.net/	1970-01-20 14:15:53	Name: everest_g_v2 Value: g_surferid~Ywc3XAAI_Q0L6wBC
.casalemedia.com/	1970-01-20 07:39:53	Name: CMTS Value: 1133
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s8753\|Ywc3U

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://um.adscience.nl/cgi-bin/AdXUserMatcher.fcgi?external_user_id=Z25zWllWZGhzNkI5Yi9aTXgyOTlBdz09&google_gid=CAESEOaXKopE9Xo7d4-JQRKPYhw&google_cver=1 Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1 Message: Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network	error	URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.natapa.org
a745b1fc70da1a77bc3bef644ec183e3.safeframe.googlesyndication.com
acdn.adnxs.com
ads.betweendigital.com
ads.pubmatic.com
adservice.google.com
adservice.google.nl
adx.adform.net
ap.lijit.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
c.mgid.com
c1.adform.net
casale-match.dotomi.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.mgid.com
cdn.optoutadvertising.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.mgid.com
csync.loopme.me
dsum-sec.casalemedia.com
dsum.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbx.media.net
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
ja.natapa.org
jsc.mgid.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
mc.yandex.ru
mug.criteo.com
natapa.org
onetag-sys.com
pagead2.googlesyndication.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb7.adscience.nl
s-img.mgid.com
s.ad.smaato.net
s.amazon-adsystem.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
servicer.mgid.com
ssp.disqus.com
ssp.wp.pl
ssum-sec.casalemedia.com
std.wpcdn.pl
sync-tm.everesttech.net
sync.adotmob.com
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
token.rubiconproject.com
tpc.googlesyndication.com
um.adscience.nl
um.simpli.fi
ups.analytics.yahoo.com
useast.quantumdex.io
usermatch.targeting.unrulymedia.com
views.adscience.nl
www.bigmp3db.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
104.18.19.126
104.19.133.78
104.19.136.78
104.96.145.246
141.95.33.111
141.95.98.64
142.250.186.162
142.250.186.66
145.40.89.200
15.197.193.217
151.101.1.108
151.101.130.49
169.50.137.182
172.217.16.130
185.183.112.155
185.184.8.90
185.29.134.248
185.64.190.78
185.89.210.141
185.89.210.153
188.42.191.196
193.70.56.179
212.77.98.32
212.77.99.29
213.19.147.45
216.52.2.48
23.35.228.23
23.35.236.201
2600:9000:20eb:1800:1b:5138:8a40:93a1
2600:9000:21f3:ba00:11:a4de:2580:93a1
2606:4700:10::6816:3556
2606:4700:10::ac43:2ac9
2606:4700:20::681a:9a9
2606:4700::6811:180e
2606:4700::6813:ac6c
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2004
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:813::2001
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400e:80c::200a
2a02:2638:1::13
2a02:26f0:dc::6853:41b
2a02:6b8::1:119
2a02:fa8:8806:20::2040
2a04:4e42:200::485
2a05:d018:d29:3605:a43d:cfec:dc69:3aee
2a06:98c1:3120::3
2a06:98c1:3121::c
3.127.128.58
34.203.176.63
37.157.2.237
37.157.6.248
51.255.118.95
51.255.140.94
51.89.9.252
52.0.58.172
52.19.186.186
52.45.33.138
52.46.130.91
54.225.147.239
69.166.1.10
69.173.144.165
69.173.151.100
70.42.32.95
74.119.119.139
95.216.65.102
052ee0fa3bc67842579d3ff018737e8193838c4d1107d8a36e039b2d95a8c3e0
05c5075000686afbe94405f7a3e0b905f02af001ec3174556fd1e07aa0c7c59f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dfd0957506a73a6f324d7319734dc847d25ce0b8d292bab0d7b17be682c67ef
0eb0de09f4b625608d88083f138701f4bb6e713e6f4fb9ea3e93f285d9e10c91
111a54d2dab6f6fd83bd4e3cc76bd6d800934682226748eb38efb90d93a803d9
11e5548832c10b52134d70a26244365910409ad1facfe76e0a965537c635d14f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14612b39ac66cd78e248b7a58a2a2e9cddc3b36b51c042f81e73de91c74049b7
14e05df0d2bfb0d9daffae622c14272e307f32552385b06e33460bbe0fd87df7
15628e3ef7e4ebd062c0a91d4340ee3580ec9e4d3a03d9d87910468d27856e2f
188acb3e3ace2fb32e19ca9b22cbee1acd41df861e2020c63a5c823ed154aae8
1c58ac8244fea4ec82d42492895a69af46b21b2813a250ee37e8d94e68b2e8e9
1c71a717b55556a64b9c54411058a3f8a75b2574968fb1c63e8cc8a63c50017b
1fad176a5d119bc85863656679adf0da30c1f14da91a89972510dfde161e2e6c
2024aa102d71ee7da423b6bdba6342692dd1dd3847cd5647096463622b2b1fc4
211d6fc7bd7dcb9613f9995876de0650e179c8fcd2f8cd6afb7805c3ea331434
218efb850d39da8bde11a78ff93a377c21f7234a7185b5a0af9718b97d429908
22514cadf535d7a2911e26a09363014ff852e6dd8fe8ead7db665ffd660e65e1
2372967afdc4c252aa3892cce9bf3d2257bc170767d9103b3430cdb233dbe71d
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
257a3e4163a887521252b40b2c25489c1d1ea244771346565897104c35d15270
2d65afa87904117ffd55d03cc940148471ac936d3c7592ee30065d29fd0a1dc0
2f84f894f447cd0d91f67cd94d9e4bf760ec4878a8f27b92856f9a282820dde0
33f8a588fe3a37f42d271e15edf7cb949c0bb1aa50ca55f00f0d356742989b9e
367dd665f9afbfccfc1f77a26ca2684fa5e4023fd86735f8182580a1b492be8a
39c85f8460fb85bd067ca83dbfdf057b73161650aa21f04fac887b8ad25c98c3
3ad1d5328f776342c8d6b98ec5ddd702d4a67d4fe1fb075f497909b5e24b45f6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3db42d6eb77612e36b2d54f42633e0e318a38390d87ae4d943a4d74960b7891c
3ee6ececc4c8179a37722797e59cfde04f9834c180971d4cfe29ccc6fa88a63f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
410a1ebbf9d1ccbef11d9355a63393fcb5e51f88ca30f1f253b57abff45e0e53
424d3d4fdffc74c5412122be43f54e41b5fe5a5477a6410db80f0c680dc1cde2
43ba3be3cfd5e70dbc989bb171458166df7112cf93bfcd43038fab5049279ef4
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49907fa8e3c67675f143d2d13940ac5ebe29522c5feb70c570aab1e0c1fba2e3
4a6d16ca5a0855293a11ed8cc284b74bdf097abb1b4b5443da252d4a6b8c1ac2
4aef5a383cf53bab2eaf72d0f03802c1a88ef3b4306789834012b8656b23010e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9209d48b4a8d865429efe3b68bc26eb71b47b22f06caa91aedce506dc4725a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53c4d42182ac422c1b66be7712ee390540d6bd770e8837e3ffbf4fd657f59351
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57a2d390557bcbfee4fcf6de22dd8e18d9dbd9cf04296c86f49c5e12e2689d4b
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5fc134eff673f50443d2ed6948664638ceeff3051bf3a6d0b0634853248357f8
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
6398218ada113d563c761b5ef76593d23dcb2deef66c52b73d769030c692e34e
64458ccb54089dd078b8553cb777491ea384d5b1615cf5b49d4778113deb1329
64b45c6b59d826db6aa8567a3390c46f62503fee5a068585f096746efc4773ab
6616e73f394e4dc651d8bd6db68fcad67ff8baebf617894323d992304d13b198
66242ddb5240d7f9aa086c134a3fafe33c31d007d1820df8a5d8ae1faf1ab516
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68e7c7ae04b9dec1c359ceeaa7f89f007386e0c3c4d3fd5d520962dda12b87ce
6a3e5769b50199a784f497baed5fd808561f9eb5dd8eedc479ddad31ec9d93c0
6ad03581f05253e5b78b1e060f2a0adcf2fcfa8e4a2228f3a556aa1113a45bd5
70404e1ef36bed8361ccfbbe69fa00a7b25e9a53c0e88b41c31ac2d7c1cca7fa
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
723fb6f5dd664b347820f8ce34a8192f01ae2cd99df7525e3b1056ba6632b8d7
72bbfee7a6b83380fdc2cb0c51f0fa6d9e814b9bf654dd9e01d181efdfd0194e
74c44c842e8f4b717964aa579c3c356f454e44dc09db500956e8d28f9bd7c1e9
77b6fe453bf4160611ada0c455fc32e374bb645ed70e225087e98c041147bf5b
79218f714263c152401276d1bed69125f25b17332539a4f01641a047bd8a3cb1
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
7b5a2a0c116bf773a613ec387656bfbc218a449bd0ba2511dbdd90f0e4dfbe87
7c373f6cfd428eec140958b98a1e7e45986f900b6dde3c75a2fde3bbec493a01
7c56df09801b7fe134b783fea51cd196d152b5bbe3fcfbcefe6de14d600e9811
823ef8a81e53321e12a373f5fdfc732775441a65465538a785fea2e7b103243b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8af3a9b886c733ddd554f72902eb1d45632cf31b3ca20d0ca51b9e3804dbf40a
8c9bbe742162fa5293b477b57ff3dee85206b67553d0a448a672ca207edf3760
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fe95788e61b950261b9bb28f78f4eb5ad908853427545cb7bac74bd1267856f
93c9a45fbbace9abec7c2d674eaae2783368e9e36d7a06bcfe3588a4aff3ca3c
95a73fabccb4d1f6dc4ec4d6533f7e66ce4aa3b5f3e3fa61e1bd3ca88c74458d
96b63fd8b169d03e9e199a28f2e68bd79ec432d68aa0eab1180d9282762e0ebf
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98e9ec0829af758d87809ba5000eddfd6685214020c0cedf9f6b190513ba847a
998c8fea340735d7035ee255714187e51fdc58cd7ee12da43fffd56df861b042
9ac192e22feac750972021a8588dbbaed10ea538869ad645e97f995cc90384df
9db89ac4cb51702b44017204ac6433b53dbeada04d6fa38708263a413572e03f
9ed1030dbdff6229fa0784d3781d20c713b48611ae2faa43a93ed163b9bf3fa7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03b4c86fe824e964c2ea1fde2f35491a16e4e0314b6602c24a4499178f9728c
a04f5b0baa2dd929b083a4a420d2922dbdc3c98f4371f397ea4145b5776cf034
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e46d0eff446c60d926ab68094e9951ad61d82539991999a5379124cc74ff95
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a909934afd4725a7d1cd9279f1955b4c73656f9b170e3784bad0873f6c4f38
a51833c9266515c756e1c6483f23479a01034781a58465b10bb6520193b02958
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83d8554b9b0976fddc3d861f0de2d43ff4d4a5d0d95e9b676f49ab060f68731
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa6e7a222f4587b14bc44bdacdbd76a56f9d16c6eb20e456aa27ee1abad08727
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae26015651a0b4007235931d423720cf216185784561ed01ce6b331097b11318
ae4bfaf9839a380674f9b60c0983b92b55d4aaccd05b232fd207b65d04de56b8
b0ca4483aae7c364715d8d950a5a512465c9d5705ab506b4700cf15ea9dcd4b7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3d6775a65f3631abbaf5ece8875cc3987d776073e425c434c5e9f3c19282059
b400525eb707caf87080397f1cf9a50544dbbcae14308cc8ef19621a36f3533c
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b84b013f96e87552c524eceb1783a0add28f13e066cd7953584a7d61d3249444
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd
bcf392264909cb87f8434a0fdce965e12396f718b7bb5304fcb225ab417cf2c8
c077f3a6e6c9d761a09f655e0e12f6d9baaf8b5fdd2ddeb2f03297511f478bdb
c0cf149c4e0272ee7520c680172e8d8d8530f1445abb8e2b30dae2540f4b7b68
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36ff11970b2969b18bb7c2dce6cc9d74e8c2fd8da8cf29624c6621ea1cb097a
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c41afdc5c3672d7e538699a09295fb90a7344012b913c89d718b8ef1a86ce629
c89bcdebee6dc2242b44fba0dc0469d7f7a8aa994b5a79a31e4bc1ee5ab03364
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cab978077b37c9a0d5feffbc9507ad58429e486f37249e0e9f4d1edad30d2724
cac73814754b009aff75b0892d5e2379ad349739c26e528ab10df94e98cd8740
cb41292903f6bd996333bdfe6fbc58e1dbdb6109074505ee3ea46373bb23be70
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd02260c5d4f77750ced52c982c33eb066d8d0d8e25eeee50ee5953e7a41f098
cf0626431bb0f33179432cdf9828ffe728520b6ef4f9654c05651ec9022853f1
d06f859375be6e10248a908c142ef75be0ae311caf0c888e72c600de9d4f623f
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d707dbf94ee09c9e27784a044be679b7fbf0f85b6e193990df21a7079dac4188
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
decbfed2411ffa74056dfaa776e609f39575c76e51f2e1241d05b833227bc32f
dfd61d00e6398f0462577b61965c50f3c0cac4f9fe42cd1be6a3108b78137235
e057dca68761d9717bcc633ae889e8d3c52b7d7256754a22a661a4cb11a76ee7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9ff25760e71ae392b397cb8d4cc3d1ced03688cbd7708c07a53da110f57a930
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef079280d21ad674b835a85e4260b046487bb49025558136c2a8eeca93ef86db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35cb41b9372166d096339a3fd77955081f4d6e2ff0ef87af32ea9b1d059cc96
f3c9d2011adabacbed31726954036c0a46df96156dcf537e45b272fc86356e22
f672105141175e892c496cc1848ec07e59eaa289ab9a3e4f0debf3cee5775351
f86fc1c5bd806aa6d93828177336ea09c88149b4a1b602a472100aa359b23bd3
facfbcb8b8dd1dccf03b8f62ce64aed298bb3bb9834aec977a8c3062430ff8fb

ja.natapa.org Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

283 Requests

86 %HTTPS

39 %IPv6

54 Domains

87 Subdomains

65 IPs

14 Countries

3128 kBTransfer

5664 kBSize

55 Cookies

37 Outgoing links

Page URL History

Redirected requests

283 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ja.natapa.org Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

283
Requests

86 %
HTTPS

39 %
IPv6

54
Domains

87
Subdomains

65
IPs

14
Countries

3128 kB
Transfer

5664 kB
Size

55
Cookies

283 HTTP transactions
4 data transactions