odga.me Open in urlscan Pro
2606:4700:3033::ac43:8245 Public Scan

URL:
http://odga.me/
Submission: On June 25 via manual (June 25th 2020, 9:56:36 am UTC) from DK

Summary HTTP 154 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 36 IPs in 9 countries across 25 domains to perform 154 HTTP transactions. The main IP is 2606:4700:3033::ac43:8245, located in United States and belongs to CLOUDFLARENET, US. The main domain is odga.me.

This is the only time odga.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3033::ac43:8245	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2008	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3035::681c:131f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:814::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
8	2600:9000:218... 2600:9000:2182:a800:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
4	35.190.77.178 35.190.77.178	15169 (GOOGLE) (GOOGLE)
30	2606:4700:303... 2606:4700:3035::681b:8fd9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2606:4700:e2:... 2606:4700:e2::ac40:851b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	37.157.2.236 37.157.2.236	198622 (ADFORM) (ADFORM)
2	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
4 8	88.212.252.22 88.212.252.22	7979 (SERVERS-COM) (SERVERS-COM)
2	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
2	34.205.169.52 34.205.169.52	14618 (AMAZON-AES) (AMAZON-AES)
10	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1 2	172.217.18.166 172.217.18.166	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	85.206.143.247 85.206.143.247	43811 (TELIA-LIE...) (TELIA-LIETUVA)
1 1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
2	151.101.13.108 151.101.13.108	54113 (FASTLY) (FASTLY)
154	36

13 2606:4700:3033::ac43:8245 (United States)

ASN13335 (CLOUDFLARENET, US)

odga.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::681c:131f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us2.centcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2182:a800:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.77.178 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 178.77.190.35.bc.googleusercontent.com

cloud.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2606:4700:3035::681b:8fd9 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.marketjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:e2::ac40:851b (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 88.212.252.22 (Russian Federation) 4 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Poland)

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d35e1cc288bd56d4e856dcdd7857a704.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
27ff957dffa3f2ff911d8bb64a401c98.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.205.169.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-169-52.compute-1.amazonaws.com

gw.geoedge.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.206.143.247 (Kaunas, Lithuania)

ASN43811 (TELIA-LIETUVA, LT)
PTR: 85-206-143-247.static.zebra.lt

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	marketjs.net cdn.marketjs.net	355 KB
25	googlesyndication.com d35e1cc288bd56d4e856dcdd7857a704.safeframe.googlesyndication.com tpc.googlesyndication.com 27ff957dffa3f2ff911d8bb64a401c98.safeframe.googlesyndication.com pagead2.googlesyndication.com	169 KB
15	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	337 KB
13	odga.me odga.me	299 KB
10	ampproject.org cdn.ampproject.org	214 KB
10	geoedge.be rumcdn.geoedge.be gw.geoedge.be	141 KB
8	betweendigital.com 4 redirects ads.betweendigital.com	4 KB
6	criteo.com 2 redirects gum.criteo.com mug.criteo.com bidder.criteo.com	3 KB
6	setupad.com cloud.setupad.com node.setupad.com	305 KB
6	google.com 3 redirects adservice.google.com www.google.com	1 KB
4	adnxs.com ib.adnxs.com acdn.adnxs.com	2 KB
4	adform.net adx.adform.net cm.adform.net	1 KB
4	setupad.net prebid-stag.setupad.net	1 KB
4	google.de www.google.de adservice.google.de	548 B
4	google-analytics.com 2 redirects www.google-analytics.com	19 KB
3	criteo.net static.criteo.net	62 KB
3	gstatic.com fonts.gstatic.com	30 KB
2	googletagservices.com www.googletagservices.com	32 KB
2	creativecdn.com prebid-eu.creativecdn.com	320 B
2	smartadserver.com prg.smartadserver.com	3 KB
2	addtoany.com static.addtoany.com	26 KB
2	centcount.com 1 redirects us2.centcount.com	811 B
2	googleapis.com imasdk.googleapis.com fonts.googleapis.com	98 KB
1	google.pl adservice.google.pl	829 B
1	googletagmanager.com www.googletagmanager.com	32 KB
154	25

	Domain	Requested by
30	cdn.marketjs.net	odga.me
18	tpc.googlesyndication.com	rumcdn.geoedge.be odga.me
13	odga.me	odga.me
10	cdn.ampproject.org	rumcdn.geoedge.be
8	ads.betweendigital.com	4 redirects odga.me cloud.setupad.com
8	rumcdn.geoedge.be	odga.me rumcdn.geoedge.be
8	securepubads.g.doubleclick.net	odga.me securepubads.g.doubleclick.net rumcdn.geoedge.be
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	prebid-stag.setupad.net	cloud.setupad.com
4	cloud.setupad.com	odga.me
4	www.google-analytics.com	2 redirects www.googletagmanager.com odga.me
3	static.criteo.net	cloud.setupad.com static.criteo.net
3	fonts.gstatic.com	odga.me
3	www.google.com	3 redirects
3	adservice.google.com	securepubads.g.doubleclick.net rumcdn.geoedge.be
2	acdn.adnxs.com	cloud.setupad.com
2	node.setupad.com	odga.me
2	ad.doubleclick.net	1 redirects odga.me
2	gw.geoedge.be	rumcdn.geoedge.be
2	adservice.google.de	rumcdn.geoedge.be
2	cm.adform.net	odga.me
2	www.googletagservices.com	odga.me
2	prebid-eu.creativecdn.com	cloud.setupad.com
2	prg.smartadserver.com	cloud.setupad.com
2	ib.adnxs.com	cloud.setupad.com
2	adx.adform.net	cloud.setupad.com
2	bidder.criteo.com	cloud.setupad.com
2	mug.criteo.com	odga.me
2	gum.criteo.com	2 redirects
2	pubads.g.doubleclick.net	odga.me
2	static.addtoany.com	odga.me static.addtoany.com
2	www.google.de	odga.me
2	stats.g.doubleclick.net	2 redirects
2	us2.centcount.com	1 redirects odga.me
1	googleads.g.doubleclick.net
1	fonts.googleapis.com	rumcdn.geoedge.be
1	27ff957dffa3f2ff911d8bb64a401c98.safeframe.googlesyndication.com	rumcdn.geoedge.be
1	d35e1cc288bd56d4e856dcdd7857a704.safeframe.googlesyndication.com	rumcdn.geoedge.be
1	adservice.google.pl	securepubads.g.doubleclick.net
1	www.googletagmanager.com	odga.me
1	imasdk.googleapis.com	odga.me
154	41

This site contains links to these domains. Also see Links.

Domain
www.addtoany.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-01-30` - `2020-10-09`	8 months	crt.sh
*.google.pl GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
cloud.setupad.com GTS CA 1D2	`2020-06-02` - `2020-08-31`	3 months	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-02-17` - `2022-02-16`	2 years	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
*.adform.net DigiCert SHA2 Secure Server CA	`2020-04-02` - `2021-06-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-06-10` - `2020-09-02`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-05-26` - `2020-08-18`	3 months	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-06-22` - `2020-09-20`	3 months	crt.sh
node.setupad.com Let's Encrypt Authority X3	`2020-05-23` - `2020-08-21`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-13` - `2021-04-14`	a year	crt.sh

This page contains 12 frames:

Primary Page: http://odga.me/
Frame ID: E3222A1B614A4461DC939B8332B2448A
Requests: 58 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.22.html
Frame ID: AA6B0B6BE28E202B08B9508CD16E71BE
Requests: 1 HTTP requests in this frame

Frame: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Frame ID: 82FDDDE4B20C4A2EDDA7342B93AAAF2E
Requests: 28 HTTP requests in this frame

Frame: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Frame ID: 67EAF8DA4041D7EDB7895CADC8B9F56B
Requests: 27 HTTP requests in this frame

Frame: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Frame ID: 36BCD295DF4741F73B8784CF1C90092F
Requests: 22 HTTP requests in this frame

Frame: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Frame ID: 2A07031AD718D6401711D3F202A9C2C0
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: BC5A8375E481EB9DCA124EC85BE8CA34
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B92BD1BA2B4D5C61E6D9C3C7DF91385C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: E908FF848FCC122901C10D8C1265A303
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: 49D9B5CE8E306072AD3669E85600EB04
Requests: 1 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Frame ID: AD4EBE6C5029B72AAAE43FCEC5B2A0D8
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 5BC7F082F5A5D69FF6757CC4052266B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

154
Requests

82 %
HTTPS

62 %
IPv6

25
Domains

41
Subdomains

36
IPs

9
Countries

2129 kB
Transfer

5436 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addtoany.com/share#url=http%3A%2F%2Fodga.me%2F&title=odGameBox%20%7C%20Free%20H5%20Games%20Online

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://us2.centcount.com/ca.php?sid=2005070000002001&ct=1593078971119 HTTP 301
https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1593078971119

Request Chain 12

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=297396729&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1609524347&gjid=2091000677&cid=281546888.1593078971&tid=UA-38246441-7&_gid=2113637238.1593078971&_r=1&gtm=2wg6h1N8DWVKJ&z=1253470321 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_gid=2113637238.1593078971&gjid=2091000677&_v=j83&z=1253470321 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_v=j83&z=1253470321 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_v=j83&z=1253470321&slf_rd=1&random=688319428

Request Chain 15

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=297396729&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid=312900145&gjid=1888809731&cid=281546888.1593078971&tid=UA-38246441-7&_gid=2113637238.1593078971&_r=1&gtm=2wg6h1N8DWVKJ&z=1423957554 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_gid=2113637238.1593078971&gjid=1888809731&_v=j83&z=1423957554 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_v=j83&z=1423957554 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_v=j83&z=1423957554&slf_rd=1&random=1213242612

Request Chain 38

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fodga.me%2F&domain=odga.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=a3AaFXxXelAvNHlBTWYwY1Y0Zzlnczd2ejIzM1hDNUo4ZlhTamNqTENmVmU3SnVBSVcwUkM4Y2pPRkc3dXpsY2tzazNRZ3VIWTJUZStrMjdWRXNzNGRiOVc3b3FWeTRMTm4xZmtmWnhKTUU4cER5NFB6UkdNM0JoYnJIOWpiMDZxTGJDancySFdLdUdwVDVReENaYy9BNk1zMmMxNVkwNCtHLytPd2s3TG92ai9QMVY5cTRFbDBITU5CaHl4QURGY2ZnVTJMVUR4K3ZjTzBScnZZS2hzNi8rYldUR1NsQXBTRExFM0pvVEhWcXdFUHVZPXw&cppv=2

Request Chain 44

https://ads.betweendigital.com/adjson?jst=hb&ord=5067202576213579&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916198&bidid=108f5c09c4482ed&transactionid=217d644e-454e-4018-9550-b9e7b8933b27&auctionid=af4f55e1-5b51-4b69-9c1b-591f45340078&gdprApplies=true&consentString=BO1jI9zO1jI9zAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=5067202576213579&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916198&bidid=108f5c09c4482ed&transactionid=217d644e-454e-4018-9550-b9e7b8933b27&auctionid=af4f55e1-5b51-4b69-9c1b-591f45340078&gdprApplies=true&consentString=BO1jI9zO1jI9zAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1

Request Chain 48

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fodga.me%2F&domain=odga.me&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=JdxGTnxYbDIxakVTd3I2MUttSzRFYmJHb2hZSnNDVjdEelVKUVpMVHlacXhiOFFUYkNrTENXeS9BSE1HdEtyMXZBYmdYZUtaQ0NWUTZlQ2FlMlZGbzlYd1pkWlB2ZWdreG9wemMrZFByckJ5NVhiaEZKZlgvcHc0OC9od0liOG9oUmNLR3RrSGh0UTkyYzlkaS9FU3JVNS9sUUE4elRZUmZySjZpM1VSSysyTVgxblBXdDBtbXNpNmpKY1BMd0grVUkxaHYxT1U4NThoN1dQNGFybzgrQlNydjRpWVBxUVAzamV0M20vSWJSSkpMOHBFPXw&cppv=2

Request Chain 56

https://ads.betweendigital.com/adjson?jst=hb&ord=5092666080892558&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916199&bidid=14e7ee94146a525&transactionid=ddc2074b-c8ae-4821-a99b-1d5dc9f96b4c&auctionid=6a1573c3-45e2-4128-b160-f3ef75e27a39&gdprApplies=true&consentString=BO1jI90O1jI90AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A& HTTP 302
https://ads.betweendigital.com/adjson?jst=hb&ord=5092666080892558&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916199&bidid=14e7ee94146a525&transactionid=ddc2074b-c8ae-4821-a99b-1d5dc9f96b4c&auctionid=6a1573c3-45e2-4128-b160-f3ef75e27a39&gdprApplies=true&consentString=BO1jI90O1jI90AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1

Request Chain 117

https://ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/B10156386.203863947;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/B10156386.203863947;dc_pre=CK7MpdTZnOoCFfRc5QodR1wFoQ;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=

Request Chain 145

http://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 150

https://ads.betweendigital.com/sspmatch-iframe HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?crf=1

Request Chain 151

https://ads.betweendigital.com/sspmatch-iframe HTTP 302
https://ads.betweendigital.com/sspmatch-iframe?crf=1

154 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
odga.me/ 7 KB
3 KB 528ms
379ms Document
text/html 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c630059b643882cdbacea53ff42bdc4b5e84dffe3d09da8c22e2a51ae3a27509

Request headers

Host: odga.me
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:10 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d0941deb116e8973051e66ed6953ea7051593078970; expires=Sat, 25-Jul-20 09:56:10 GMT; path=/; domain=.odga.me; HttpOnly; SameSite=Lax
X-GUploader-UploadID: AAANsUn8Fo2gC2yxpd70-rAZQKG0TMW5pakMODdAIqyHZwmjaKMYrg3HfHm-s3BNFt1Kgy2khbtRhzdBMKtkNyuetvty1AsUIA
Expires: Thu, 25 Jun 2020 10:56:10 GMT
Cache-Control: public, max-age=3600
Last-Modified: Mon, 15 Jun 2020 11:00:07 GMT
x-goog-generation: 1592218807647765
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1942
x-goog-hash: crc32c=5L+2SQ== md5=z9dU3PbOmHIp3OPegMKqww==
x-goog-storage-class: STANDARD
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
cf-request-id: 038c8110d70000c290aa203200000001
Server: cloudflare
CF-RAY: 5a8dd12e2c8ec290-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK d1ee8658445a6d26299c.js Show response
odga.me/_nuxt/ 3 KB
2 KB 599ms
598ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/d1ee8658445a6d26299c.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5146e39a52c784c8f5e011ad0f3ff2eed3e5a4d1b94a5f15289fbb890ea3b436

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUkYtwkP9IH0Sgiy0ysIKDKZKBbMWCaFwU33ex7QD5G9wuv-rBGUl1Q7R_58fRR6qL-_V5zMPCsYFrXliHL6leY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 1370
cf-request-id: 038c81126d0000c290aa215200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "1cf0d98659d52b7141773573c8b34c3a"
Vary: Accept-Encoding
x-goog-hash: crc32c=zQnhcg==, md5=HPDZhlnVK3FBdzVzyLNMOg==
x-goog-generation: 1592218808016076
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 1370
Accept-Ranges: bytes
CF-RAY: 5a8dd130a9aec290-FRA
Expires: Thu, 25 Jun 2020 10:56:11 GMT

GET
H/1.1 200
OK 0b4d0fc8227d1f66ec5e.js Show response
odga.me/_nuxt/ 177 KB
61 KB 774ms
767ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/0b4d0fc8227d1f66ec5e.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef313570c17f7edd6249161275d1c21b30d9749d3b5ab7da7d9370b05aa9f90e

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUmB9s-kkc7RoJlQ_ijpdMg7m2ey5wOEV4NGxGi2ebEdMBBvlInSuSI5IR75e1DqG520w7QMONM7XpJJrP8lDlQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 61566
cf-request-id: 038c81127300006377ae0ed200000001
Last-Modified: Mon, 15 Jun 2020 11:00:07 GMT
Server: cloudflare
ETag: "9f262644c12fea055b84eb12ed05463f"
Vary: Accept-Encoding
x-goog-hash: crc32c=beBgCw==, md5=nyYmRMEv6gVbhOsS7QVGPw==
x-goog-generation: 1592218807755660
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 61566
Accept-Ranges: bytes
CF-RAY: 5a8dd130be116377-FRA
Expires: Thu, 25 Jun 2020 10:56:11 GMT

GET
H/1.1 200
OK 704ba4b1bcdbe612e93b.js Show response
odga.me/_nuxt/ 280 KB
83 KB 873ms
866ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e070a6198ceb8b72b426505461f38a76c7460c9c75f7be1a3db7643d40c384e8

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUlYnfzAHbfOn_xXimTxoEEaNG5mVDLCY0hYqNdbdaWCcgdUqQu4oettzRPO6--HH7R5GbfagaHByniFiZcBJi0iKurg1g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 84454
cf-request-id: 038c811273000017625bb5a200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "7e0e460eca02aae8182e393bc9fa3e36"
Vary: Accept-Encoding
x-goog-hash: crc32c=+Ufn+Q==, md5=fg5GDsoCqugYLjk7yfo+Ng==
x-goog-generation: 1592218808365320
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 84454
Accept-Ranges: bytes
CF-RAY: 5a8dd130bd341762-FRA
Expires: Thu, 25 Jun 2020 10:56:11 GMT

GET
H/1.1 200
OK 3ce12722465ca9af611c.js Show response
odga.me/_nuxt/ 58 KB
18 KB 879ms
871ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/3ce12722465ca9af611c.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae2fc9f6ff1f69755aaf909b46cb77fd6d4aa3fce2ca8de83b2a1a24e89fd573

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:11 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUmBZVktD5-XhD-P9wwTW_fUsMJXTJEGQ1nRsSnMGh7G_FzgaTUp-CX5OSuV7fMxQbKKF6oerICtMwuzMtZGY5k
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 17581
cf-request-id: 038c8112740000650f14aa0200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "5a6abffd5542f472e481c76b630f6ced"
Vary: Accept-Encoding
x-goog-hash: crc32c=kB2GNA==, md5=Wmq//VVC9HLkgcdrYw9s7Q==
x-goog-generation: 1592218808058213
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 17581
Accept-Ranges: bytes
CF-RAY: 5a8dd130b90a650f-FRA
Expires: Thu, 25 Jun 2020 10:56:11 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 46 KB
16 KB 89ms
81ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

b0737e416a4d3b12c30f5fd3312308fd491c0d688f66b609a078b4045653f830

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "553 / 984 of 1000 / last-modified: 1593040669"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 25 Jun 2020 09:56:11 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 284 KB
97 KB 68ms
14ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b530681e2707053be02166a0c3d80b43a6dcf406e00cf69f215006854a23fd3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 99161
X-XSS-Protection: 0
Expires: Thu, 25 Jun 2020 09:56:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
32 KB 38ms
34ms Script
application/javascript 2a00:1450:4001:825::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8DWVKJ

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f5b5525f2b18bc3ca8870d3cbbbb30c29257114cce122c8539d43cea987a10ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:11 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32641
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 25 Jun 2020 09:56:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DWVKJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 4593
date: Thu, 25 Jun 2020 08:39:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Thu, 25 Jun 2020 10:39:38 GMT

GET
H2

200

ca.php Show response
us2.centcount.com/
Redirect Chain

http://us2.centcount.com/ca.php?sid=2005070000002001&ct=1593078971119
https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1593078971119

57 B
415 B

241ms
200ms

Script
application/javascript

2606:4700:3035::681c:131f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1593078971119
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681c:131f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b2cc82915b4eb428ce29a0bd084bac7da2960e862c224886af15c1a561dedc

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 5a8dd132bb1705c4-FRA
cf-request-id: 038c8113b3000005c42e02d200000001

Redirect headers

Date: Thu, 25 Jun 2020 09:56:11 GMT
Server: cloudflare
Vary: Accept-Encoding
Location: https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1593078971119
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5a8dd131c8dabefb-FRA
cf-request-id: 038c81131c0000befb3c327200000001
Expires: Thu, 25 Jun 2020 10:56:11 GMT

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 109 B
829 B 47ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=odga.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 29ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=odga.me

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020062301.js Show response
securepubads.g.doubleclick.net/gpt/ 249 KB
88 KB 101ms
88ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

2f493253c58a9be0d4db9aaeaf8d74914b2f4776ac0bd1ae10809cccd0face81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 20:41:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90298
x-xss-protection: 0
expires: Thu, 25 Jun 2020 09:56:11 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=297396729&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_gid=2113637238.1593078971&gjid=2091000677&_v=j83&z=1253470321
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_v=j83&z=1253470321
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_v=j83&z=1253470321&slf_rd=1&random=688319428

42 B
106 B

28ms
21ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_v=j83&z=1253470321&slf_rd=1&random=688319428

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:11 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=1609524347&_v=j83&z=1253470321&slf_rd=1&random=688319428
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
99 B 39ms
37ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=297396729&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEAB~&jid=2079923376&gjid=1697351108&cid=281546888.1593078971&tid=UA-38246441-9&_gid=2113637238.1593078971&_r=1&z=288106468

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d37a699ba6db1890c813.js Show response
odga.me/_nuxt/ 4 KB
3 KB 583ms
581ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/d37a699ba6db1890c813.js
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/d1ee8658445a6d26299c.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5563c720385dce141b6ae5b86b2675711b4e676249d3cf67a872ccb361abe2a2

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUkOyvLs-7F8GE1nzO6ITW06UcfN7SBH3qghWqyz8b4Vw7E1DvvHqpqSldNfYmdgMl96-MC0s8-wXxUF_2OrHMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 1737
cf-request-id: 038c8116c70000650f14ae5200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "bd3a72f440bd2c36a6aa4164e90a74be"
Vary: Accept-Encoding
x-goog-hash: crc32c=J5hjIQ==, md5=vTpy9EC9LDamqkFk6Qp0vg==
x-goog-generation: 1592218808016247
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 1737
Accept-Ranges: bytes
CF-RAY: 5a8dd137ac84650f-FRA
Expires: Thu, 25 Jun 2020 10:56:12 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=297396729&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEAB~&jid...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_gid=2113637238.1593078971&gjid=1888809731&_v=j83&z=1423957554
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_v=j83&z=1423957554
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_v=j83&z=1423957554&slf_rd=1&random=1213242612

42 B
106 B

30ms
30ms

Image
image/gif

2a00:1450:4001:814::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_v=j83&z=1423957554&slf_rd=1&random=1213242612

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:12 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-38246441-7&cid=281546888.1593078971&jid=312900145&_v=j83&z=1423957554&slf_rd=1&random=1213242612
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ed018e708870be50788b.js Show response
odga.me/_nuxt/ 276 KB
69 KB 393ms
368ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/ed018e708870be50788b.js
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/d1ee8658445a6d26299c.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5fe3078b5c30e800d7b3b55945df13af8107578351bc8187f614f1fa0eac7d

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:12 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUmRoSGd3s4t6mKY8GwzuPatU0NBbWcgiuxL9wugy_oh7hljEo6ffFtLqhqYfZPTcFlPfEmBic-YS6FQnF10RSI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 70131
cf-request-id: 038c8117ad000017625bb9c200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "994c0e5730ff8a21098ae340ca92dc61"
Vary: Accept-Encoding
x-goog-hash: crc32c=PekNuw==, md5=mUwOVzD/iiEJiuNAypLcYQ==
x-goog-generation: 1592218808364278
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 70131
Accept-Ranges: bytes
CF-RAY: 5a8dd1391e3f1762-FRA
Expires: Thu, 25 Jun 2020 10:56:12 GMT

GET
H/1.1 200
OK 4c71bef132a629d7b945.js Show response
odga.me/_nuxt/ 90 KB
21 KB 966ms
958ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/d1ee8658445a6d26299c.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 186afd16a36c83e950015445efc3b7e7dbda52eb81e14b27caa05942bb2d3f17

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:13 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUmKoGVISl2BWZKPGwyygQeZjMezUUr6e9IeOSPIy9i4cf4Q-RqL9JeaKb2YmsYYK5jHhQUPODllBlmjKgwLVKYkWyYXGg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 20108
cf-request-id: 038c8117ad00006377ae118200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "dd67ba88a58cdd66a534e5a75b911522"
Vary: Accept-Encoding
x-goog-hash: crc32c=54nd6g==, md5=3We6iKWM3WalNOWnW5EVIg==
x-goog-generation: 1592218808043325
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 20108
Accept-Ranges: bytes
CF-RAY: 5a8dd1391a646377-FRA
Expires: Thu, 25 Jun 2020 10:56:12 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 81 KB
26 KB 53ms
24ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: odga.me
URL: http://odga.me/_nuxt/0b4d0fc8227d1f66ec5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f5ee87f6687c093dae0f0e3a16022519a4f1aae41f30088e78ff6488968591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:13 GMT
via: e5s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 8984
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 038c811c0300006491fb38d200000001
last-modified: Thu, 25 Jun 2020 07:26:00 GMT
server: cloudflare
etag: W/"142e0-5a8e38119f4d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 5a8dd1400a816491-FRA
cf-bgj: minify

GET
H/1.1 200
OK b30affd.png
odga.me/_nuxt/img/ 4 KB
5 KB 316ms
314ms Image
image/png 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://odga.me/_nuxt/img/b30affd.png
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f261d4d2edc82ed95903ec71dee4f56f050c6c91556a92d5646c888e3c634f8

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:13 GMT
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUlMOj7aXLLoBABkYDjhaT9PWZ_xtjhc1ADwQAM_n4ryDj6sgpSnD9sgjtEGo7IfnsVvd2bQtIG3Qqp0ZTy61GbwF6bMzA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: image/png
Content-Length: 4008
cf-request-id: 038c811c0100006377ae131200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "b30affd76e4ba559610150e0ef512fbc"
Vary: Accept-Encoding
x-goog-hash: crc32c=ZPfyXw==, md5=swr/125LpVlhAVDg71EvvA==
x-goog-generation: 1592218808619537
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 4008
Accept-Ranges: bytes
CF-RAY: 5a8dd1400d846377-FRA
Expires: Thu, 25 Jun 2020 10:56:13 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 59 KB
17 KB 321ms
140ms XHR
text/html 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/odga.me_300x250_1_DFP&sz=300x250&t=Placement_type%3Dserving&1593078973470

Requested by

Host: odga.me
URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

b18645cd31ced555acd6ca15c7c64479cee8db1dd1458743d5e89d366abe651b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16290
x-xss-protection: 0
google-lineitem-id: 5395881058
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314073824
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://odga.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 59 KB
16 KB 340ms
170ms XHR
text/html 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189/odga.me_300x250_2_DFP&sz=300x250&t=Placement_type%3Dserving&1593078973481

Requested by

Host: odga.me
URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

555e1ceb7854aa4cbb51f872d6ef54be14f6e6ded837a6b1bfd0a6400cc59093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:13 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16291
x-xss-protection: 0
google-lineitem-id: 5396253044
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138314074013
content-type: text/html; charset=UTF-8
access-control-allow-origin: http://odga.me
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK list.json Show response
odga.me/data/ 58 KB
9 KB 850ms
849ms XHR
application/json 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/data/list.json
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/0b4d0fc8227d1f66ec5e.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9d2c776341ad61e5dd232ce16112d6adc64247456322c1b674a95d56a6a3fb

Request headers

Accept: application/json, text/plain, */*
Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:14 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-GUploader-UploadID: AAANsUnnF1aQygP4liON9NA3Elj1tMTQrxxAxv1OsAQ6dKweAyMMGJBUDIfnESLWSZ6u-4zZDiZb1r9_hj8K7yluWpw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 8847
cf-request-id: 038c811c6c000017625bbec200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "255fafbcfc256c2537b0405b24c0b2ae"
Vary: Accept-Encoding
x-goog-hash: crc32c=uVtMEQ==, md5=JV+vvPwlbCU3sEBbJMCyrg==
x-goog-generation: 1592218808633852
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 8847
Accept-Ranges: bytes
CF-RAY: 5a8dd140ae4c1762-FRA
Expires: Thu, 25 Jun 2020 10:56:13 GMT

GET
H/1.1 200
OK list.json Show response
odga.me/data/ 58 KB
9 KB 341ms
341ms XHR
application/json 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/data/list.json
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/0b4d0fc8227d1f66ec5e.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9d2c776341ad61e5dd232ce16112d6adc64247456322c1b674a95d56a6a3fb

Request headers

Accept: application/json, text/plain, */*
Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:13 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-GUploader-UploadID: AAANsUlcRqY04Nhso_vNag7LU2b2-NGZHWob8m32seOlLM0pWsGY44hHZ6DapbxMGPdckeZH_GIea0iKicuPJktHkD4
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 8847
cf-request-id: 038c811c750000650f14b2f200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "255fafbcfc256c2537b0405b24c0b2ae"
Vary: Accept-Encoding
x-goog-hash: crc32c=uVtMEQ==, md5=JV+vvPwlbCU3sEBbJMCyrg==
x-goog-generation: 1592218808633852
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 8847
Accept-Ranges: bytes
CF-RAY: 5a8dd140b925650f-FRA
Expires: Thu, 25 Jun 2020 10:56:13 GMT

GET
H2 200 sm.22.html
static.addtoany.com/menu/ Frame AA6B 0
0 15ms
14ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.22.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: static.addtoany.com
:scheme: https
:path: /menu/sm.22.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

status: 200
date: Thu, 25 Jun 2020 09:56:14 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d6b064bac3bffc8984d93e687e7808be41593078974; expires=Sat, 25-Jul-20 09:56:14 GMT; path=/; domain=.addtoany.com; HttpOnly; SameSite=Lax; Secure
age: 49723
cache-control: max-age=315360000, immutable
cf-bgj: h2pri
etag: W/"70f-593fc1ec1791b"
last-modified: Thu, 03 Oct 2019 06:59:00 GMT
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
vary: Accept-Encoding
via: e5s
cf-cache-status: HIT
cf-request-id: 038c811f3c00006491fb3a2200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5a8dd1452c956491-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK grumi-ip.js Show response
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 82FD 10 KB
5 KB 50ms
9ms Script
application/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ab545de2fffe63bf892ed29a3eb6ba1af104d0027e0e1a7929c16bed79d0c21

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 00:55:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 08:25:13 GMT
Server: AmazonS3
Age: 32430
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: XgPcrqNHG1ZCpOC9cD17aUHJJtSHtZnf
Via: 1.1 26b0de44343edcaf19972d71d8e0256d.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/javascript
X-Amz-Cf-Id: cyZvgGh63Z2fVgR4mkAg3cklpa5oEyis3izsNnEBaoNalrwrT4KscA==

GET
H/1.1 200
OK pbjs-wrapper.js Show response
rumcdn.geoedge.be/ Frame 82FD 5 KB
3 KB 51ms
10ms Script
application/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/pbjs-wrapper.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cda152fc815f857f38faae1624b1811df9c0eacee229c91cdd02b2b7d964695

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 00:56:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 12:37:16 GMT
Server: AmazonS3
Age: 32380
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: usWY_Ti1HKmo0F9nOHXDPjzamF76ZfqG
Via: 1.1 0c17d43ed0068cac968c920774378b84.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/javascript
X-Amz-Cf-Id: i-ohMqBq7GdjU2ONA5lmP57v49CBa3KqK8q0QD6Uqm6LeewhMegPNQ==

GET
H2 200 ldt3Y37cfk_190527.js Show response
cloud.setupad.com/postbid/ Frame 82FD 128 KB
37 KB 286ms
93ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 09:10:07 GMT
content-encoding: gzip
age: 89167
status: 200
alt-svc: clear
content-length: 37956
access-control-allow-origin: *
last-modified: Fri, 28 Jun 2019 12:58:40 GMT
server: nginx/1.14.1
etag: W/"5d160f00-1ff27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Fri, 24 Jul 2020 09:10:07 GMT

GET
H2 200 stpd200227_noiv.js Show response
cloud.setupad.com/postbid/ Frame 82FD 303 KB
115 KB 403ms
210ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 911d23662caef57e87305d6db5a0cb980c7bcd73a94fd6c40caed33fa2a4523d

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 02:29:55 GMT
content-encoding: gzip
age: 545179
status: 200
alt-svc: clear
content-length: 117437
access-control-allow-origin: *
last-modified: Fri, 20 Mar 2020 12:46:46 GMT
server: nginx/1.14.1
etag: W/"5e74bb36-4bbe1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Sun, 19 Jul 2020 02:29:55 GMT

GET
H/1.1 200
OK grumi-ip.js Show response
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 67EA 10 KB
5 KB 45ms
10ms Script
application/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ab545de2fffe63bf892ed29a3eb6ba1af104d0027e0e1a7929c16bed79d0c21

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 00:55:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Jan 2020 08:25:13 GMT
Server: AmazonS3
Age: 32430
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: XgPcrqNHG1ZCpOC9cD17aUHJJtSHtZnf
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/javascript
X-Amz-Cf-Id: PQS8ccuRL4dkF4ItojL3X--61yzAXv-UDS9fb57OCxeVpaWay4uZqw==

GET
H/1.1 200
OK pbjs-wrapper.js Show response
rumcdn.geoedge.be/ Frame 67EA 5 KB
3 KB 46ms
11ms Script
application/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/pbjs-wrapper.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cda152fc815f857f38faae1624b1811df9c0eacee229c91cdd02b2b7d964695

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 00:56:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 12:37:16 GMT
Server: AmazonS3
Age: 32380
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: usWY_Ti1HKmo0F9nOHXDPjzamF76ZfqG
Via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: application/javascript
X-Amz-Cf-Id: iKYPLFaFT9_0i_yPEd3wtixWuEcl48VHnGaUulEcsrZEAGfDdhYr4Q==

GET
H2 200 ldt3Y37cfk_190527.js Show response
cloud.setupad.com/postbid/ Frame 67EA 128 KB
37 KB 330ms
143ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/ldt3Y37cfk_190527.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 24 Jun 2020 09:10:07 GMT
content-encoding: gzip
age: 89167
status: 200
alt-svc: clear
content-length: 37956
access-control-allow-origin: *
last-modified: Fri, 28 Jun 2019 12:58:40 GMT
server: nginx/1.14.1
etag: W/"5d160f00-1ff27"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Fri, 24 Jul 2020 09:10:07 GMT

GET
H2 200 stpd200227_noiv.js Show response
cloud.setupad.com/postbid/ Frame 67EA 303 KB
115 KB 433ms
246ms Script
application/javascript 35.190.77.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.77.178 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 178.77.190.35.bc.googleusercontent.com
Software: nginx/1.14.1 /
Resource Hash: 911d23662caef57e87305d6db5a0cb980c7bcd73a94fd6c40caed33fa2a4523d

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Jun 2020 02:29:55 GMT
content-encoding: gzip
age: 545179
status: 200
alt-svc: clear
content-length: 117437
access-control-allow-origin: *
last-modified: Fri, 20 Mar 2020 12:46:46 GMT
server: nginx/1.14.1
etag: W/"5e74bb36-4bbe1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 google
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=2592000,public
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires: Sun, 19 Jul 2020 02:29:55 GMT

GET
H/1.1 200
OK grumi.js Show response
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 82FD 90 KB
32 KB 37ms
36ms Script
text/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7b24dd7b4da0713eef52431a055299399c1c446499b2819071b87e44e6bf48f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:36:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 25 Jun 2020 08:39:58 GMT
Server: AmazonS3
Age: 1191
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: Bu_iTnuanCBJabAvtUlqpuMdMlajMNlH
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: public,max-age=1800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: text/javascript
X-Amz-Cf-Id: jJVyTo1ap_-ELS6jCjxBnH4MSEdqVIa1JPvRuoZfS8qDPERbpoleVA==

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 128x128.png
cdn.marketjs.net/games/escape-from-aztec/localization/en/media/graphics/promo/icons/ 4 KB
4 KB 58ms
20ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/escape-from-aztec/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc0c87755b5d764f5967162554f41322f60fedda40806c4e77eba2c559c6540

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:14 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 992
x-cache: Hit from cloudfront
status: 200
content-length: 3670
cf-request-id: 038c8121050000d6bde20e4200000001
last-modified: Fri, 22 Sep 2017 18:14:04 GMT
server: cloudflare
etag: "caa0c2b8cf0ba26a9630ed42d1c90067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 5a8dd1480b1ed6bd-FRA
x-amz-cf-id: Q2PXlCnGcDAS6oMhUkcb2e4mLKJNBHJmGaKM6cP7zdUcoikJc1tdKQ==

GET
H/1.1 200
OK grumi.js Show response
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 67EA 90 KB
32 KB 17ms
14ms Script
text/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7b24dd7b4da0713eef52431a055299399c1c446499b2819071b87e44e6bf48f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:36:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 25 Jun 2020 08:39:58 GMT
Server: AmazonS3
Age: 1191
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: Bu_iTnuanCBJabAvtUlqpuMdMlajMNlH
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: public,max-age=1800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: text/javascript
X-Amz-Cf-Id: 2YplCbnOYY89je7EyET6a6cwm4OVr-f8NSb_aBFOTsKOFKDIoKSXHw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/escape-from-aztec/localization/en/media/graphics/promo/icons/ 4 KB
4 KB 45ms
44ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/escape-from-aztec/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc0c87755b5d764f5967162554f41322f60fedda40806c4e77eba2c559c6540

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:14 GMT
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 992
x-cache: Hit from cloudfront
status: 200
content-length: 3670
cf-request-id: 038c8121ac0000d6bde20f3200000001
last-modified: Fri, 22 Sep 2017 18:14:04 GMT
server: cloudflare
etag: "caa0c2b8cf0ba26a9630ed42d1c90067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 5a8dd1491db7d6bd-FRA
x-amz-cf-id: Q2PXlCnGcDAS6oMhUkcb2e4mLKJNBHJmGaKM6cP7zdUcoikJc1tdKQ==

GET
H2

200

sid Show response
mug.criteo.com/ Frame 82FD
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fodga.me%2F&domain=odga.me&cw=1
https://mug.criteo.com/sid?cpp=a3AaFXxXelAvNHlBTWYwY1Y0Zzlnczd2ejIzM1hDNUo4ZlhTamNqTENmVmU3SnVBSVcwUkM4Y2pPRkc3dXpsY2tzazNRZ3VIWTJUZStrMjdWRXNzNGRiOVc3b3FWeTRMTm4xZmtmWnhKTUU4cER5NFB6UkdNM0JoYnJIOW...

348 B
599 B

435ms
58ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=a3AaFXxXelAvNHlBTWYwY1Y0Zzlnczd2ejIzM1hDNUo4ZlhTamNqTENmVmU3SnVBSVcwUkM4Y2pPRkc3dXpsY2tzazNRZ3VIWTJUZStrMjdWRXNzNGRiOVc3b3FWeTRMTm4xZmtmWnhKTUU4cER5NFB6UkdNM0JoYnJIOWpiMDZxTGJDancySFdLdUdwVDVReENaYy9BNk1zMmMxNVkwNCtHLytPd2s3TG92ai9QMVY5cTRFbDBITU5CaHl4QURGY2ZnVTJMVUR4K3ZjTzBScnZZS2hzNi8rYldUR1NsQXBTRExFM0pvVEhWcXdFUHVZPXw&cppv=2

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4ece0a77261e540ddee4824eb0f420a40955ff015db591c40b151431be4293f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Jun 2020 09:56:15 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 348
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Thu, 25 Jun 2020 09:56:14 GMT
location: https://mug.criteo.com/sid?cpp=a3AaFXxXelAvNHlBTWYwY1Y0Zzlnczd2ejIzM1hDNUo4ZlhTamNqTENmVmU3SnVBSVcwUkM4Y2pPRkc3dXpsY2tzazNRZ3VIWTJUZStrMjdWRXNzNGRiOVc3b3FWeTRMTm4xZmtmWnhKTUU4cER5NFB6UkdNM0JoYnJIOWpiMDZxTGJDancySFdLdUdwVDVReENaYy9BNk1zMmMxNVkwNCtHLytPd2s3TG92ai9QMVY5cTRFbDBITU5CaHl4QURGY2ZnVTJMVUR4K3ZjTzBScnZZS2hzNi8rYldUR1NsQXBTRExFM0pvVEhWcXdFUHVZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 482
expires: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 82FD 403 B
738 B 81ms
23ms XHR
application/json 2606:4700:e2::ac40:851b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:851b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363edecdf8643f02360492a9610373402ffd226a0f9e4320c261546afa039569

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a8dd14b0e65d6b5-FRA
cf-request-id: 038c8122e10000d6b5b606a200000001
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 82FD 111 B
193 B 150ms
100ms XHR
application/json 2606:4700:e2::ac40:851b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:851b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5d897d1bc710dc02950b3ca34af10d3b6a03b5d3a577c6608e1fad84ef98426

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a8dd14b0e67d6b5-FRA
cf-request-id: 038c8122e10000d6b5b606b200000001
expires: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 82FD 0
136 B 193ms
67ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.10.0-pre&cb=62500545785
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 25 Jun 2020 09:56:14 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://odga.me
timing-allow-origin: *
vary: Origin

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 82FD 5 B
441 B 623ms
225ms XHR
application/json 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgzMjM5MSZ0cmFuc2FjdGlvbklkPTIxN2Q2NDRlLTQ1NGUtNDAxOC05NTUwLWI5ZTdiODkzM2IyNw%3D%3D&pt=gross&stid=af4f55e1-5b51-4b69-9c1b-591f45340078&gdpr=true&gdpr_consent=BO1jI9zO1jI9zAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:15 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 82FD 143 B
1 KB 186ms
73ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

acd0c70829c115a17bd7461c1fd147e4b05b99b39d0376d24e011360d53f0dc1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Jun 2020 09:56:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.204:80
AN-X-Request-Uuid: 64930e14-d985-48a6-afd1-0e5ec117cd40
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://odga.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 82FD
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=5067202576213579&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916198&bidid=108f5c09c4482ed&transactionid=217d644e-454e-4018-9550-b9e7b8933b27&auctionid=af4...
https://ads.betweendigital.com/adjson?jst=hb&ord=5067202576213579&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916198&bidid=108f5c09c4482ed&transactionid=217d644e-454e-4018-9550-b9e7b8933b27&auctionid=af4...

2 B
222 B

197ms
125ms

XHR
application/json

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=5067202576213579&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916198&bidid=108f5c09c4482ed&transactionid=217d644e-454e-4018-9550-b9e7b8933b27&auctionid=af4f55e1-5b51-4b69-9c1b-591f45340078&gdprApplies=true&consentString=BO1jI9zO1jI9zAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://odga.me
content-encoding: gzip
content-type: application/json

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://odga.me
content-length: 0
location: /adjson?jst=hb&ord=5067202576213579&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916198&bidid=108f5c09c4482ed&transactionid=217d644e-454e-4018-9550-b9e7b8933b27&auctionid=af4f55e1-5b51-4b69-9c1b-591f45340078&gdprApplies=true&consentString=BO1jI9zO1jI9zAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 82FD 0
1 KB 331ms
173ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:14 GMT
x-smrt-d: 6%3b22%3b65
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://odga.me
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 82FD 0
160 B 185ms
67ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 25 Jun 2020 09:56:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://odga.me
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 82FD 46 KB
16 KB 24ms
17ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ee4af7e7cbc08d5ab3a439f558f7f3b00ec890356c2e4cafbd325e5c8858452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "553 / 632 of 1000 / last-modified: 1593040701"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 15816
X-XSS-Protection: 0
Expires: Thu, 25 Jun 2020 09:56:15 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 67EA
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fodga.me%2F&domain=odga.me&cw=1
https://mug.criteo.com/sid?cpp=JdxGTnxYbDIxakVTd3I2MUttSzRFYmJHb2hZSnNDVjdEelVKUVpMVHlacXhiOFFUYkNrTENXeS9BSE1HdEtyMXZBYmdYZUtaQ0NWUTZlQ2FlMlZGbzlYd1pkWlB2ZWdreG9wemMrZFByckJ5NVhiaEZKZlgvcHc0OC9od0...

353 B
604 B

383ms
59ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=JdxGTnxYbDIxakVTd3I2MUttSzRFYmJHb2hZSnNDVjdEelVKUVpMVHlacXhiOFFUYkNrTENXeS9BSE1HdEtyMXZBYmdYZUtaQ0NWUTZlQ2FlMlZGbzlYd1pkWlB2ZWdreG9wemMrZFByckJ5NVhiaEZKZlgvcHc0OC9od0liOG9oUmNLR3RrSGh0UTkyYzlkaS9FU3JVNS9sUUE4elRZUmZySjZpM1VSSysyTVgxblBXdDBtbXNpNmpKY1BMd0grVUkxaHYxT1U4NThoN1dQNGFybzgrQlNydjRpWVBxUVAzamV0M20vSWJSSkpMOHBFPXw&cppv=2

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

28ccae244dfde8d78d64f4af31a90aaca4762f7ff66e040dd2cfd3ed34634206

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Thu, 25 Jun 2020 09:56:15 GMT
status: 200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 353
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
status: 302
date: Thu, 25 Jun 2020 09:56:15 GMT
location: https://mug.criteo.com/sid?cpp=JdxGTnxYbDIxakVTd3I2MUttSzRFYmJHb2hZSnNDVjdEelVKUVpMVHlacXhiOFFUYkNrTENXeS9BSE1HdEtyMXZBYmdYZUtaQ0NWUTZlQ2FlMlZGbzlYd1pkWlB2ZWdreG9wemMrZFByckJ5NVhiaEZKZlgvcHc0OC9od0liOG9oUmNLR3RrSGh0UTkyYzlkaS9FU3JVNS9sUUE4elRZUmZySjZpM1VSSysyTVgxblBXdDBtbXNpNmpKY1BMd0grVUkxaHYxT1U4NThoN1dQNGFybzgrQlNydjRpWVBxUVAzamV0M20vSWJSSkpMOHBFPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 482
expires: 0

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 67EA 403 B
370 B 46ms
45ms XHR
application/json 2606:4700:e2::ac40:851b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:851b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9214c2b66f3afc19c175c0c30963be2a48fd40cdfc39d0e9a0a5be601ba77b8

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a8dd14c79bfd6b5-FRA
cf-request-id: 038c8123ca0000d6b5b6073200000001
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 67EA 111 B
181 B 108ms
107ms XHR
application/json 2606:4700:e2::ac40:851b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:851b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c378aab5610a6b662af254c8958b3764419a4ce263f69c6cf489794ffcc72044

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 5a8dd14c79cbd6b5-FRA
cf-request-id: 038c8123cd0000d6b5b6074200000001
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 67EA 143 B
1 KB 93ms
86ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

93ab23d4a0ece27c30d4cfaf95092c7097da3e68d40f71ccee319cf67c5e060c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 25 Jun 2020 09:56:17 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.117:80
AN-X-Request-Uuid: efb6ff5b-0865-43ab-a00b-db8fa1818f52
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://odga.me
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ Frame 67EA 0
160 B 86ms
70ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 25 Jun 2020 09:56:15 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://odga.me
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H2 200 / Show response
adx.adform.net/adx/ Frame 67EA 5 B
442 B 344ms
195ms XHR
application/json 37.157.2.236
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTgzMjM5MiZ0cmFuc2FjdGlvbklkPWRkYzIwNzRiLWM4YWUtNDgyMS1hOTliLTFkNWRjOWY5NmI0Yw%3D%3D&pt=gross&stid=6a1573c3-45e2-4128-b160-f3ef75e27a39&gdpr=true&gdpr_consent=BO1jI90O1jI90AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&fd=1

Requested by

Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:15 GMT
server: nginx
status: 200
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: http://odga.me
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length: 5
expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 67EA 0
1 KB 565ms
416ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:14 GMT
x-smrt-d: 6%3b24%3b65
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: http://odga.me
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 67EA 0
136 B 84ms
24ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=26&wv=3.10.0-pre&cb=58169468345
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 25 Jun 2020 09:56:14 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://odga.me
timing-allow-origin: *
vary: Origin

GET
H2

200

adjson Show response
ads.betweendigital.com/ Frame 67EA
Redirect Chain

https://ads.betweendigital.com/adjson?jst=hb&ord=5092666080892558&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916199&bidid=14e7ee94146a525&transactionid=ddc2074b-c8ae-4821-a99b-1d5dc9f96b4c&auctionid=6a1...
https://ads.betweendigital.com/adjson?jst=hb&ord=5092666080892558&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916199&bidid=14e7ee94146a525&transactionid=ddc2074b-c8ae-4821-a99b-1d5dc9f96b4c&auctionid=6a1...

2 B
222 B

194ms
121ms

XHR
application/json

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?jst=hb&ord=5092666080892558&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916199&bidid=14e7ee94146a525&transactionid=ddc2074b-c8ae-4821-a99b-1d5dc9f96b4c&auctionid=6a1573c3-45e2-4128-b160-f3ef75e27a39&gdprApplies=true&consentString=BO1jI90O1jI90AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://odga.me
content-encoding: gzip
content-type: application/json

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://odga.me
content-length: 0
location: /adjson?jst=hb&ord=5092666080892558&tz=-120&fl=0&rr=direct&w=300&h=250&s=3916199&bidid=14e7ee94146a525&transactionid=ddc2074b-c8ae-4821-a99b-1d5dc9f96b4c&auctionid=6a1573c3-45e2-4128-b160-f3ef75e27a39&gdprApplies=true&consentString=BO1jI90O1jI90AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A&crf=1

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame 67EA 46 KB
16 KB 156ms
14ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09a75a946b5e6afd8d6dfed7920ac72a3303a6c7cc05ef1c8c4394b730075d42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "553 / 56 of 1000 / last-modified: 1593040669"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 15815
X-XSS-Protection: 0
Expires: Thu, 25 Jun 2020 09:56:15 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 82FD 43 B
106 B 442ms
58ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DBO1jI9zO1jI9zAKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D%24UID
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 25 Jun 2020 09:56:15 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 128x128.png
cdn.marketjs.net/games/penalty-kick-game/localization/en/media/graphics/promo/icons/ 12 KB
13 KB 154ms
36ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/penalty-kick-game/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b085e7f396e07e9d9f3541cc481e6bcfa645fd5975f9519f7658e49805ce01

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4298
x-cache: Hit from cloudfront
status: 200
content-length: 12604
cf-request-id: 038c8124700000d6bde2149200000001
last-modified: Sat, 10 Nov 2018 07:38:38 GMT
server: cloudflare
etag: "a3bfddc442c3f715cc77ec721f736ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 5a8dd14d88b4d6bd-FRA
x-amz-cf-id: y_7mq4OThW7LH2fYgtbNfxzYjUAexRUmW8Y_LsPzE39sBiUJ2IBRdw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/feed-the-grandma/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 143ms
25ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/feed-the-grandma/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63df1849eebd7cfa2e52c94c3558229e580d4aff108961cfdc494a1a88828ebc

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 fee26d7a612578eafeab25e896f13c72.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 5729
x-cache: Hit from cloudfront
status: 200
content-length: 9072
cf-request-id: 038c8124700000d6bde214a200000001
last-modified: Tue, 06 Mar 2018 11:44:57 GMT
server: cloudflare
etag: "3b077259105aa33aa8f56c1d3977bb9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88b6d6bd-FRA
x-amz-cf-id: dZDh8ZPSlqMoaMl-ltN_PQ2OQvhxfZsrvLt6xAl5TVQV6PRs2HMr9Q==

GET
H2 200 128x128.png
cdn.marketjs.net/games/hogie-the-globehopper-adventure-puzzle/localization/en/media/graphics/promo/icons/ 6 KB
7 KB 137ms
20ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/hogie-the-globehopper-adventure-puzzle/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfe8000ff4deac516c11ed594d66714eaad8644e7a06ba72d9ed227a9ebb79f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 10b6eeb8648a069cb8a332f054cd3047.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 5729
x-cache: Hit from cloudfront
status: 200
content-length: 6509
cf-request-id: 038c8124700000d6bde214b200000001
last-modified: Tue, 11 Jun 2019 17:58:51 GMT
server: cloudflare
etag: "5b9b1eea5a060b0be5218aceeddc12f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88b7d6bd-FRA
x-amz-cf-id: LTaHQXWODjD20Cdq-xhBIRqbPaYCoxYpl4QXE98M4yMnXv_y8QnanQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/kitten-bounce/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 124ms
23ms Image
application/octet-stream 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/kitten-bounce/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc45e8e7bb933831c32e9e161fb094b95fc13d06fc8609569820519a33fa113

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 ab7ef1002486648bddb0e6bc684500bd.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2275
x-cache: Miss from cloudfront
status: 200
content-length: 9308
cf-request-id: 038c8124700000d6bde214c200000001
last-modified: Sun, 12 Nov 2017 06:50:58 GMT
server: cloudflare
etag: "ea74e607e52d4024838a328762f14b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88b8d6bd-FRA
x-amz-cf-id: mg7ZkTYg6fY9FA0Fr5ZmakU49H1KvrMZZUiGL5KUNarYEpeaDZdUTQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/word-finder/localization/en/media/graphics/promo/icons/ 10 KB
10 KB 136ms
36ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/word-finder/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0212545d020d3df95c056bf33e8d1a86f13ac13048b44667eef72365a72f8919

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 eff74d3c4669ba49791c396ee58f3713.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 329
x-cache: Hit from cloudfront
status: 200
content-length: 10203
cf-request-id: 038c8124700000d6bde214d200000001
last-modified: Thu, 02 Apr 2020 06:13:40 GMT
server: cloudflare
etag: "d40cc8e06bf705367b4923cce2a43fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88b9d6bd-FRA
x-amz-cf-id: KamnXUfFTh_eZ-h_Ygq1u6KQoQUz20JQZojpBvtght8Lau3VfTTy7w==

GET
H2 200 128x128.png
cdn.marketjs.net/games/monsters-and-cake/localization/en/media/graphics/promo/icons/ 19 KB
19 KB 154ms
54ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/monsters-and-cake/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c36515cabe9d924ee1db2d90614e66df3c28333d354e5ea4269b4500c0de33

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 23f61cf92a98db6b426338b85a31b05f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 993
x-cache: Hit from cloudfront
status: 200
content-length: 19057
cf-request-id: 038c8124700000d6bde214e200000001
last-modified: Tue, 07 Apr 2020 12:37:16 GMT
server: cloudflare
etag: "77dad185edaa9aab2a8b2a4367f1616a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88bbd6bd-FRA
x-amz-cf-id: Fp658gcYqy8-b1yG9N40_OM-tO5tdY6X9uCMfDYDoTD-GapC156mXw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/happy-hour/localization/en/media/graphics/promo/icons/ 6 KB
6 KB 124ms
24ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/happy-hour/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a69c11c9ac775530ba968c7b24caaabd5a721b5b947e2744d687952ef0ebb1

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 8eab33758f7a9d7a7d13481eabebea69.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3217
x-cache: Hit from cloudfront
status: 200
content-length: 5882
cf-request-id: 038c8124700000d6bde214f200000001
last-modified: Wed, 21 Aug 2019 11:51:37 GMT
server: cloudflare
etag: "045c508dced56550b07148f9adedd5f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88bdd6bd-FRA
x-amz-cf-id: Q3UbOEme0Q43Fzenart8GuJbpfxwrPuuXehPBgTNihsTMRxyopWg-Q==

GET
H2 200 128x128.png
cdn.marketjs.net/games/spidey-swing/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 131ms
32ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/spidey-swing/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185f9ce7706fdb5bb1b050f71ab86eb2a048f5db0e8431ae713aeb84f9001c9f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 13930f8a12db0a7ab5a2d4f74d618018.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2021
x-cache: Hit from cloudfront
status: 200
content-length: 8940
cf-request-id: 038c8124700000d6bde2150200000001
last-modified: Fri, 20 Mar 2020 08:46:09 GMT
server: cloudflare
etag: "7df5dcf2c932942df56774e0d4c2853c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88c1d6bd-FRA
x-amz-cf-id: RhvfPSfF9g5ckm78WK01SigcChdHA3euoPnhBPHRwaVvLmzQlSwHVA==

GET
H2 200 128x128.png
cdn.marketjs.net/games/monster-mahjong/localization/en/media/graphics/promo/icons/ 32 KB
32 KB 124ms
25ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/monster-mahjong/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e7ccdfa9942be5d0ce08e1753318a7ebbd5a722313fb5cbd4e59bcfc0b0ceb

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 10131483569b12d46be11abd6f162905.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6762
x-cache: Hit from cloudfront
status: 200
content-length: 32363
cf-request-id: 038c8124700000d6bde2151200000001
last-modified: Fri, 20 Mar 2020 08:09:51 GMT
server: cloudflare
etag: "b778dc5a7644e7ee7e6347f6aa2ea75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88d7d6bd-FRA
x-amz-cf-id: u8Nfos4-jr13DKoRj8gRduas9q2G8HiqGcoT5ge8Zml7kNYRSNzzMA==

GET
H2 200 128x128.png
cdn.marketjs.net/games/taxi-pickup/localization/en/media/graphics/promo/icons/ 15 KB
15 KB 135ms
37ms Image
application/octet-stream 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/taxi-pickup/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f78060455ee67eebd99ed271aef7bc64d61d46aa31a51fe6fdab6192a75064

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 c62ce76477c393c91b7d90312c808127.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3279
x-cache: Hit from cloudfront
status: 200
content-length: 15542
cf-request-id: 038c8124700000d6bde2152200000001
last-modified: Sun, 12 Nov 2017 07:02:38 GMT
server: cloudflare
etag: "504bb0bc8b399533854be9d0f030db62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
x-amz-cf-pop: ATL50-C1
accept-ranges: bytes
cf-ray: 5a8dd14d88dbd6bd-FRA
x-amz-cf-id: WdJTLw1YMAWUJ0Jd05oC7JjB4PsvQ52_h_Iuon4dQ64cyYrbYlZ4Qg==

GET
H2 200 128x128.png
cdn.marketjs.net/games/hardest-game-on-earth/localization/en/media/graphics/promo/icons/ 22 KB
22 KB 119ms
28ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/hardest-game-on-earth/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29d616a841bcbdba5191240a055054c50873f3e3d6f4a52d91f9ea88f02e610

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 329
x-cache: Hit from cloudfront
status: 200
content-length: 22527
cf-request-id: 038c8124700000d6bde2153200000001
last-modified: Fri, 20 Mar 2020 07:57:52 GMT
server: cloudflare
etag: "d89f957240255b1b8811fd713d86c339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5a8dd14d88ddd6bd-FRA
x-amz-cf-id: cAWDPMvftAcoa5JYix5i5OgVJQpTVzL20GZrKonTcuV7zRR0U3j22g==

GET
H2 200 128x128.png
cdn.marketjs.net/games/flick-basketball/localization/en/media/graphics/promo/icons/ 6 KB
6 KB 128ms
37ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/flick-basketball/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb20d12d14cd28343fceff62f8aa61d12d89bbc328de840482b15490751e89a3

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 eff74d3c4669ba49791c396ee58f3713.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6244
x-cache: Hit from cloudfront
status: 200
content-length: 6101
cf-request-id: 038c8124700000d6bde2154200000001
last-modified: Mon, 23 Mar 2020 09:13:37 GMT
server: cloudflare
etag: "8866df7d11e08ef8004505e7ec875bfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14d88e3d6bd-FRA
x-amz-cf-id: Qp3RX296gbIHjaAKXu-JCjvcG7AFo2HRxKbKAKj3mhL1QmCKF05Muw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/stickman-swing/localization/en/media/graphics/promo/icons/ 5 KB
6 KB 152ms
61ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/stickman-swing/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96d507d1320b17b6117bcc916968dc8d697d30a12e8e34e828fa1dd687a0e34

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6571
x-cache: Miss from cloudfront
status: 200
content-length: 5377
cf-request-id: 038c8124790000d6bde2155200000001
last-modified: Fri, 31 May 2019 08:00:22 GMT
server: cloudflare
etag: "ce36417ca0deca3db6ed2f8cea7757d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA53
accept-ranges: bytes
cf-ray: 5a8dd14d88e8d6bd-FRA
x-amz-cf-id: x141OX6myKNDezYCCCz4RWJAORbQ4CL3BGiyyQolSiGeWdHwWWjncg==

GET
H2 200 128x128.png
cdn.marketjs.net/games/married-to-a-prince/localization/en/media/graphics/promo/icons/ 10 KB
10 KB 128ms
38ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/married-to-a-prince/localization/en/media/graphics/promo/icons/128x128.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456067363d6dfce2026c2c0bb8f5e2c7ce0e98b1f2aee9c86e2fa3798360247d

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6573
x-cache: Hit from cloudfront
status: 200
content-length: 10314
cf-request-id: 038c8124790000d6bde2156200000001
last-modified: Tue, 31 Mar 2020 05:23:04 GMT
server: cloudflare
etag: "0237037784d7f6025c466960d278d73f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5a8dd14d88ecd6bd-FRA
x-amz-cf-id: SPiIGcUMX0-bIbVX3RpCoCl7TS7aGZg99o09EgA5V-VhZa3vZNQ8vg==

GET
H2 200 cookie
cm.adform.net/ Frame 67EA 43 B
105 B 320ms
58ms Image
image/gif 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3DBO1jI90O1jI90AKABBENCT-AAAAnd7_______9______9uz_Ov_v_f__33e87_9v_l_7_-___u_-3zd4-_1vf99yfm1-7etr3tp_87ues2_Xur__59__3z3_9phPrsk89r6337A%26uid%3D%24UID
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 25 Jun 2020 09:56:15 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 82FD 109 B
168 B 181ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=odga.me

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 82FD 109 B
168 B 182ms
11ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=odga.me

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020062301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 82FD 249 KB
88 KB 229ms
77ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js?21066527

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

2f493253c58a9be0d4db9aaeaf8d74914b2f4776ac0bd1ae10809cccd0face81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 20:41:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90298
x-xss-protection: 0
expires: Thu, 25 Jun 2020 09:56:15 GMT

GET
H2 200 128x128.png
cdn.marketjs.net/games/hogie-the-globehopper-adventure-puzzle/localization/en/media/graphics/promo/icons/ 6 KB
7 KB 127ms
13ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/hogie-the-globehopper-adventure-puzzle/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfe8000ff4deac516c11ed594d66714eaad8644e7a06ba72d9ed227a9ebb79f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 10b6eeb8648a069cb8a332f054cd3047.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 5729
x-cache: Hit from cloudfront
status: 200
content-length: 6509
cf-request-id: 038c81257a0000d6bde217f200000001
last-modified: Tue, 11 Jun 2019 17:58:51 GMT
server: cloudflare
etag: "5b9b1eea5a060b0be5218aceeddc12f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2ca6d6bd-FRA
x-amz-cf-id: LTaHQXWODjD20Cdq-xhBIRqbPaYCoxYpl4QXE98M4yMnXv_y8QnanQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/kitten-bounce/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 126ms
13ms Image
application/octet-stream 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/kitten-bounce/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc45e8e7bb933831c32e9e161fb094b95fc13d06fc8609569820519a33fa113

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 ab7ef1002486648bddb0e6bc684500bd.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2275
x-cache: Miss from cloudfront
status: 200
content-length: 9308
cf-request-id: 038c81257a0000d6bde2180200000001
last-modified: Sun, 12 Nov 2017 06:50:58 GMT
server: cloudflare
etag: "ea74e607e52d4024838a328762f14b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2ca8d6bd-FRA
x-amz-cf-id: mg7ZkTYg6fY9FA0Fr5ZmakU49H1KvrMZZUiGL5KUNarYEpeaDZdUTQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/happy-hour/localization/en/media/graphics/promo/icons/ 6 KB
6 KB 141ms
28ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/happy-hour/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a69c11c9ac775530ba968c7b24caaabd5a721b5b947e2744d687952ef0ebb1

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 8eab33758f7a9d7a7d13481eabebea69.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3217
x-cache: Hit from cloudfront
status: 200
content-length: 5882
cf-request-id: 038c81257a0000d6bde2181200000001
last-modified: Wed, 21 Aug 2019 11:51:37 GMT
server: cloudflare
etag: "045c508dced56550b07148f9adedd5f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2caad6bd-FRA
x-amz-cf-id: Q3UbOEme0Q43Fzenart8GuJbpfxwrPuuXehPBgTNihsTMRxyopWg-Q==

GET
H2 200 128x128.png
cdn.marketjs.net/games/feed-the-grandma/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 131ms
56ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/feed-the-grandma/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63df1849eebd7cfa2e52c94c3558229e580d4aff108961cfdc494a1a88828ebc

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 fee26d7a612578eafeab25e896f13c72.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 5729
x-cache: Hit from cloudfront
status: 200
content-length: 9072
cf-request-id: 038c81257a0000d6bde2182200000001
last-modified: Tue, 06 Mar 2018 11:44:57 GMT
server: cloudflare
etag: "3b077259105aa33aa8f56c1d3977bb9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2cacd6bd-FRA
x-amz-cf-id: dZDh8ZPSlqMoaMl-ltN_PQ2OQvhxfZsrvLt6xAl5TVQV6PRs2HMr9Q==

GET
H2 200 128x128.png
cdn.marketjs.net/games/monster-mahjong/localization/en/media/graphics/promo/icons/ 32 KB
32 KB 90ms
15ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/monster-mahjong/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e7ccdfa9942be5d0ce08e1753318a7ebbd5a722313fb5cbd4e59bcfc0b0ceb

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 10131483569b12d46be11abd6f162905.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6762
x-cache: Hit from cloudfront
status: 200
content-length: 32363
cf-request-id: 038c81257a0000d6bde2183200000001
last-modified: Fri, 20 Mar 2020 08:09:51 GMT
server: cloudflare
etag: "b778dc5a7644e7ee7e6347f6aa2ea75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2cadd6bd-FRA
x-amz-cf-id: u8Nfos4-jr13DKoRj8gRduas9q2G8HiqGcoT5ge8Zml7kNYRSNzzMA==

GET
H2 200 128x128.png
cdn.marketjs.net/games/penalty-kick-game/localization/en/media/graphics/promo/icons/ 12 KB
13 KB 136ms
61ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/penalty-kick-game/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b085e7f396e07e9d9f3541cc481e6bcfa645fd5975f9519f7658e49805ce01

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 a1098f0eeab192209962e3a9d76d0339.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 4298
x-cache: Hit from cloudfront
status: 200
content-length: 12604
cf-request-id: 038c81257a0000d6bde2184200000001
last-modified: Sat, 10 Nov 2018 07:38:38 GMT
server: cloudflare
etag: "a3bfddc442c3f715cc77ec721f736ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
cf-ray: 5a8dd14f2cafd6bd-FRA
x-amz-cf-id: y_7mq4OThW7LH2fYgtbNfxzYjUAexRUmW8Y_LsPzE39sBiUJ2IBRdw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/word-finder/localization/en/media/graphics/promo/icons/ 10 KB
10 KB 105ms
32ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/word-finder/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0212545d020d3df95c056bf33e8d1a86f13ac13048b44667eef72365a72f8919

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 eff74d3c4669ba49791c396ee58f3713.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 329
x-cache: Hit from cloudfront
status: 200
content-length: 10203
cf-request-id: 038c81257a0000d6bde2185200000001
last-modified: Thu, 02 Apr 2020 06:13:40 GMT
server: cloudflare
etag: "d40cc8e06bf705367b4923cce2a43fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2cb3d6bd-FRA
x-amz-cf-id: KamnXUfFTh_eZ-h_Ygq1u6KQoQUz20JQZojpBvtght8Lau3VfTTy7w==

GET
H2 200 128x128.png
cdn.marketjs.net/games/monsters-and-cake/localization/en/media/graphics/promo/icons/ 19 KB
19 KB 120ms
47ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/monsters-and-cake/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c36515cabe9d924ee1db2d90614e66df3c28333d354e5ea4269b4500c0de33

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 23f61cf92a98db6b426338b85a31b05f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 993
x-cache: Hit from cloudfront
status: 200
content-length: 19057
cf-request-id: 038c81257a0000d6bde2186200000001
last-modified: Tue, 07 Apr 2020 12:37:16 GMT
server: cloudflare
etag: "77dad185edaa9aab2a8b2a4367f1616a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2cb4d6bd-FRA
x-amz-cf-id: Fp658gcYqy8-b1yG9N40_OM-tO5tdY6X9uCMfDYDoTD-GapC156mXw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/hardest-game-on-earth/localization/en/media/graphics/promo/icons/ 22 KB
22 KB 122ms
49ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/hardest-game-on-earth/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29d616a841bcbdba5191240a055054c50873f3e3d6f4a52d91f9ea88f02e610

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 329
x-cache: Hit from cloudfront
status: 200
content-length: 22527
cf-request-id: 038c81257a0000d6bde2187200000001
last-modified: Fri, 20 Mar 2020 07:57:52 GMT
server: cloudflare
etag: "d89f957240255b1b8811fd713d86c339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5a8dd14f2cb6d6bd-FRA
x-amz-cf-id: cAWDPMvftAcoa5JYix5i5OgVJQpTVzL20GZrKonTcuV7zRR0U3j22g==

GET
H2 200 128x128.png
cdn.marketjs.net/games/spidey-swing/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 103ms
33ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/spidey-swing/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185f9ce7706fdb5bb1b050f71ab86eb2a048f5db0e8431ae713aeb84f9001c9f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 13930f8a12db0a7ab5a2d4f74d618018.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 2021
x-cache: Hit from cloudfront
status: 200
content-length: 8940
cf-request-id: 038c81257a0000d6bde2188200000001
last-modified: Fri, 20 Mar 2020 08:46:09 GMT
server: cloudflare
etag: "7df5dcf2c932942df56774e0d4c2853c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2cbad6bd-FRA
x-amz-cf-id: RhvfPSfF9g5ckm78WK01SigcChdHA3euoPnhBPHRwaVvLmzQlSwHVA==

GET
H2 200 128x128.png
cdn.marketjs.net/games/stickman-swing/localization/en/media/graphics/promo/icons/ 5 KB
5 KB 98ms
30ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/stickman-swing/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96d507d1320b17b6117bcc916968dc8d697d30a12e8e34e828fa1dd687a0e34

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 b7f7970e9c911e165d4cb9f70deac42a.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6571
x-cache: Miss from cloudfront
status: 200
content-length: 5377
cf-request-id: 038c81257a0000d6bde2189200000001
last-modified: Fri, 31 May 2019 08:00:22 GMT
server: cloudflare
etag: "ce36417ca0deca3db6ed2f8cea7757d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA53
accept-ranges: bytes
cf-ray: 5a8dd14f2cbcd6bd-FRA
x-amz-cf-id: x141OX6myKNDezYCCCz4RWJAORbQ4CL3BGiyyQolSiGeWdHwWWjncg==

GET
H2 200 128x128.png
cdn.marketjs.net/games/taxi-pickup/localization/en/media/graphics/promo/icons/ 15 KB
15 KB 101ms
35ms Image
application/octet-stream 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/taxi-pickup/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f78060455ee67eebd99ed271aef7bc64d61d46aa31a51fe6fdab6192a75064

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 c62ce76477c393c91b7d90312c808127.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 3279
x-cache: Hit from cloudfront
status: 200
content-length: 15542
cf-request-id: 038c81257a0000d6bde218a200000001
last-modified: Sun, 12 Nov 2017 07:02:38 GMT
server: cloudflare
etag: "504bb0bc8b399533854be9d0f030db62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
x-amz-cf-pop: ATL50-C1
accept-ranges: bytes
cf-ray: 5a8dd14f2cbed6bd-FRA
x-amz-cf-id: WdJTLw1YMAWUJ0Jd05oC7JjB4PsvQ52_h_Iuon4dQ64cyYrbYlZ4Qg==

GET
H2 200 128x128.png
cdn.marketjs.net/games/flick-basketball/localization/en/media/graphics/promo/icons/ 6 KB
6 KB 108ms
48ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/flick-basketball/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb20d12d14cd28343fceff62f8aa61d12d89bbc328de840482b15490751e89a3

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 eff74d3c4669ba49791c396ee58f3713.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6244
x-cache: Hit from cloudfront
status: 200
content-length: 6101
cf-request-id: 038c81257a0000d6bde218b200000001
last-modified: Mon, 23 Mar 2020 09:13:37 GMT
server: cloudflare
etag: "8866df7d11e08ef8004505e7ec875bfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: LHR62-C4
accept-ranges: bytes
cf-ray: 5a8dd14f2cc0d6bd-FRA
x-amz-cf-id: Qp3RX296gbIHjaAKXu-JCjvcG7AFo2HRxKbKAKj3mhL1QmCKF05Muw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/married-to-a-prince/localization/en/media/graphics/promo/icons/ 10 KB
10 KB 113ms
56ms Image
image/png 2606:4700:3035::681b:8fd9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/married-to-a-prince/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/704ba4b1bcdbe612e93b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681b:8fd9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456067363d6dfce2026c2c0bb8f5e2c7ce0e98b1f2aee9c86e2fa3798360247d

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 6573
x-cache: Hit from cloudfront
status: 200
content-length: 10314
cf-request-id: 038c81257a0000d6bde218c200000001
last-modified: Tue, 31 Mar 2020 05:23:04 GMT
server: cloudflare
etag: "0237037784d7f6025c466960d278d73f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 5a8dd14f2cc1d6bd-FRA
x-amz-cf-id: SPiIGcUMX0-bIbVX3RpCoCl7TS7aGZg99o09EgA5V-VhZa3vZNQ8vg==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 67EA 109 B
168 B 63ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=odga.me

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 67EA 109 B
168 B 62ms
11ms Script
application/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=odga.me

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020062301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 67EA 249 KB
88 KB 134ms
89ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

2f493253c58a9be0d4db9aaeaf8d74914b2f4776ac0bd1ae10809cccd0face81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Jun 2020 20:41:41 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90298
x-xss-protection: 0
expires: Thu, 25 Jun 2020 09:56:15 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 82FD 50 KB
12 KB 553ms
551ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=478255786502248&correlator=4353246639170142&output=ldjh&impl=fifs&adsid=NT&eid=21066527%2C21065516%2C21066436%2C21066485&vrg=2020062301&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200625&iu_parts=147246189%2Codga.me_300x250_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C320x320%7C300x300%7C320x300%7C320x250%7C250x250%7C200x200&eri=5&cookie_enabled=1&cdm=odga.me&bc=23&abxe=1&lmt=1593078976&dt=1593078976182&dlt=1593078974277&idt=1827&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=650&adys=38&adks=952476858&ucis=q50ppepq6w9b&ifi=1&ifk=4242782286&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=odga.me&loc=http%3A%2F%2Fodga.me%2F&top=odga.me&dssz=12&icsg=32810&std=0&vis=1&scr_x=0&scr_y=0&psz=336x150&msz=336x250&ga_vid=916276144.1593078976&ga_sid=1593078976&ga_hid=848574061&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js?21066527

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

3b6af96093af071da5da3004bb7988e2df8fab2f7f321af3e5238d1a2a0f5ac3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12300
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://odga.me
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d35e1cc288bd56d4e856dcdd7857a704.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 82FD 0
0 81ms
52ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d35e1cc288bd56d4e856dcdd7857a704.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 82FD 0
0 45ms
20ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 67EA 39 KB
10 KB 485ms
484ms XHR
text/plain 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2202546804713339&correlator=1635471669728665&output=ldjh&impl=fifs&adsid=NT&eid=21061507%2C21065517%2C21066338%2C21066436%2C21066347%2C21066485&vrg=2020062301&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20200625&iu_parts=147246189%2Codga.me_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C336x280%7C320x320%7C300x300%7C320x300%7C320x250%7C250x250%7C200x200&eri=5&cookie_enabled=1&cdm=odga.me&bc=23&abxe=1&lmt=1593078976&dt=1593078976465&dlt=1593078974287&idt=2125&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=150&oid=3&adxs=650&adys=1919&adks=2140763191&ucis=eme0diuhfs5z&ifi=1&ifk=4242782286&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&iag=15&url=odga.me&loc=http%3A%2F%2Fodga.me%2F&top=odga.me&dssz=12&icsg=32810&std=0&vis=1&scr_x=0&scr_y=0&psz=336x150&msz=336x250&ga_vid=1405897704.1593078977&ga_sid=1593078977&ga_hid=988938965&fws=256&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

cafe /

Resource Hash

f60ba04f7607d44e3688f34bbe9575b4ca42d2b8b3937b1aea56796f47b63deb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10549
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://odga.me
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
27ff957dffa3f2ff911d8bb64a401c98.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 67EA 0
0 39ms
16ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://27ff957dffa3f2ff911d8bb64a401c98.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 67EA 0
0 11ms
10ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK 510e5d9d346e791086d8.js Show response
odga.me/_nuxt/ 21 KB
8 KB 837ms
837ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/510e5d9d346e791086d8.js
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/d1ee8658445a6d26299c.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6406017f587ee7af6c062e51b73ecad4fed2c739a31c94ae7f636a6965f398cb

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:17 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUkROg3ehHrvTc8HdELut-sdZuXXCt-hMzBvoWmHtuoRYb1UfSGkPoOBqrF8gh1dKTF4jEjij8QSZU3PJWK84hy9l1OQQQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 6949
cf-request-id: 038c812894000017625b8c4200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "33bd2dddc33245e270bc2c56026616c0"
Vary: Accept-Encoding
x-goog-hash: crc32c=DkR/lA==, md5=M70t3cMyReJwvCxWAmYWwA==
x-goog-generation: 1592218808024171
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 6949
Accept-Ranges: bytes
CF-RAY: 5a8dd15428291762-FRA
Expires: Thu, 25 Jun 2020 10:56:16 GMT

GET
H/1.1 200
OK 5efb4202829e3f764551.js Show response
odga.me/_nuxt/ 22 KB
8 KB 610ms
610ms Script
application/javascript 2606:4700:3033::ac43:8245
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me/_nuxt/5efb4202829e3f764551.js
Requested by: Host: odga.me
URL: http://odga.me/_nuxt/d1ee8658445a6d26299c.js
Protocol: HTTP/1.1
Server: 2606:4700:3033::ac43:8245 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5ce7071e8cd2c65f5dbb52157a74b3823faa0ef0da44d5b3d0847fb86b28547

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:17 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
X-GUploader-UploadID: AAANsUlUQJDe5TCxNbovCd3ieLzEvKnTde0C9lDTjvov-IwiqYf-CS1ktKAlZ03KClvMOjctTSgzP3oIbRx32lOG8tiYene6Ag
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 6772
cf-request-id: 038c8128950000650f14be3200000001
Last-Modified: Mon, 15 Jun 2020 11:00:08 GMT
Server: cloudflare
ETag: "310ca7e5405f1ccca74a1537a2ec88ca"
Vary: Accept-Encoding
x-goog-hash: crc32c=jwcp6g==, md5=MQyn5UBfHMynShU3ouyIyg==
x-goog-generation: 1592218808025857
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 6772
Accept-Ranges: bytes
CF-RAY: 5a8dd1542b4a650f-FRA
Expires: Thu, 25 Jun 2020 10:56:16 GMT

GET
H/1.1 200
OK grumi.js Show response
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 36BC 90 KB
32 KB 17ms
12ms Script
text/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7b24dd7b4da0713eef52431a055299399c1c446499b2819071b87e44e6bf48f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:36:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 25 Jun 2020 08:39:58 GMT
Server: AmazonS3
Age: 1193
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: Bu_iTnuanCBJabAvtUlqpuMdMlajMNlH
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: public,max-age=1800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: text/javascript
X-Amz-Cf-Id: f7eFdIX8YumZZkXhINk3X3z-gu5yFe6DR5jbJmDQaKrBLuyZSttrmg==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 82FD 7 KB
6 KB 19ms
19ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020062301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js?21066527

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90cbd272a2d52072f8719073547da1cdf706bc1cfe94ec15507bd05f4cf88c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5662
x-xss-protection: 0

POST
H/1.1 200
OK init Show response
gw.geoedge.be/api/ Frame 36BC 15 B
289 B 295ms
234ms XHR
application/json 34.205.169.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol: HTTP/1.1
Server: 34.205.169.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-169-52.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 25 Jun 2020 09:56:17 GMT
ETag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 15

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 36BC 202 KB
55 KB 91ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40239
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 22:45:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:45:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 36BC 16 KB
6 KB 87ms
27ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88192
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 09:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 09:26:24 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 36BC 97 KB
29 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40266
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 22:45:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:45:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 36BC 4 KB
2 KB 69ms
12ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88192
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 09:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 09:26:24 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 36BC 48 KB
16 KB 63ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88186
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 09:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 09:26:30 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 36BC 7 KB
821 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Jun 2020 08:04:20 GMT
server: ESF
date: Thu, 25 Jun 2020 09:56:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Jun 2020 09:56:16 GMT

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/12782496273528025722/ Frame 36BC 34 KB
35 KB 21ms
20ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12782496273528025722/2076313506083323656

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be10ad7f862ca636fb22040f89e5a1dd71e8f3da0c50ba0c570565f82c23a2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Jun 2020 13:12:51 GMT
x-content-type-options: nosniff
age: 1111405
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35272
x-xss-protection: 0
last-modified: Wed, 03 Jun 2020 08:39:19 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Jun 2021 13:12:51 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6267430635988642081/ Frame 36BC 7 KB
7 KB 20ms
18ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6267430635988642081/downsize_200k_v1?w=600&h=600

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49f5353679f47d156d0c1461c7d246146f77f2369ee2f3335faaecd059301abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Jun 2020 08:00:55 GMT
x-content-type-options: nosniff
age: 1302921
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 17 Sep 2019 01:49:34 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Jun 2021 08:00:55 GMT

GET
DATA 200
OK truncated
/ Frame 36BC 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 36BC 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6bb8612dc3d3f6b28f2e879e6e8e597988cb7f1a5e6d9900ba10e351f6c7eef

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36BC 2 KB
3 KB 18ms
0ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37340
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 25 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36BC 295 B
398 B 43ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 43377
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 25 Jun 2020 21:53:20 GMT

GET
H2

200

B10156386.203863947;dc_pre=CK7MpdTZnOoCFfRc5QodR1wFoQ;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=
ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/ Frame 36BC
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/B10156386.203863947;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
https://ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/B10156386.203863947;dc_pre=CK7MpdTZnOoCFfRc5QodR1wFoQ;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_chi...

42 B
117 B

98ms
98ms

Image
image/gif

172.217.18.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/B10156386.203863947;dc_pre=CK7MpdTZnOoCFfRc5QodR1wFoQ;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N331001.1943701GDN/B10156386.203863947;dc_pre=CK7MpdTZnOoCFfRc5QodR1wFoQ;dc_trk_aid=417078335;dc_trk_cid=99982717;ord=2186080529;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 36BC 0
0 120ms
84ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CtFCNwHT0Xt6mE8Sy3gOA-ZjIDY_So-5d_7LTiIYLqN_q_YoOEAEgjeS9KWDp5MmF2BqgAbbh780DyAEJqQI1FkvOWfKQPuACAKgDAcgDCqoExgFP0Ej54UAvGkhmr22_pq85rcaGRSNpUUBcmuAnnyNkAVqwdUbVqFN5e2--TPx4hJs4Mr1W3qc4fDALRMC969Svx4NKRb6D0Eoz5aHnQtcU_WQjFCmZ_RUYxHK8DKHa1mcpEg8CqgOS7V92K064C-PAE_pJ6E3LCo2wIUcGgV9Dlkxrs07rUWnqWRGVjDGKl3Fme8Yi99-KrSqxARWbIiVb5qtTNNPdpuPwPanJOgVaB7Vz2iqAEUgNwD2kqjH2Yun33__RNg7ABMDfgsbdAeAEAZIFBAgEGAGSBQQIBRgEoAYugAeynpAyqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcA8gcEEMHsCdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDg3NDExMzk0NDExMDY1MYAKA8gLAdgTDIgUAw&sigh=DBKMhjOMTNY&template_id=484&tpd=AGWhJmsWL2ecIEBRAn6YTLNIHxo_QMGkei2TTvyU9_dzAOA0FA
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 82FD 14 KB
6 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1591403518460474"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5540
X-XSS-Protection: 0
Expires: Thu, 25 Jun 2020 09:56:17 GMT

GET
H/1.1 200
OK grumi.js Show response
rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/ Frame 2A07 90 KB
32 KB 14ms
13ms Script
text/javascript 2600:9000:2182:a800:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: HTTP/1.1
Server: 2600:9000:2182:a800:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f7b24dd7b4da0713eef52431a055299399c1c446499b2819071b87e44e6bf48f

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:36:24 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 25 Jun 2020 08:39:58 GMT
Server: AmazonS3
Age: 1194
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: Bu_iTnuanCBJabAvtUlqpuMdMlajMNlH
Via: 1.1 e8640ab30463560abfb6a2665bafb393.cloudfront.net (CloudFront)
Cache-Control: public,max-age=1800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
Content-Type: text/javascript
X-Amz-Cf-Id: eHhAON_b4iVpe39zlSLlSfpVLgxjjhQZiB5BQxgOTBUavSkvxjID_Q==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 67EA 7 KB
6 KB 17ms
16ms XHR
application/json 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020062301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020062301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d06b9665f8b11d340be9f0132d1cef663eeb541bf4a4971da0cb1a8a2a282f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Jun 2020 09:56:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5601
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 36BC 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: http://odga.me

Response headers

date: Fri, 12 Jun 2020 13:44:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 1109525
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Sat, 12 Jun 2021 13:44:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 36BC 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: http://odga.me

Response headers

date: Sat, 13 Jun 2020 02:26:07 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 1063810
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sun, 13 Jun 2021 02:26:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 36BC 8 KB
8 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fChc4AMP6lbBP.woff2

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Origin: http://odga.me

Response headers

date: Tue, 09 Jun 2020 00:20:48 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:40 GMT
server: sffe
age: 1416929
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8088
x-xss-protection: 0
expires: Wed, 09 Jun 2021 00:20:48 GMT

GET
H/1.1 200
OK sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 67EA 14 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 25 Jun 2020 09:56:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "1591403518460474"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=3000
Accept-Ranges: bytes
Content-Length: 5540
X-XSS-Protection: 0
Expires: Thu, 25 Jun 2020 09:56:17 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame BC5A 0
0 11ms
10ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 25 Jun 2020 09:39:43 GMT
expires: Fri, 25 Jun 2021 09:39:43 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 995
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK init Show response
gw.geoedge.be/api/ Frame 2A07 15 B
289 B 141ms
141ms XHR
application/json 34.205.169.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://gw.geoedge.be/api/init
Requested by: Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js
Protocol: HTTP/1.1
Server: 34.205.169.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-169-52.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 25 Jun 2020 09:56:18 GMT
ETag: W/"f-NQVRlQfKHCoInEbhALgECMonhCE"
Server: nginx/1.10.3 (Ubuntu)
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 15

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012005272217000/ Frame 2A07 202 KB
55 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40241
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56211
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 22:45:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9687f63ba3c32530"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:45:37 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2A07 16 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-ad-exit-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88194
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5894
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 09:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "983c44847f51ce73"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 09:26:24 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2A07 97 KB
29 KB 48ms
21ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-analytics-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 40268
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29912
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 22:45:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8ebd5537ed53cc8f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 22:45:10 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2A07 4 KB
2 KB 61ms
54ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-fit-text-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88194
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1720
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 09:26:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "eedff0e973ca46aa"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 09:26:24 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012005272217000/v0/ Frame 2A07 48 KB
15 KB 29ms
22ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012005272217000/v0/amp-form-0.1.js

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 88188
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14995
x-xss-protection: 0
server: sffe
date: Wed, 24 Jun 2020 09:26:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aab4b6f9640d8580"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Jun 2021 09:26:30 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A07 2 KB
3 KB 29ms
23ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37341
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 25 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A07 295 B
357 B 35ms
29ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 43378
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 25 Jun 2020 21:53:20 GMT

GET
DATA 200
OK truncated
/ Frame 2A07 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46e0323ca826299e7d47355a1a012640a06876f880c6f21dea5b7da38eca9226

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14509807891393844551
tpc.googlesyndication.com/daca_images/simgad/ Frame 2A07 46 KB
46 KB 36ms
30ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14509807891393844551

Requested by

Host: odga.me
URL: http://odga.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

532e2a4a278c255e715b4c617f8300e7d0848cfc067fb6053e298c6391168f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Jun 2020 16:45:33 GMT
x-content-type-options: nosniff
age: 321045
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47316
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 21:39:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Jun 2021 16:45:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36BC 2 KB
2 KB 34ms
11ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37341
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 25 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 36BC 295 B
352 B 33ms
10ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 43378
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 25 Jun 2020 21:53:20 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B92B 0
0 8ms
7ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi-ip.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Thu, 25 Jun 2020 09:39:43 GMT
expires: Fri, 25 Jun 2021 09:39:43 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 995
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 82FD 68 KB
21 KB 91ms
20ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:18 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 26 Jun 2020 09:56:18 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 82FD 0
208 B 236ms
71ms XHR
text/html 85.206.143.247
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS: 85-206-143-247.static.zebra.lt
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jun 2020 09:56:18 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 82FD 68 KB
21 KB 104ms
29ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:18 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 26 Jun 2020 09:56:18 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 67EA 68 KB
21 KB 23ms
22ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Jun 2020 09:56:18 GMT
content-encoding: gzip
last-modified: Tue, 09 Jun 2020 14:26:17 GMT
server: nginx
etag: W/"5edf9c09-10fe8"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Fri, 26 Jun 2020 09:56:18 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 67EA 0
208 B 70ms
70ms XHR
text/html 85.206.143.247
TELIA-LIETUVA

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: odga.me
URL: http://odga.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 85.206.143.247 Kaunas, Lithuania, ASN43811 (TELIA-LIETUVA, LT),
Reverse DNS: 85-206-143-247.static.zebra.lt
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 25 Jun 2020 09:56:18 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
status: 200
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 2A07
Redirect Chain

http://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

43ms
38ms

Image
text/html

2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

Date: Thu, 25 Jun 2020 09:56:18 GMT
X-Content-Type-Options: nosniff
Server: safe
Content-Type: text/html; charset=UTF-8
Location: https://googleads.g.doubleclick.net/pagead/drt/si
Cache-Control: private
Content-Length: 246
X-XSS-Protection: 0

GET
H2 200 14509807891393844551
tpc.googlesyndication.com/daca_images/simgad/ Frame 2A07 46 KB
46 KB 7ms
6ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14509807891393844551

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

532e2a4a278c255e715b4c617f8300e7d0848cfc067fb6053e298c6391168f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 21 Jun 2020 16:45:33 GMT
x-content-type-options: nosniff
age: 321046
x-dns-prefetch-control: off
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47316
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 21:39:46 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Jun 2021 16:45:33 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A07 2 KB
3 KB 12ms
10ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 23:33:57 GMT
x-content-type-options: nosniff
server: cafe
age: 37342
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 25 Jun 2020 23:33:57 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2A07 295 B
357 B 20ms
18ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: rumcdn.geoedge.be
URL: http://rumcdn.geoedge.be/3d829c49-eaff-4e93-8f58-89ed18b8b1a9/grumi.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Jun 2020 21:53:20 GMT
x-content-type-options: nosniff
server: cafe
age: 43379
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 25 Jun 2020 21:53:20 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame E908 0
0 158ms
47ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://odga.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 25 Jun 2020 09:56:20 GMT
Age: 27994463
X-Served-By: cache-jfk8138-JFK, cache-fra19171-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 1841557
X-Timer: S1593078980.197036,VS0,VE0
Vary: Accept-Encoding

GET
H2

200

sspmatch-iframe
ads.betweendigital.com/ Frame 49D9
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe
https://ads.betweendigital.com/sspmatch-iframe?crf=1

0
0

123ms
122ms

Document
text/html

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe?crf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=mow1; ss=1; tuuid=c7d6a6f6-e452-51b1-b9c0-0525e73471e1; ut=XvR0xAACC3CJkLFNp0Px9ZiGNzfATQ4CsOcXEw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

status: 200
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

Redirect headers

status: 302
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=mow1; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=01ba3a40-dfc4-51b1-82d6-a77fdc22d3bb; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=XvR0xAAB-9CXs5lJW197_5Lrh4-s9ZfKudvbyw==; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0

GET
H2

200

sspmatch-iframe
ads.betweendigital.com/ Frame AD4E
Redirect Chain

https://ads.betweendigital.com/sspmatch-iframe
https://ads.betweendigital.com/sspmatch-iframe?crf=1

0
0

123ms
123ms

Document
text/html

88.212.252.22
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-iframe?crf=1
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.212.252.22 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: ads.betweendigital.com
:scheme: https
:path: /sspmatch-iframe?crf=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=mow1; ss=1; tuuid=c7d6a6f6-e452-51b1-b9c0-0525e73471e1; ut=XvR0xAACC3CJkLFNp0Px9ZiGNzfATQ4CsOcXEw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

status: 200
content-type: text/html
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 658

Redirect headers

status: 302
location: /sspmatch-iframe?crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
set-cookie: dc=mow1; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure tuuid=c7d6a6f6-e452-51b1-b9c0-0525e73471e1; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ut=XvR0xAACC3CJkLFNp0Px9ZiGNzfATQ4CsOcXEw==; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure ss=1; Max-Age=315360000; Expires=Sun, 23 Jun 2030 09:56:20 GMT; Path=/; Domain=.betweendigital.com; SameSite=None; Secure
content-length: 0

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 5BC7 0
0 193ms
41ms Document
text/html 151.101.13.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: cloud.setupad.com
URL: https://cloud.setupad.com/postbid/stpd200227_noiv.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://odga.me/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Thu, 25 Jun 2020 09:56:20 GMT
Age: 27994464
X-Served-By: cache-jfk8138-JFK, cache-fra19172-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 391291, 2546955
X-Timer: S1593078980.248366,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2A07 0
0 89ms
86ms Image
text/html 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CX1f9wHT0Xp21JO2wlQejuKfIDLCd2eRdzruW8c0LypPA_OsCEAEgjeS9KWDp5MmF2BqgAf3_8sgCyAECqQI1FkvOWfKQPuACAKgDAcgDCKoEwQFP0PlD0fWLAgqTlA2ZvrjP8O0xK_24NXHfSqS3UiFjZv4FMMivU7diYr7XJihkXIt8XU62xiTO7IBelylfWYMsWX5lX9XFvP8WVxBb2o6Ng5Zw34C9KZboADLoZUOmTH4Gs7MvUC_ZJcR65ca_t95Dxcvr3-kH6eIdADckiSviRKoHTCcC-9TQzY36L4gy8bGT5dMauDpvS1-PL63uSntiMD2eeDt4nlOolhai9D3QlLqXsXEHvIekC8R5HEX1aSSqwATckfuMkwPgBAGSBQQIBBgBkgUECAUYBKAGAoAH6_-MtwGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQvJ4C0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi00ODc0MTEzOTQ0MTEwNjUxgAoDyAsB2BMN&sigh=XKkeL3bqn2w&tpd=AGWhJmvq4b2b7Mrd0--LbqA4b8eaYe3TlibCpHkRDOIjBidI0w&cbvp=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s18-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 36BC 42 B
112 B 26ms
25ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssL8mqUgqaFiXlgDuwTx0GPdwGt8djiHcJdQVlXZOjuZdUif2SJ9xWBLU_sXrJYM8VVhGQ-00rMbkh-YU1u1Cxs7l-alYjLwfp2JLosAA2laFOWx0wVJETptTa2Tw&sai=AMfl-YQSkUh4HibLKPvuYvBUr1XtgO8mGLHpv2zbUJpXwRIsm4PjuSywyZBNR9alrkQu3W_Izf0H7FyM-fWLGRgoM3tbPkbLGezmFdY0O_17&sig=Cg0ArKJSzC6KuCJDL0W7EAE&id=ampim&o=658,3&d=320,320&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=664&tls=1710&g=100&h=100&tt=1710&r=v&avms=ampa&adk=952476858

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82FD 0
46 B 28ms
16ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020062301&jk=478255786502248&bg=!jY6ljpZYH8WSv1KHJKoCAAACLlIAAABXmQGXIsTEiJFp-ltxKHfygBZa08GrajbFrOIfYo4lNycBSTNncqc8MgEV1Z9xcmJd13n4EatVekXH0qcs5jrLIa6YpBMiPpKAGOZg8GB8k6eiUabmfklcxj-cPIlQuPHK2GjFhFmFczUJV9LHOpXvQ_HGeANliKj5j-DIUAiA1XJeX2Z9CSqbLOwB0GXLFgD1r8VujRUtU6OvTupG5Ob6crxFm4kTBlZ79GeEPZtCKZZBC-25AtfGCJ2jb5HG3wnJE-a0QvAmSjL7UcUQQxgqR-bVAI_LR9aExgjjqQIU4uQIPEEGyH_O-OZ-mP9b55CGqCJydiVft3S1YYFeZakjza9sY_SW2v2BdtUeJucIZcGVhFH36qqdeAV7CXwZeSskVA3wwfMrZiEsCtU-5MFS6rRuB1J0DcYo4Y2EC59Mg_1cpjC4rZWBITWWxTrotx5xAh6Qm0xV1cKgDhBzV1vksJEZFUO7wit8ry5Y8wozlm3eKr78FmGqLhhO79JyGxEF_SYAdfE84f3CmpJncwvLN_Gnlfm9fKVeznQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 67EA 0
46 B 19ms
14ms Image
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020062301&jk=2202546804713339&bg=!iIuli5NYQWLR_aIwpI4CAAACGFIAAAAcmQGXArn0rvgmC1uqy1P7oFmI9Hfov0pWOoirsvQFN0O9GgPp-42DGPqm5EbljlAfOfS0wvWUUxckrNEAgxCoWYpKUNWvNMYEiJdHmzOOBKFYFx4UINtDBiwKp1uhDVTdsrfX02f-Ns2kQkkSWBAtwBE-GQDPGAMniuiJ1LrivlSLv3cuhVm5_4QWgA6wRR8oX4ggWw4JL9USBM9-uBlTM0eJLEhtPOynYcjXuCNtBCFgGOyL7S4PLcf4gxVTTunYZ_gMkJOGxC323ZE9vJWVpzsozs0Hpbai5-Gt4BXMlZbgloJIfQAa0FMdr1Dva-OtxDBc84tFcs8twGNFuHIAv66gkC3J7TZixMoFfH7Vq-3K6BX999kpxEuIZVJNYAOdgieBtBueIZ9a5J57zqLkaAD_5d7yzVUOf0UOOgxw9Sh1ORZmCejXCqKIAd9iKiAd-aD8I0uwmemIEA3iNj-pj-Gl8yWzr9nl2choch8I80rlRCo_ZNU2inersb89rX0wFfwhBJ3Ig_1vSFnIefXSz-BT6YGY0xAcNTw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Jun 2020 09:56:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 4) Message: init custom ga
console-api	log	(Line 2) Message: define block
console-api	log	(Line 1) Message: render block
console-api	log	URL: http://odga.me/_nuxt/3ce12722465ca9af611c.js(Line 1) Message: custom [object Object]
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: is client asyncData
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: getData 1593078973415
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: overidden.tags
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: adLogic 1593078973427
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: this.$refs.homeSecond [object HTMLDivElement]
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: renderAds [object Object],[object Object]
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: define home block [object Object]
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: render dfp ad undefined
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: render dfp ad undefined
console-api	log	URL: http://odga.me/_nuxt/4c71bef132a629d7b945.js(Line 1) Message: getData 1593078973516
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 http://odga.me/
console-api	info	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 410) Message: Powered by AMP ⚡ HTML – Version 2005272217000 http://odga.me/
console-api	warning	URL: https://cdn.ampproject.org/rtv/012005272217000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=CX1f9wHT0Xp21JO2wlQejuKfIDLCd2eRdzruW8c0LypPA_OsCEAEgjeS9KWDp5MmF2BqgAf3_8sgCyAECqQI1FkvOWfKQPuACAKgDAcgDCKoEwQFP0PlD0fWLAgqTlA2ZvrjP8O0xK_24NXHfSqS3UiFjZv4FMMivU7diYr7XJihkXIt8XU62xiTO7IBelylfWYMsWX5lX9XFvP8WVxBb2o6Ng5Zw34C9KZboADLoZUOmTH4Gs7MvUC_ZJcR65ca_t95Dxcvr3-kH6eIdADckiSviRKoHTCcC-9TQzY36L4gy8bGT5dMauDpvS1-PL63uSntiMD2eeDt4nlOolhai9D3QlLqXsXEHvIekC8R5HEX1aSSqwATckfuMkwPgBAGSBQQIBBgBkgUECAUYBKAGAoAH6_-MtwGoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwHyBwQQvJ4C0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi00ODc0MTEzOTQ0MTEwNjUxgAoDyAsB2BMN&sigh=XKkeL3bqn2w&tpd=AGWhJmvq4b2b7Mrd0--LbqA4b8eaYe3TlibCpHkRDOIjBidI0w&cbvp=2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27ff957dffa3f2ff911d8bb64a401c98.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ads.betweendigital.com
adservice.google.com
adservice.google.de
adservice.google.pl
adx.adform.net
bidder.criteo.com
cdn.ampproject.org
cdn.marketjs.net
cloud.setupad.com
cm.adform.net
d35e1cc288bd56d4e856dcdd7857a704.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
gw.geoedge.be
ib.adnxs.com
imasdk.googleapis.com
mug.criteo.com
node.setupad.com
odga.me
pagead2.googlesyndication.com
prebid-eu.creativecdn.com
prebid-stag.setupad.net
prg.smartadserver.com
pubads.g.doubleclick.net
rumcdn.geoedge.be
securepubads.g.doubleclick.net
static.addtoany.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
us2.centcount.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
151.101.13.108
172.217.18.166
172.217.23.130
178.250.0.165
178.250.2.146
185.184.8.30
185.86.139.95
216.58.210.2
2600:9000:2182:a800:4:b37b:9440:93a1
2606:4700:10::6816:46c5
2606:4700:3033::ac43:8245
2606:4700:3035::681b:8fd9
2606:4700:3035::681c:131f
2606:4700:e2::ac40:851b
2a00:1450:4001:800::200e
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2004
2a00:1450:4001:814::2003
2a00:1450:4001:818::2002
2a00:1450:4001:819::2002
2a00:1450:4001:819::2004
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::2002
2a00:1450:4001:81f::2003
2a00:1450:4001:825::2008
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a02:2638::3
34.205.169.52
35.190.77.178
37.157.2.236
37.157.4.23
37.252.173.38
85.206.143.247
88.212.252.22
0212545d020d3df95c056bf33e8d1a86f13ac13048b44667eef72365a72f8919
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
09a75a946b5e6afd8d6dfed7920ac72a3303a6c7cc05ef1c8c4394b730075d42
0ab545de2fffe63bf892ed29a3eb6ba1af104d0027e0e1a7929c16bed79d0c21
0b9d2c776341ad61e5dd232ce16112d6adc64247456322c1b674a95d56a6a3fb
0cc45e8e7bb933831c32e9e161fb094b95fc13d06fc8609569820519a33fa113
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e477ee9acf4d98f1e077d54ed6383388e46b0041762e30de32238cf6aef83df
185f9ce7706fdb5bb1b050f71ab86eb2a048f5db0e8431ae713aeb84f9001c9f
186afd16a36c83e950015445efc3b7e7dbda52eb81e14b27caa05942bb2d3f17
23c36515cabe9d924ee1db2d90614e66df3c28333d354e5ea4269b4500c0de33
25b2cc82915b4eb428ce29a0bd084bac7da2960e862c224886af15c1a561dedc
28ccae244dfde8d78d64f4af31a90aaca4762f7ff66e040dd2cfd3ed34634206
2e087f7a19b3c163ff3202a9eee68e1fbc405a902f196b1df49912aec0f2d598
2f493253c58a9be0d4db9aaeaf8d74914b2f4776ac0bd1ae10809cccd0face81
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
363edecdf8643f02360492a9610373402ffd226a0f9e4320c261546afa039569
3b6af96093af071da5da3004bb7988e2df8fab2f7f321af3e5238d1a2a0f5ac3
3d22a7341ef338dba69bfda9a5e65bb4ddb4dbd276c937fef1f698f78806da79
3ee4af7e7cbc08d5ab3a439f558f7f3b00ec890356c2e4cafbd325e5c8858452
3fc0c87755b5d764f5967162554f41322f60fedda40806c4e77eba2c559c6540
456067363d6dfce2026c2c0bb8f5e2c7ce0e98b1f2aee9c86e2fa3798360247d
46e0323ca826299e7d47355a1a012640a06876f880c6f21dea5b7da38eca9226
48a69c11c9ac775530ba968c7b24caaabd5a721b5b947e2744d687952ef0ebb1
49f5353679f47d156d0c1461c7d246146f77f2369ee2f3335faaecd059301abf
4d06b9665f8b11d340be9f0132d1cef663eeb541bf4a4971da0cb1a8a2a282f6
4ece0a77261e540ddee4824eb0f420a40955ff015db591c40b151431be4293f7
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5146e39a52c784c8f5e011ad0f3ff2eed3e5a4d1b94a5f15289fbb890ea3b436
5233691dffa51e70ae8b66c53b31324e7dfb405de2b01b0bebb41ed2fd52f58a
532e2a4a278c255e715b4c617f8300e7d0848cfc067fb6053e298c6391168f78
555e1ceb7854aa4cbb51f872d6ef54be14f6e6ded837a6b1bfd0a6400cc59093
5563c720385dce141b6ae5b86b2675711b4e676249d3cf67a872ccb361abe2a2
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
63df1849eebd7cfa2e52c94c3558229e580d4aff108961cfdc494a1a88828ebc
6406017f587ee7af6c062e51b73ecad4fed2c739a31c94ae7f636a6965f398cb
7614223cc63035d8f95aa40644bb983d4e9c144537b61983a412ceb0aad53a71
7c5fe3078b5c30e800d7b3b55945df13af8107578351bc8187f614f1fa0eac7d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85d3035a8f8ddfdf1e05876bc9339258e279930aeef58b157ee825406a9c9c0c
8cda152fc815f857f38faae1624b1811df9c0eacee229c91cdd02b2b7d964695
90cbd272a2d52072f8719073547da1cdf706bc1cfe94ec15507bd05f4cf88c79
911d23662caef57e87305d6db5a0cb980c7bcd73a94fd6c40caed33fa2a4523d
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
93ab23d4a0ece27c30d4cfaf95092c7097da3e68d40f71ccee319cf67c5e060c
97361dda3d036caf25e270fe716db15f530cfa40f3c6a165d1a6e76a4ac17183
99f78060455ee67eebd99ed271aef7bc64d61d46aa31a51fe6fdab6192a75064
9f261d4d2edc82ed95903ec71dee4f56f050c6c91556a92d5646c888e3c634f8
a5d897d1bc710dc02950b3ca34af10d3b6a03b5d3a577c6608e1fad84ef98426
a6bb8612dc3d3f6b28f2e879e6e8e597988cb7f1a5e6d9900ba10e351f6c7eef
a6e7ccdfa9942be5d0ce08e1753318a7ebbd5a722313fb5cbd4e59bcfc0b0ceb
acd0c70829c115a17bd7461c1fd147e4b05b99b39d0376d24e011360d53f0dc1
ae2fc9f6ff1f69755aaf909b46cb77fd6d4aa3fce2ca8de83b2a1a24e89fd573
b0737e416a4d3b12c30f5fd3312308fd491c0d688f66b609a078b4045653f830
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18645cd31ced555acd6ca15c7c64479cee8db1dd1458743d5e89d366abe651b
b530681e2707053be02166a0c3d80b43a6dcf406e00cf69f215006854a23fd3e
b58c11dac0fae1d40040bda04c6d4d8d5ba9f2cde7a53568f0741c973b301abb
b96d507d1320b17b6117bcc916968dc8d697d30a12e8e34e828fa1dd687a0e34
be10ad7f862ca636fb22040f89e5a1dd71e8f3da0c50ba0c570565f82c23a2c8
c378aab5610a6b662af254c8958b3764419a4ce263f69c6cf489794ffcc72044
c630059b643882cdbacea53ff42bdc4b5e84dffe3d09da8c22e2a51ae3a27509
cb20d12d14cd28343fceff62f8aa61d12d89bbc328de840482b15490751e89a3
ccfe8000ff4deac516c11ed594d66714eaad8644e7a06ba72d9ed227a9ebb79f
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d5ce7071e8cd2c65f5dbb52157a74b3823faa0ef0da44d5b3d0847fb86b28547
e070a6198ceb8b72b426505461f38a76c7460c9c75f7be1a3db7643d40c384e8
e29d616a841bcbdba5191240a055054c50873f3e3d6f4a52d91f9ea88f02e610
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edc48cd3b0bc4fa7ba23aad40b8508a17d370ca38be174bae2a2f64634e65a2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef313570c17f7edd6249161275d1c21b30d9749d3b5ab7da7d9370b05aa9f90e
f1f5ee87f6687c093dae0f0e3a16022519a4f1aae41f30088e78ff6488968591
f5b5525f2b18bc3ca8870d3cbbbb30c29257114cce122c8539d43cea987a10ea
f60ba04f7607d44e3688f34bbe9575b4ca42d2b8b3937b1aea56796f47b63deb
f6b085e7f396e07e9d9f3541cc481e6bcfa645fd5975f9519f7658e49805ce01
f7b24dd7b4da0713eef52431a055299399c1c446499b2819071b87e44e6bf48f
f9214c2b66f3afc19c175c0c30963be2a48fd40cdfc39d0e9a0a5be601ba77b8
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

odga.me Open in urlscan Pro 2606:4700:3033::ac43:8245 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

154 Requests

82 %HTTPS

62 %IPv6

25 Domains

41 Subdomains

36 IPs

9 Countries

2129 kBTransfer

5436 kBSize

0 Cookies

2 Outgoing links

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

odga.me Open in urlscan Pro
2606:4700:3033::ac43:8245 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

82 %
HTTPS

62 %
IPv6

25
Domains

41
Subdomains

36
IPs

9
Countries

2129 kB
Transfer

5436 kB
Size

0
Cookies

154 HTTP transactions
4 data transactions