urlscan.io logo urlscan.io
SecurityTrails logo

coronar.io Open in urlscan Pro
2606:4700:3033::ac43:872f  Public Scan

Go To Rescan Add Verdict Report
URL: https://coronar.io/
Submission: On December 12 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 43 IPs in 8 countries across 29 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3033::ac43:872f, located in United States and belongs to CLOUDFLARENET, US. The main domain is coronar.io.
TLS certificate: Issued by WE1 on December 12th 2024. Valid for: 3 months.
This is the only time coronar.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:20:... 13335 (CLOUDFLAR...)
1 51.81.57.71 16276 (OVH OVH SAS)
1 151.101.129.194 54113 (FASTLY)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 5 2a02:6b8::1:119 13238 (YANDEX YA...)
1 2a04:4e42:400... 54113 (FASTLY)
1 3 2406:2600:4::b 55569 (CRITEO-AS...)
2 182.161.74.11 55569 (CRITEO-AS...)
1 104.18.27.193 13335 (CLOUDFLAR...)
1 69.173.158.65 26667 (RUBICONPR...)
2 104.18.34.190 13335 (CLOUDFLAR...)
2 131.153.172.93 19437 (SS-ASH)
1 51.79.152.81 16276 (OVH OVH SAS)
1 103.43.91.210 29990 (ASN-APPNEX)
9 216.58.220.130 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2406:2600:4::1 55569 (CRITEO-AS...)
1 151.101.65.229 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.96.70.87 396982 (GOOGLE-CL...)
1 18.64.123.116 16509 (AMAZON-02)
1 2600:9000:21e... 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
1 141.95.98.65 16276 (OVH OVH SAS)
1 13.228.141.68 16509 (AMAZON-02)
1 35.190.39.111 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
5 172.217.26.226 15169 (GOOGLE)
1 152.199.43.61 15133 (EDGECAST)
2 34.22.92.149 396982 (GOOGLE-CL...)
9 142.251.42.142 15169 (GOOGLE)
1 172.67.135.47 13335 (CLOUDFLAR...)
2 2404:6800:400... 15169 (GOOGLE)
1 142.251.42.164 15169 (GOOGLE)
1 23.45.54.42 16625 (AKAMAI-AS)
1 104.18.25.18 13335 (CLOUDFLAR...)
1 51.79.154.9 16276 (OVH OVH SAS)
1 23.220.70.107 20940 (AKAMAI-AS...)
90 43
4    2606:4700:3033::ac43:872f (United States)

ASN13335 (CLOUDFLARENET, US)
coronar.io
15    2606:4700:20::681a:3e8 (United States)

ASN13335 (CLOUDFLARENET, US)
api.adinplay.com
1    51.81.57.71 (United States)

ASN16276 (OVH OVH SAS, FR)
PTR: ns1000995.ip-51-81-57.us
n.gameads.io
1    151.101.129.194 (San Francisco, United States)

ASN54113 (FASTLY, US)
hb-vntsm-com.global.ssl.fastly.net
1    2606:4700:20::ac43:4513 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
1    2404:6800:4004:818::200a (Australia)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX YANDEX LLC, RU)
mc.yandex.ru
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
3    2406:2600:4::b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    182.161.74.11 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
1    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.18.34.190 (None, )

ASN13335 (CLOUDFLARENET, US)
elb.the-ozone-project.com
2    131.153.172.93 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
1    51.79.152.81 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip81.ip-51-79-152.net
onetag-sys.com
1    103.43.91.210 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
9    216.58.220.130 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s01-in-f130.1e100.net
securepubads.g.doubleclick.net
ep1.adtrafficquality.google
2    2404:6800:4004:81e::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2406:2600:4::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    151.101.65.229 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
1    18.64.123.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-123-116.nrt12.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:21ee:be00:a:e047:754:f4a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    2404:6800:4004:820::2001 (Australia)

ASN15169 (GOOGLE, US)
141432870037c58093e943b9304358ce.safeframe.googlesyndication.com
1    141.95.98.65 (France)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3216659.ip-141-95-98.eu
id5-sync.com
1    13.228.141.68 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-141-68.ap-southeast-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
1    2404:6800:4004:823::2001 (Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    172.217.26.226 (United States)

ASN15169 (GOOGLE, US)
PTR: bom05s09-in-f2.1e100.net
pagead2.googlesyndication.com
1    152.199.43.61 (United States)

ASN15133 (EDGECAST, US)
ssl.cdne.cpmstar.com
2    34.22.92.149 (Seoul, Korea, Republic Of)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 149.92.22.34.bc.googleusercontent.com
edge.venatusmedia.com
9    142.251.42.142 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s45-in-f14.1e100.net
fundingchoicesmessages.google.com
1    172.67.135.47 (United States)

ASN13335 (CLOUDFLARENET, US)
coronar.io
2    2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)
ep2.adtrafficquality.google
1    142.251.42.164 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s46-in-f4.1e100.net
www.google.com
1    23.45.54.42 (Tokyo, Japan)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-54-42.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    51.79.154.9 (Singapore, Singapore)

ASN16276 (OVH OVH SAS, FR)
PTR: ip9.ip-51-79-154.net
onetag-sys.com
1    23.220.70.107 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-220-70-107.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
15 adinplay.com
api.adinplay.com — Cisco Umbrella Rank: 13534
338 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
76 KB
8 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
218 KB
7 googlesyndication.com
141432870037c58093e943b9304358ce.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
92 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
mug.criteo.com — Cisco Umbrella Rank: 3746
2 KB
5 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4577
82 KB
5 coronar.io
coronar.io
195 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
3 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3384
ssl.cdne.cpmstar.com — Cisco Umbrella Rank: 46230
146 KB
2 venatusmedia.com
edge.venatusmedia.com — Cisco Umbrella Rank: 17178
227 B
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1010
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026
13 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1004
id5-sync.com — Cisco Umbrella Rank: 533
30 KB
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
acdn.adnxs.com — Cisco Umbrella Rank: 643
827 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 712
407 B
2 the-ozone-project.com
elb.the-ozone-project.com — Cisco Umbrella Rank: 3097
843 B
2 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 505
eus.rubiconproject.com — Cisco Umbrella Rank: 616
880 B
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
2 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 698
1 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 4214
485 B
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 4220
4 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 2700
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
13 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2357
8 KB
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 496
687 B
1 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 506
145 KB
1 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 22775
2 KB
1 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 975
1 KB
1 fastly.net
hb-vntsm-com.global.ssl.fastly.net — Cisco Umbrella Rank: 19559
1 gameads.io
n.gameads.io — Cisco Umbrella Rank: 135103
2 KB
90 29
Domain Requested by
15 api.adinplay.com coronar.io
api.adinplay.com
11 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
8 securepubads.g.doubleclick.net imasdk.googleapis.com
api.adinplay.com
securepubads.g.doubleclick.net
coronar.io
pagead2.googlesyndication.com
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 mc.yandex.ru 1 redirects coronar.io
mc.yandex.ru
5 coronar.io coronar.io
3 gum.criteo.com 1 redirects static.criteo.net
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 edge.venatusmedia.com coronar.io
api.adinplay.com
2 onetag-sys.com api.adinplay.com
2 server.cpmstar.com api.adinplay.com
coronar.io
2 elb.the-ozone-project.com api.adinplay.com
2 mug.criteo.com coronar.io
2 cdn.jsdelivr.net api.adinplay.com
securepubads.g.doubleclick.net
1 acdn.adnxs.com api.adinplay.com
1 js-sec.indexww.com api.adinplay.com
1 eus.rubiconproject.com api.adinplay.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
1 ssl.cdne.cpmstar.com coronar.io
1 tpc.googlesyndication.com securepubads.g.doubleclick.net
1 esp.rtbhouse.com invstatic101.creativecdn.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 id5-sync.com cdn.id5-sync.com
1 141432870037c58093e943b9304358ce.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 ib.adnxs.com api.adinplay.com
1 fastlane.rubiconproject.com api.adinplay.com
1 htlb.casalemedia.com api.adinplay.com
1 imasdk.googleapis.com api.adinplay.com
1 hb.vntsm.io api.adinplay.com
1 ad-delivery.net api.adinplay.com
1 hb-vntsm-com.global.ssl.fastly.net api.adinplay.com
1 n.gameads.io coronar.io
90 39

This site contains links to these domains. Also see Links.

Domain
kevin.games
Subject Issuer Validity Valid
coronar.io
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
adinplay.com
WE1		 2024-12-05 -
2025-03-05		 3 months crt.sh
n.gameads.io
R11		 2024-10-06 -
2025-01-04		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-09-11 -
2025-10-13		 a year crt.sh
ad-delivery.net
WE1		 2024-11-10 -
2025-02-08		 3 months crt.sh
hb.vntsm.io
WE1		 2024-11-02 -
2025-01-31		 3 months crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
casalemedia.com
E5		 2024-12-11 -
2025-03-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
the-ozone-project.com
WE1		 2024-10-14 -
2025-01-12		 3 months crt.sh
server.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2024-07-20 -
2025-08-21		 a year crt.sh
*.onetag-sys.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-23 -
2025-01-29		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
*.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
oa.openxcdn.net
WR3		 2024-11-13 -
2025-02-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-25		 3 months crt.sh
id5-sync.com
WE1		 2024-11-28 -
2025-02-26		 3 months crt.sh
invstatic101.creativecdn.com
WR3		 2024-10-15 -
2025-01-13		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2024-09-07 -
2025-10-07		 a year crt.sh
cdn.prod.uidapi.com
Amazon RSA 2048 M03		 2024-11-20 -
2025-12-20		 a year crt.sh
esp.rtbhouse.com
WR3		 2024-10-22 -
2025-01-20		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
ssl.cdne.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2024-02-25 -
2025-03-28		 a year crt.sh
*.venatusmedia.com
R10		 2024-12-02 -
2025-03-02		 3 months crt.sh
adtrafficquality.google
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
indexww.com
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
cdn.adnxs.com
R11		 2024-10-31 -
2025-01-29		 3 months crt.sh

This page contains 13 frames:

Primary Page: https://coronar.io/
Frame ID: B1E170C880D9F1A2C355F5454B8645D4
Requests: 68 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 80BE09C5B24B3BE3D3E7E3A586784D29
Requests: 1 HTTP requests in this frame

Frame: https://141432870037c58093e943b9304358ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 25A43098388C113253BF4A557BECA459
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ7ONv1zzlEdzcV7cmgxz83k5KxNm67H7k0E4QzmJX-7vJ1pj1hyqRs3X0XbKEgkrQord3vaY4Sja9W3TbwFM_52Ppb_VDNtkAzgjn5FuqZU5-bHDVNdoFaiyqCQHc4M9BLiFb4LmR9RPi4Wp7NteM9TNnREo_tF5iXlDFS8HtfQd6w0r6hoNVEsGLif1lIUCbh7JuByoul0xnUGVyMbv8AEJNGZVXyCycmyGpRTfL2GciWPVUh5bNQHg9k59WVLaeueTz8uNE7caoYtlZ0StqfwlAx3Mn1_VLKY55jr3IbKafTjZH2e5c9VhLqPTjr1SaqDGmGfixMSPGQUcGjRNochSDkv7KzjMucLfzMA7aRMwLUskkEw5XVGfNxitehmxx7rmUybk1jzTvtzOcjjd7FQZkLe0tClI97qRHef-GtQ&sai=AMfl-YRkABsT8xWJA35dwMoGgKoa3semXRQ66UOq85Pdw-bLTDgsy4p3ZQdCVf3Pvpct4qFcujk-0uKbrmq2o2kNayIT8WbmvFDNtUz6bUUCvFCqfpf6oMTecrjlCDJN5jhC8U7GOPUtCSH6xt9oKBoe&sig=Cg0ArKJSzLFaOBnxPOa3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 60F07A87612587EE877513EA7D03B894
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=coronar.io&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Frame ID: B461460062B2E30E499BEFAF4CB13691
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.ru/metrika/metrika_match.html
Frame ID: 24448CD35852EDE86ADB532FED48B8EB
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: A9A81A0F8AB6A17B88FFF70BBB462915
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E4A549C44BDD4A174A307ACA7E38CFD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 1D9157629015F9D7B1327FB7D8B1ED19
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F1351C5DCBFD78DE1C8E4CAE3984982C
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1733985090220
Frame ID: BB5833FB351D5ED55399E172D045EA72
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 80DCA7E82AB514B1F34E26D314C1C6BA
Requests: 1 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&gpp=&gpp_sid=&pubcid.org=f4811761-bff5-47d0-8e47-bd39a64d8817&criteo.com=RjATjF8lMkZDRjJlcWh5Mklob3JUd25wSmZOTiUyRkN4TEdycFhaTWpLTlE1VW82Z1JGZkJXclVPT0NHOSUyQmJMT0hZckRsbEIxQ0xJcmtNNlRET2RRSUVRJTJCcXlUMVNnJTNEJTNE&publisherId=OZONEAIP0001&siteId=1500000135&cb=1733985090129&bidder=ozone
Frame ID: D2A0D969F9CF9CCA22BD1DDD07028FAF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Coronar.io play online

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

90
Requests

97 %
HTTPS

36 %
IPv6

29
Domains

39
Subdomains

43
IPs

8
Countries

1392 kB
Transfer

4008 kB
Size

85
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcoronar.io%2F&domain=coronar.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=K__gy3w0STYxWXRpUnArZ2VydGM1czF1d01lbzZsWUJmQmJyRCtidDVjQ0pCTitmbFhtU29sQnAvN3RjNXVEcEhTeXRoQkRrYjE0Z1VaMFFocHJCQTVaNDhnWTJ4QzhhQ090MUhGQjJmeElzdGplSVJrYVcrQjVaQ1NiYkxqY3BxaWJXUnBheWlVTlR0OWRSSGRRc1RVa2tlL0NMNlFMRlpqVEpaRGZxSTJ1VGs0VUMwRS9kRzdYWHFuQk1pV25EckdmcnIzZ0RGSTN4VlNNMFF1U2xGam8wLy81RU1peTU4UTlGTFhBLzZselFGK2RQaTJJZkxseWpvMUdqcE9FeVp4TzJBfA&cppv=2
Request Chain 73
  • https://mc.yandex.ru/watch/61924642?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44tf8xglmzmdcdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A913124817567%3Ahid%3A546758131%3Az%3A540%3Ai%3A20241212153131%3Aet%3A1733985092%3Ac%3A1%3Arn%3A517883584%3Arqn%3A1%3Au%3A1733985092226319831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2238%3Awv%3A2%3Ads%3A92%2C23%2C560%2C5%2C0%2C0%2C%2C1552%2C1%2C%2C%2C%2C2234%3Aco%3A0%3Acpf%3A1%3Ans%3A1733985087626%3Apani%3AM2JkNGFhYTU3MGU3MGU0ODA1MTFlZmYyYjBjMjE4NWNhMDJjNDc5NGI1ZmE2ZGMwYzBiMDliYWZhYzJiYzExNQ%3D%3D%3Arqnl%3A1%3Ast%3A1733985092%3At%3ACoronar.io%20play%20online&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.ru/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44tf8xglmzmdcdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A913124817567%3Ahid%3A546758131%3Az%3A540%3Ai%3A20241212153131%3Aet%3A1733985092%3Ac%3A1%3Arn%3A517883584%3Arqn%3A1%3Au%3A1733985092226319831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2238%3Awv%3A2%3Ads%3A92%2C23%2C560%2C5%2C0%2C0%2C%2C1552%2C1%2C%2C%2C%2C2234%3Aco%3A0%3Acpf%3A1%3Ans%3A1733985087626%3Apani%3AM2JkNGFhYTU3MGU3MGU0ODA1MTFlZmYyYjBjMjE4NWNhMDJjNDc5NGI1ZmE2ZGMwYzBiMDliYWZhYzJiYzExNQ%3D%3D%3Arqnl%3A1%3Ast%3A1733985092%3At%3ACoronar.io%20play%20online&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronar.io/ 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:872f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47ddd240b27cf40557d1a3c45df99107cfba84e5c3a8b5a4f711f62b6a8d06f2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f0babee6aeb3c0e-NRT
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 06:31:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=slNWOG2ctbrX3KZV%2BJ9mUuyYYwVSQSn5daxlq8vVnc63jdKdKVVIGGQjMxbS2rN4RxCQl99rZDUaxvQg3kkTxUrW868az0xyleDOVjbbVHNTYSLyYYe7OT8AIO2IS%2Fw59GUIA4qht4x3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=1630&min_rtt=1430&rtt_var=331&sent=7&recv=13&lost=0&retrans=0&sent_bytes=4000&recv_bytes=2373&delivery_rate=2126229&cwnd=254&unsent_bytes=0&cid=395292cc3ea8a584&ts=578&x=0"
vary
Accept-Encoding
index.css
coronar.io/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronar.io/css/index.css?v7
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:872f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871d8f0f85182c994a468466dfc82c6a722632bd835031a77d51913e407619d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"5f6b4bb7-6ec"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iv3eIXE1RLtW%2F1sRiU13nPpRotZ86s9XW8DOq580Vxu3z9cyaLUnDrjFzzEy3k3IHmgPVHvSkttRX9mGmJAYbUOSDkAlBTKGteF1OfRswaVabGkqrz54BQJg817idTX2lUPw0XLdFYTC"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0babf20e923c0e-NRT
expires
Fri, 13 Dec 2024 06:31:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1651&min_rtt=1265&rtt_var=250&sent=18&recv=26&lost=0&retrans=0&sent_bytes=9438&recv_bytes=2664&delivery_rate=4280528&cwnd=257&unsent_bytes=0&cid=395292cc3ea8a584&ts=1177&x=0"
date
Thu, 12 Dec 2024 06:31:28 GMT
content-type
text/css
last-modified
Wed, 23 Sep 2020 13:20:55 GMT
vary
Accept-Encoding
server
cloudflare
tag.min.js
api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/ 		106 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2829475609eabd8b4be8febbd154c7be3699957c38dac974ae78daa08a549af4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-1
cf-cache-status
MISS
etag
W/"675854dc-1a707"
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M7vhM6fiFOGnlsDN5Muyu1ykgG4c8tiJ3ZUdOT4ySZdE5A79xaJcUp32uJGhaq4jt6o3OTu36VPq0q0cs6MZ7Ngljp3cSZKl4XwZCAHyjWSIliWQ4luIVB3xHFqDVOOSXVtGyDJpkxRFxz5xGhQ%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1355&min_rtt=1206&rtt_var=273&sent=8&recv=12&lost=0&retrans=0&sent_bytes=4031&recv_bytes=2220&delivery_rate=2755665&cwnd=246&unsent_bytes=0&cid=19e13509c13de022&ts=1217&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Tue, 10 Dec 2024 14:49:00 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babf22d84d55f-NRT
access-control-allow-origin
*
server
cloudflare
bundle.js
coronar.io/ 		649 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronar.io/bundle.js?v5
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:872f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228e88d29b1bed0d183cec598aa617bf7b03012510d9c45fd8cfb212836f4c93

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
W/"5f801170-a22d3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SOcvQGdViD4i3hnMDEuCNI20zv8sdB0r6gAYBFYBCa1LSOgLQVpi6tN02ASwL80sy9TiQBYKa8h8Kxwj9m45GlIjU5WGWdlYS3b7r9%2BsHVDUqLS7mqLjVWe5y3g67KdNTMRRON4ZSQl6"}],"group":"cf-nel","max_age":604800}
cf-ray
8f0babf20e963c0e-NRT
expires
Fri, 13 Dec 2024 06:31:28 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=1533&min_rtt=1265&rtt_var=256&sent=21&recv=29&lost=0&retrans=0&sent_bytes=10651&recv_bytes=2664&delivery_rate=4280528&cwnd=257&unsent_bytes=0&cid=395292cc3ea8a584&ts=1454&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Fri, 09 Oct 2020 07:29:52 GMT
vary
Accept-Encoding
server
cloudflare
email-decode.min.js
coronar.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronar.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:872f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"675318bd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w%2BFJ2qn37sNYOTfKoKWn6YJmKFS61G1BonQudIBEdGZjiQ4LlX83d6kT4rPNm7xx7IyZPWtUtt7c%2FRCrjWP71KWdZphzll1%2Fnp25OGiU9gZmafea%2BsrSP5kmIvET5aBxE6p0emr2ndzb"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8f0babf20e973c0e-NRT
expires
Sat, 14 Dec 2024 06:31:28 GMT
date
Thu, 12 Dec 2024 06:31:28 GMT
content-type
application/javascript
last-modified
Fri, 06 Dec 2024 15:31:09 GMT
server
cloudflare
vary
Accept-Encoding
getcode
n.gameads.io/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.gameads.io/getcode?objid=gameadsbanner&jsdate=1733985088904&lang=ja-JP&rfunc=GameAdsRenew&fromhost=coronar.io&refr=&fromurl=https%3A%2F%2Fcoronar.io%2F
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.81.57.71 , United States, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns1000995.ip-51-81-57.us
Software
/
Resource Hash
f0fed7e7f1b59f2382f43d43e813a074df7d715e2084065a3de7d322d87c035f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

X-Robots-Tag
noindex, nofollow
Cache-control
max-age=0
Connection
Close
Access-Control-Allow-Origin
*
Content-Length
1278
Date
Thu, 12 Dec 2024 06:31:29 GMT
Content-Type
text/javascript
Access-Control
allow <*>
ad-manager.js
api.adinplay.com/v4/live/aip/ 		796 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/ad-manager.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54979a57b8bec446a421044649ded15f5e4da6bbffd4b8406280ed46229a1005

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-c7058"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2BXdHlI59281uTqoh9rp4bqe3mqKzGmwj99Kdp8%2FwK5T3mn6GKSY4eYtnI3lRLDpogrFLB%2FAINK2MZvC86BBTIEZu2v%2F2HdcRehqlvpVA5FCOYKs0oOpzmdaVMcKxUJXZH0mekBlhd4ls7tDrb8%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=3989&min_rtt=1206&rtt_var=471&sent=54&recv=36&lost=0&retrans=0&sent_bytes=44739&recv_bytes=2300&delivery_rate=12707561&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1299&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfa0c13d55f-NRT
access-control-allow-origin
*
server
cloudflare
31805.js
api.adinplay.com/v4/live/aip/ 		1 KB
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/31805.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e9a6b334cb9810f7d25fafab61725edf522f8b7372ac65f1274db79867a6537

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-5dc"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ST2YdOcS6%2BE3t%2BtwYB2dOIVPBrUDQQKAUmlBIqw9yUdtudpL2Q4ZRu9P4jD5clYdeiqt4Af3kxEg69Yox2kig%2FeXhmMe9%2BHz%2F97w7DORO3nRDctg5NNO0QZ7kujkAATyGBk03aVslT4ccmy%2FvC0%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=3344&min_rtt=1206&rtt_var=255&sent=264&recv=222&lost=0&retrans=0&sent_bytes=283706&recv_bytes=2366&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1394&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfabc8dd55f-NRT
access-control-allow-origin
*
server
cloudflare
g.txt
hb-vntsm-com.global.ssl.fastly.net/v4/srv/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb-vntsm-com.global.ssl.fastly.net/v4/srv/g.txt
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

Access-Control-Expose-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Age
4456
Access-Control-Allow-Methods
GET, OPTIONS
X-Cache
HIT, HIT
Date
Thu, 12 Dec 2024 06:31:29 GMT
Last-Modified
Tue, 02 Apr 2024 15:20:36 GMT
Vary
Accept-Encoding
X-Served-By
cache-dub4365-DUB, cache-nrt-rjtf7700029-NRT
Content-Type
text/plain
x-amz-id-2
EHZqmdfZ1NAmHYVGFax02YvGsPl+HA5Gy7lCKWIqiMu1yi021u0xiDTr0RcR7F4m2HU0JkMxmqiHmhczjf/vmkqpsXSk85s1
X-Cache-Hits
36, 41
Strict-Transport-Security
max-age=300
Access-Control-Allow-Headers
X-Geo,Content-Type,x-bl,x-geo-subdivision,Geo-Sub,Geo
X-Timer
S1733985090.805016,VS0,VE0
X-IP
31.204.145.171
Connection
keep-alive
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
0
Geo-Sub
13
X-Geo
JP
Venatus-CDN-HB-Rule-Version
1.1
x-amz-server-side-encryption
AES256
px.gif
ad-delivery.net/ 		43 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-goog-metageneration
5
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
cf-cache-status
HIT
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
age
160411
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hQxONI3udF6bCsO%2FuREA9mUKDrUXvHs78fnSanHsu3mdYmoUxHnAUOE9lKtA12uubtN8PwV1zHSPZsQlV4L6xO8jZ1WC6YVKeUlXHzy0EF9BzP7RHyJIAdoUxTBFonduG5fKSWDUhIT8ZYXf4g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Fri, 13 Dec 2024 06:31:29 GMT
server-timing
cfL4;desc="?proto=TCP&rtt=1427&min_rtt=1261&rtt_var=265&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3999&recv_bytes=2198&delivery_rate=2546465&cwnd=254&unsent_bytes=0&cid=f3e8c9c0b655b309&ts=18&x=0"
x-goog-stored-content-length
43
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
image/gif
last-modified
Wed, 05 May 2021 19:25:32 GMT
vary
Accept-Encoding
x-guploader-uploadid
AFiumC6XidjoOZVj4yOfAj8eA7iptEfn1oMmtnEmmsh06gqSKIavhL9dbMRutjponLlzefLVruUfuqs
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8f0babfb5c8f80dd-NRT
accept-ranges
bytes
access-control-allow-origin
*
x-goog-generation
1620242732037093
content-length
43
server
cloudflare
content.html
hb.vntsm.io/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa7ac3525ae8b74b9de4f759318e03ac412a6cc7627b43c00b3e35e5d365167
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

geo-subdivision
JP-13
cache-control
max-age=15
access-control-expose-headers
*
content-encoding
br
geo
JP
referrer-policy
same-origin
cf-ray
8f0babfbaa53e358-NRT
expires
Thu, 12 Dec 2024 06:31:44 GMT
access-control-allow-origin
*
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
x-frame-options
SAMEORIGIN
11613.js
api.adinplay.com/v4/live/aip/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/11613.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de64b2d72bc9fca370d00a26f0633b1d3411bc94e8bc8096d45d938b5e838b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-d58"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vazV8DNrrwx9q%2FNjjnBOMcuxZfru%2BIofWGIt8swmtRPsHDVLwC1Hysk0gZRDdkJDjkeq2%2FZS4teGn5Wdo%2F%2BGguxN%2FO7kc4ovYYg%2F47S0hZ53oCwZZaRxfi83Wtoyvnof85OsWK6bIG2flxvexzA%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=2187&min_rtt=1206&rtt_var=463&sent=280&recv=232&lost=0&retrans=0&sent_bytes=294639&recv_bytes=2561&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1493&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfb4d03d55f-NRT
access-control-allow-origin
*
server
cloudflare
73469.js
api.adinplay.com/v4/live/aip/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/73469.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d627d32bf260395d4ab41c340e67ad705eaf944ab513b170b83ed30785a94d7c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-486c"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LlBTDppzWlQOFpbj7Vmy6oMBvpbnGBWmQcAcGxgHC2926m0P%2F16xQccG5aBZFaYE4MFmI4Pu8ISxWW02xXjgrUevoTYPSm%2B1mHn79n1IniaYOHTAZpZN5FjRD3dZz%2BwKRQpxCjBUpBoHhybjczU%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=2187&min_rtt=1206&rtt_var=463&sent=272&recv=232&lost=0&retrans=0&sent_bytes=287663&recv_bytes=2561&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1492&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfb4d06d55f-NRT
access-control-allow-origin
*
server
cloudflare
56466.js
api.adinplay.com/v4/live/aip/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/56466.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a070bf8b094322fc676f3820f25ddb360933959709d18b086a67fdbcfb65b52d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-1
cf-cache-status
HIT
etag
W/"673efd9b-165f"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lxg6fwtavPx7qmfx2uEKdQJ0yMl17oz5Shi7RcCQu%2Bu78jiuSUmuvt3ywWawH1AUXfi8qW3h%2FdP3CtiMW2Xe%2F6pcd2UxvnH1uXpttI6zfqPA8Y2gOOvvrDTdauR%2FJhqegzhU4nXUXNgV2ZLoPQE%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=2719&min_rtt=1206&rtt_var=383&sent=268&recv=228&lost=0&retrans=0&sent_bytes=284635&recv_bytes=2561&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1490&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfb4d08d55f-NRT
access-control-allow-origin
*
server
cloudflare
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		424 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:818::200a , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15c1d2c57f6b12e9dfd82ef1b9d2b10e227a9f274d3df68eccf2b056cd6fcd7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
private, max-age=900, stale-while-revalidate=3600
content-encoding
gzip
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:31:29 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148094
date
Thu, 12 Dec 2024 06:31:29 GMT
x-xss-protection
0
content-type
text/javascript
vary
Accept-Encoding
server
sffe
tag.js
mc.yandex.ru/metrika/ 		235 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
ef42649c52b16db783e33616f4c09e8d35eaa72faa2cf92a692d9e7ac5fee4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
etag
"674f133a-13aec"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 12 Dec 2024 07:31:31 GMT
access-control-allow-origin
*
content-length
80620
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/javascript
last-modified
Tue, 03 Dec 2024 14:18:34 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20241212
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8a15b0e2840ad35ba425ca104a0347f35384f15e78a9e1df58a7880d3da02106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"63a-GsvC7YaRC59eIJRYso/wAeO4PyM"
age
9033
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230103-FRA, cache-nrt-rjtf7700038-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
838
x-jsd-version
1.0.2267
45496.js
api.adinplay.com/v4/live/aip/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/45496.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf4baebad5bfea80098680bf3037f54fe7129285e246d37e61afc9f0cf3f611c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-a56"
age
142595
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5SWp6tVJqTCfIIOwxBfS8lfpPvdI%2BJGa16GJ80nvuxvfK7%2FFz7VqZmR1IRqmvs8qeXKqoLZZ4YvW3oNVkuBic4Oekuc9xn9IURjIbh3WGvwmCvL2jtC1LcEKm4XS9ByxFg8D3HG4orfs%2BGTuvdc%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1575&min_rtt=1206&rtt_var=243&sent=285&recv=246&lost=0&retrans=0&sent_bytes=296770&recv_bytes=2691&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1541&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfb9d3ed55f-NRT
access-control-allow-origin
*
server
cloudflare
70931.js
api.adinplay.com/v4/live/aip/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/70931.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f71aa0c67cfc824ca1ff2afbe9e2b0f4e3ce145fb774533faf532ffeca79b3a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-1
cf-cache-status
HIT
etag
W/"673efd9b-ef6"
age
142595
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Poe%2FtirJ2dcJVdx02LdDMUWFsRY%2FTWPpFa0wVjdCFK%2FwbmkQjawngcqyQC%2BURx5odH%2BOh6jAoUAjTIXGwqJu7qKT1z3K8IoPZQ8X9lkxBBBsGyfiJpw3jDZNzIK9Q00gJkuO2buHmLxIUHcscqM%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1525&min_rtt=1206&rtt_var=176&sent=288&recv=249&lost=0&retrans=0&sent_bytes=298594&recv_bytes=2691&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1544&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbad3fd55f-NRT
access-control-allow-origin
*
server
cloudflare
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcoronar.io%2F&domain=coronar.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://coronar.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://coronar.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 12 Dec 2024 06:31:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
213831
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fcoronar.io%2F&domain=coronar.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=K__gy3w0STYxWXRpUnArZ2VydGM1czF1d01lbzZsWUJmQmJyRCtidDVjQ0pCTitmbFhtU29sQnAvN3RjNXVEcEhTeXRoQkRrYjE0Z1VaMFFocHJCQTVaNDhnWTJ4QzhhQ090MUhGQjJmeElzdGplSVJrYVcrQjVaQ1NiYk...
367 B
929 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=K__gy3w0STYxWXRpUnArZ2VydGM1czF1d01lbzZsWUJmQmJyRCtidDVjQ0pCTitmbFhtU29sQnAvN3RjNXVEcEhTeXRoQkRrYjE0Z1VaMFFocHJCQTVaNDhnWTJ4QzhhQ090MUhGQjJmeElzdGplSVJrYVcrQjVaQ1NiYkxqY3BxaWJXUnBheWlVTlR0OWRSSGRRc1RVa2tlL0NMNlFMRlpqVEpaRGZxSTJ1VGs0VUMwRS9kRzdYWHFuQk1pV25EckdmcnIzZ0RGSTN4VlNNMFF1U2xGam8wLy81RU1peTU4UTlGTFhBLzZselFGK2RQaTJJZkxseWpvMUdqcE9FeVp4TzJBfA&cppv=2
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0220b07e7fccf2fa59f39efb6ae7aaa9dcdf4ad8172d0893f616f5b578877da0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
523495
expires
0
access-control-allow-origin
null
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=K__gy3w0STYxWXRpUnArZ2VydGM1czF1d01lbzZsWUJmQmJyRCtidDVjQ0pCTitmbFhtU29sQnAvN3RjNXVEcEhTeXRoQkRrYjE0Z1VaMFFocHJCQTVaNDhnWTJ4QzhhQ090MUhGQjJmeElzdGplSVJrYVcrQjVaQ1NiYkxqY3BxaWJXUnBheWlVTlR0OWRSSGRRc1RVa2tlL0NMNlFMRlpqVEpaRGZxSTJ1VGs0VUMwRS9kRzdYWHFuQk1pV25EckdmcnIzZ0RGSTN4VlNNMFF1U2xGam8wLy81RU1peTU4UTlGTFhBLzZselFGK2RQaTJJZkxseWpvMUdqcE9FeVp4TzJBfA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
291248
expires
0
access-control-allow-origin
https://coronar.io
content-length
0
date
Thu, 12 Dec 2024 06:31:29 GMT
server
Kestrel
63206.js
api.adinplay.com/v4/live/aip/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/63206.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d495a8e91497430d2c54e28e8bf512f2608ec199b525c528853da41dab80dfd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-1
cf-cache-status
HIT
etag
W/"673efd9b-799f"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9Zd7H9AWKHKJEZ55ITAw4CpT2b%2BJXJXr%2BgRDQ5ObA0OtOmDp4OTdKKDpAwZ4GDC50vcMlX%2BGDNbNa78WBaGjAOFUF0xKE3FuYqHf4VTr3Zag1NltPHaDPOH24zlHqlbSCSc97faLCwPX%2Fjc0cw%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1414&min_rtt=1206&rtt_var=178&sent=298&recv=260&lost=0&retrans=0&sent_bytes=304489&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1588&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed95d55f-NRT
access-control-allow-origin
*
server
cloudflare
74012.js
api.adinplay.com/v4/live/aip/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/74012.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e38c599e6a401c3fcb2b6a521303f2bd55e600117e93e010e065954e874bcbf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-1
cf-cache-status
HIT
etag
W/"673efd9b-1f43"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ycO9pe%2F%2B%2BqbNz%2F0NZgso%2BdiIzfDn5tb4bVnxnDx4vSJUnz%2B19UxQAzpWS0qtVp0bN75Qj4zF3jDmnkWgvgetadBSwghFk9gBoJx2wGZI6q01pnDppeOQZpamPaqO%2BuTPuLXvGM2CC9xbXvBy1w%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1414&min_rtt=1206&rtt_var=178&sent=308&recv=260&lost=0&retrans=0&sent_bytes=315184&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1588&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed97d55f-NRT
access-control-allow-origin
*
server
cloudflare
62711.js
api.adinplay.com/v4/live/aip/ 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/62711.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
240417e37cdff4bb321b21751c4bf5e96f04ec106d1ff6865037c368c3416356

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-6d33"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvziCjoNVHvKEBW7WccnVd3lnaL%2FlxBBjvMn%2B5K1gW4JlXoI%2Ff%2BC1hJ1f1enHh7%2F1RrduGBhD6sNitkgqjE%2BZp5kvV4jtDUql9EE0v2MA9hLoxZLo4tUG0V69v5BFqGZmQRtvXLwE3iwMTpoiQQ%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1398&min_rtt=1197&rtt_var=112&sent=338&recv=275&lost=0&retrans=0&sent_bytes=342553&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1591&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed9ad55f-NRT
access-control-allow-origin
*
server
cloudflare
32149.js
api.adinplay.com/v4/live/aip/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/32149.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
124d1a2ea919926efb5e43134f7d14b2b945729df7bf33b9c775093f5c2e4b82

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-1
cf-cache-status
HIT
etag
W/"673efd9b-1e89"
age
142595
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eE%2BZ7TE%2FQf%2FBpEe5IptVD0A7KN4N4XdS0wUWok7rtuA7zB2Msifo%2BIXlQb1lTd%2BC%2F05Blx%2F1ZDTjwSmU30tocB7mWfOb8hKkuV4a%2FJGY%2FMWuRosoG03bwB8s%2B0SglAjIpmdge%2BXN1yVxO0EbDl0%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1414&min_rtt=1206&rtt_var=178&sent=293&recv=260&lost=0&retrans=0&sent_bytes=300776&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1587&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed9bd55f-NRT
access-control-allow-origin
*
server
cloudflare
44599.js
api.adinplay.com/v4/live/aip/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/44599.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65fa0fccd5e00990bfeb46e09a6b35e935b34f853e4cca51f1c61aa0a3df4e61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-648c"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2BVezEpFd9vnEln%2FxXGiY265gvj91We0Tq5XljSm721%2Fhr8TrCicznlY3d%2F4nBmnz6QJdnNh4vEzqOlWIJuoDN9fiiJpJEXXaPKX%2FSXDnctouKUBcBYwjmJ%2F%2FeLzs%2Bke%2BzuSOm0oKxS6qNiCi%2BE%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1414&min_rtt=1206&rtt_var=178&sent=313&recv=260&lost=0&retrans=0&sent_bytes=319031&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1588&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed9cd55f-NRT
access-control-allow-origin
*
server
cloudflare
15893.js
api.adinplay.com/v4/live/aip/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/15893.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80e3f302134bb875cc49009cd69e08920a56e4f96bc6b682440ca9d8de4fbf25

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-eaa"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lKCbDOiHI1InIvlnTklh9bYBUd32gnYFz1odPNI1rGUblOQYYWF6FKkoBZEHduMUh%2BFAFGuXyXuIo8DD%2FCJsBIzTJ3k8BCAjswdLf%2BdZpdGb987B0ZC%2FmygtM6Bot4IOlb%2BJByoivjPqZYUD81U%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1399&min_rtt=1202&rtt_var=79&sent=323&recv=273&lost=0&retrans=0&sent_bytes=329219&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1590&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed9dd55f-NRT
access-control-allow-origin
*
server
cloudflare
53170.js
api.adinplay.com/v4/live/aip/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/v4/live/aip/53170.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:3e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d4f82e115cf31cd13f732de4a15dddf0c32c79b21772b520e325c081d4ef36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-host
adinplay-2
cf-cache-status
HIT
etag
W/"673efd9b-746f"
age
142596
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3aDEbyYJ7TVYNvdsywzEgFTgQi%2Fihm6cTtJmva6PyjJSTGnzckjMRspxYkvlK%2BRBycr4sbQfI5CE8S%2B2U0%2BVJ3Zl1PpppExnfUyIDLbeerTfi9VT7nteE3N6vUngnnbzMe%2BCXDVoabU4Se29QcE%3D"}],"group":"cf-nel","max_age":604800}
server-timing
cfL4;desc="?proto=TCP&rtt=1423&min_rtt=1202&rtt_var=109&sent=327&recv=274&lost=0&retrans=0&sent_bytes=331504&recv_bytes=3146&delivery_rate=33209103&cwnd=250&unsent_bytes=0&cid=19e13509c13de022&ts=1591&x=0"
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/javascript
last-modified
Thu, 21 Nov 2024 09:30:03 GMT
vary
Accept-Encoding
cache-control
max-age=1800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f0babfbed9ed55f-NRT
access-control-allow-origin
*
server
cloudflare
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=K__gy3w0STYxWXRpUnArZ2VydGM1czF1d01lbzZsWUJmQmJyRCtidDVjQ0pCTitmbFhtU29sQnAvN3RjNXVEcEhTeXRoQkRrYjE0Z1VaMFFocHJCQTVaNDhnWTJ4QzhhQ090MUhGQjJmeElzdGplSVJrYVcrQjVaQ1NiYkxqY3BxaWJXUnBheWlVTlR0OWRSSGRRc1RVa2tlL0NMNlFMRlpqVEpaRGZxSTJ1VGs0VUMwRS9kRzdYWHFuQk1pV25EckdmcnIzZ0RGSTN4VlNNMFF1U2xGam8wLy81RU1peTU4UTlGTFhBLzZselFGK2RQaTJJZkxseWpvMUdqcE9FeVp4TzJBfA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.11 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 12 Dec 2024 06:31:29 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
180640
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
687 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=826041
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f29ceb3ace705a9cc43cde2e14c88e2205263c4975bd4a6be67a537eb0a859e5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D73JbGmgrl9nroUEnTcfMI9Hw0og4fp2BYzaZlJstX147kOKp0l%2B7HQ6Svq8z4jMQnCyRyWEFvSzXi1WLiDy%2BR54np2uJYTGE7EGzeAyJwRyogFOOlZomavkg1KLZwrFugBqFeXg"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Thu, 12 Dec 2024 06:31:29 GMT
content-type
application/json
vary
Accept-Encoding
priority
u=1,i
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f0babfc5d6ed771-NRT
access-control-allow-origin
https://coronar.io
content-length
36
server
cloudflare
fastlane.json
fastlane.rubiconproject.com/a/api/ 		374 B
880 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23042&site_id=360062&zone_id=2685800&size_id=15&alt_size_ids=9%2C8%2C10&rp_schain=1.0,1!adinplay.com,TPZ,1,,,&eid_pubcid.org=f4811761-bff5-47d0-8e47-bd39a64d8817%5E1&eid_criteo.com=RjATjF8lMkZDRjJlcWh5Mklob3JUd25wSmZOTiUyRkN4TEdycFhaTWpLTlE1VW82Z1JGZkJXclVPT0NHOSUyQmJMT0hZckRsbEIxQ0xJcmtNNlRET2RRSUVRJTJCcXlUMVNnJTNEJTNE%5E1&rf=https%3A%2F%2Fcoronar.io%2F&kw=coronagamecoronovirusvirusplaygameonlinecoronar.iocoronario&tg_i.domain=coronar.io&tg_i.page=https%3A%2F%2Fcoronar.io%2F&tg_i.pbadslot=%2F421469808%2Fcoronar.io_300x600%23p0_0_0&tk_flint=pbjs_lite_v9.19.0&x_source.tid=0&l_pb_bid_id=5c1016f647a2be&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=43938750-8f02-448a-a182-5239e7976d1c&rp_maxbids=1&p_gpid=%2F421469808%2Fcoronar.io_300x600%23p0_0_0&m_ch_mobile=%3F0&slots=1&rand=0.05075990276604769
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
11989778ad59d6cd5d85994f83207da6bca98e79389ff0214cb84e1571abb615

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://coronar.io
content-length
374
date
Thu, 12 Dec 2024 06:31:30 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
auction
elb.the-ozone-project.com/openrtb2/ 		2 B
843 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/openrtb2/auction
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8f0babfc69a0d496-NRT
expires
0
access-control-allow-origin
https://coronar.io
content-length
2
date
Thu, 12 Dec 2024 06:31:30 GMT
content-type
text/plain; charset=utf-8
vary
Origin, Accept-Encoding
server
cloudflare
view.aspx
server.cpmstar.com/ 		1 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?media=banner&json=c_b&mv=1&poolid=81290&reachedTop=true&requestid=9bd0bee11a7c1f&referer=https%3A%2F%2Fcoronar.io%2F&schain=1.0%2C1%21adinplay.com%2CTPZ%2C1%2C%2C%2C
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.153.172.93 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cd2e7881b71383928ec6ce46109caaa4449fd95d77fabb407e464328a4a279e7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

Transfer-Encoding
chunked
Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Access-Control-Allow-Credentials
true
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin
https://coronar.io
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date
Thu, 12 Dec 2024 06:31:30 GMT
Content-Type
application/json; charset=utf-8
Server
Microsoft-IIS/10.0
prebid-request
onetag-sys.com/ 		15 B
407 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.152.81 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip81.ip-51-79-152.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-encoding
gzip
access-control-allow-credentials
true
access-control-allow-origin
https://coronar.io
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
content-length
41
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
prebid
ib.adnxs.com/ut/v3/ 		139 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
103.43.91.210 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
b1ed39530ceb15b5174220e247bcfdd6cbf37028f65efa61eed35300cdcab943
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://coronar.io/

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
31.204.145.171; 31.204.145.171; 1027.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://coronar.io
an-x-request-uuid
03bde0c8-da61-4c86-a88d-996186a2011d
content-length
139
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 12 Dec 2024 06:31:30 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
server
nginx/1.23.4
ima_ppub_config
securepubads.g.doubleclick.net/pagead/ 		67 B
60 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Fcoronar.io%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
7d49fd142c0f355c82e85a06c9da27340646a33c69cd6eeafad3bfc04c5a70e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:31:30 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
36
date
Thu, 12 Dec 2024 06:31:30 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=421469808
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
b5c556ab91f2d3ded2650738fe630635ae71c1f3d8988474476d24a92c667596
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://coronar.io
Referer
https://coronar.io/

Response headers

content-encoding
br
etag
765 / 20069 / 31089395 / config-hash: 16246998170830224354
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:31:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 06:31:30 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33985
x-xss-protection
0
server
cafe
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/ 		492 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js?network-code=421469808
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://coronar.io
Referer
https://coronar.io/

Response headers

content-encoding
br
etag
5395541545685299795
age
43194
x-content-type-options
nosniff
expires
Thu, 11 Dec 2025 18:31:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 11 Dec 2024 18:31:36 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/ 		63 KB
22 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
18065
x-content-type-options
nosniff
expires
Fri, 13 Dec 2024 01:30:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 01:30:25 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
421469808
fundingchoicesmessages.google.com/i/ 		197 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/421469808?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
33b8b91d731c3f42f5b87a32a1b703f9f4999032355f161c6c46b5e121e6610f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eQHnpJVNZnELxX4rtV4JLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:30 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBxqe7WLTWDBylvHmZU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLjAGNLkWv"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eQHnpJVNZnELxX4rtV4JLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXIO5U3SfDNHx5Mfz0HEWosvnedYEXpecepUkPUZCZMVElGyqbwY1AX1DAEmN2yNjUNXdOy-JxYzSIgbwZpne2Yc6uci0tYZRkFQoyel65uPwZ2XRRO1kgtGuRUvuVDPQ_UP_lcjg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXIO5U3SfDNHx5Mfz0HEWosvnedYEXpecepUkPUZCZMVElGyqbwY1AX1DAEmN2yNjUNXdOy-JxYzSIgbwZpne2Yc6uci0tYZRkFQoyel65uPwZ2XRRO1kgtGuRUvuVDPQ_UP_lcjg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTg1MDkxLDc0MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL2Nvcm9uYXIuaW8vIixudWxsLFtbOCwiLUF1UEs3eWZucDQiXSxbOSwiamEiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18d5515350e9063c94b108a8c7f05e047167c1cb6a0120e6fb9de8e42f259445
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eqHNMd1rJtGPO_lwx1MynQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII0JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxcxxue7WLTWDD5312ShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRgaWegbG8QXGAE03RWc"
content-security-policy
script-src 'report-sample' 'nonce-eqHNMd1rJtGPO_lwx1MynQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 80BE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 06:20:01 GMT
expires
Thu, 12 Dec 2024 07:10:01 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-goog-metageneration
1
content-encoding
gzip
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
etag
"df5542b88bc0e368c6999754a5b9e2ba"
age
76438
x-goog-stored-content-encoding
gzip
expires
Thu, 11 Dec 2025 09:17:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
7927
date
Wed, 11 Dec 2024 09:17:33 GMT
last-modified
Thu, 27 May 2021 18:30:51 GMT
content-type
application/javascript
x-guploader-uploadid
AFiumC6yS5_lqMQWAbEcUzEQPFzi4epzXqb4wNDsDZlmc3typlsq9_3u_dyUdcCXJReSJhF_wfbwnhI3cQ
cache-control
no-transform
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
x-goog-generation
1622140251693895
content-length
7927
server
UploadServer
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"670e3454-a69c"
cross-origin-resource-policy
cross-origin
expires
Fri, 13 Dec 2024 06:31:31 GMT
access-control-allow-origin
*
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/javascript
last-modified
Tue, 15 Oct 2024 09:22:28 GMT
server
nginx
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
775 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
age
36694
x-content-type-options
nosniff
x-jsd-version-type
branch
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT, HIT
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230042-FRA, cache-nrt-rjtf7700068-NRT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
394
x-jsd-version
master
esp.js
cdn.id5-sync.com/api/1.0/ 		101 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5dcd2f7daade69f0b6f0a4fca81bea12"
age
8
expires
Thu, 12 Dec 2024 07:31:31 GMT
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/javascript;charset=utf-8
last-modified
Wed, 04 Dec 2024 13:37:28 GMT
vary
Accept-Encoding
x-amz-id-2
WtUwer7/JUnGJCVSroGvs3nQEXbwH/WmwY9ipy/gvOy1ULkp7tnegK342nVG6dhlMzHQI7BGS4I=
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
public, max-age=3600
x-amz-request-id
2WKYD5H121450DCB
cf-ray
8f0bac036c0e3c0b-NRT
server
cloudflare
x-amz-server-side-encryption
AES256
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

etag
e8fb4c5e5648d4012fd13b4c454df319
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1558
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 11 Dec 2024 20:03:09 GMT
server
Google Frontend
x-cloud-trace-context
3563a5e6bb08ed71b985da087d1ae8bd
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.123.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-123-116.nrt12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

vary
Accept-Encoding
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"7db46e1255a018ecf02f47b2c19c26c4"
age
48590
via
1.1 30c6e5ac4c3a9856bec72d9fdc4132b4.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
fn-7Ry0K3mo5Ly4MqOPym7BvdgDzyK5c_ValmHiFRIESLfJ5TbAl3w==
date
Wed, 11 Dec 2024 17:01:42 GMT
content-type
text/javascript
last-modified
Tue, 20 Aug 2024 18:47:40 GMT
server
AmazonS3
x-amz-cf-pop
NRT12-P1
x-amz-server-side-encryption
AES256
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ee:be00:a:e047:754:f4a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

x-amz-version-id
suVMGQsV8z1neCwtnAwOA2e_FhSjpoa6
ETag
"e264379414c85b18fe5fb338ed4823f8"
Age
39978
Connection
keep-alive
Via
1.1 1a3215a2c48bae3a908a6ecfac43c8f4.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
3117
X-Amz-Cf-Id
JniaShgbTCCj4O9j3WClTciClqeUTVZesFzTu6l5FcrU9zvCai8KLw==
Date
Wed, 11 Dec 2024 19:25:14 GMT
Content-Type
text/javascript
Last-Modified
Wed, 11 Dec 2024 19:25:11 GMT
Server
AmazonS3
X-Amz-Cf-Pop
NRT20-C4
x-amz-server-side-encryption
AES256
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
9 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3768993730192345&correlator=527837667844111&eid=31086815%2C31089315%2C31089318%2C31089347%2C31089395&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&gpp_sid=-1&iu_parts=421469808%3A22706833012%2Ccoronar.io_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=120x240%7C120x600%7C300x250%7C160x600%7C300x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1733985091089&lmt=1733985091&adxs=0&adys=600&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=540&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcoronar.io%2F&vis=1&psz=0x-1&msz=0x-1&fws=4&ohw=1600&topics=9&tps=9&htps=10&a3p=EhkKCnB1YmNpZC5vcmcYjPzCzLsySABSAghkEhkKCnVpZGFwaS5jb20YjPzCzLsySABSAghkEhwKDWNyd2RjbnRybC5uZXQYjPzCzLsySABSAghkEhQKBW9wZW54GIz8wsy7MkgAUgIIZBIbCgxpZDUtc3luYy5jb20YjPzCzLsySABSAghkEh0KDmVzcC5jcml0ZW8uY29tGIz8wsy7MkgAUgIIZBIXCghydGJob3VzZRiM_MLMuzJIAFICCGQ.&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1733985088317&idt=2459&prev_scp=pb_has_winner%3D1%26pb_cpm%3D7%26pb_bidders%3Dcpmstar%26pb_size%3D300x600%26pb_above_floor%3D1%26hb_bidder%3Dcpmstar%26FC%3D1%26Refr%3DPubrefr%26isBot%3Dyes&cust_params=GS%3DNo%26stack%3DPR&adks=3734526345&frm=20&eoidce=1&td=1&egid=18159&tan=a1c65b3c-0fbf-47ed-b7ab-ba79693986e3&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
6f72b9a372a5d2e159a527bbdcc1a9839b4481a2557c25984f6b37f8e641ddeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
dcb
google-lineitem-id
6379088845
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138445700339
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://coronar.io
content-length
8989
x-xss-protection
0
server
cafe
container.html
141432870037c58093e943b9304358ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 25A4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://141432870037c58093e943b9304358ce.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:820::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 06:31:31 GMT
expires
Thu, 12 Dec 2024 06:31:31 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
increment
id5-sync.com/api/esp/ 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://coronar.io
date
Thu, 12 Dec 2024 06:31:30 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
map
bcp.crwdcntrl.net/6/ 		235 B
691 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.141.68 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-141-68.ap-southeast-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
c1d8ab3ad9798d30b91185a67f8bbf8237406f60563c6c96d169fef908165615

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://coronar.io/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://coronar.io
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
235
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/json;charset=utf-8
x-server
10.42.11.168
server
Jetty(9.4.38.v20210224)
encrypt
esp.rtbhouse.com/ 		221 B
485 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
f5ceba7a73f4944cec4bb2644aef7cadd51f7e8c0dc6d5e7f30549d74c2da51d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/json
x-cloud-trace-context
488de03f1350448564f9070b48babc98
server
Google Frontend
access-control-allow-headers
X-Requested-With
view
securepubads.g.doubleclick.net/pcs/ Frame 60F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQ7ONv1zzlEdzcV7cmgxz83k5KxNm67H7k0E4QzmJX-7vJ1pj1hyqRs3X0XbKEgkrQord3vaY4Sja9W3TbwFM_52Ppb_VDNtkAzgjn5FuqZU5-bHDVNdoFaiyqCQHc4M9BLiFb4LmR9RPi4Wp7NteM9TNnREo_tF5iXlDFS8HtfQd6w0r6hoNVEsGLif1lIUCbh7JuByoul0xnUGVyMbv8AEJNGZVXyCycmyGpRTfL2GciWPVUh5bNQHg9k59WVLaeueTz8uNE7caoYtlZ0StqfwlAx3Mn1_VLKY55jr3IbKafTjZH2e5c9VhLqPTjr1SaqDGmGfixMSPGQUcGjRNochSDkv7KzjMucLfzMA7aRMwLUskkEw5XVGfNxitehmxx7rmUybk1jzTvtzOcjjd7FQZkLe0tClI97qRHef-GtQ&sai=AMfl-YRkABsT8xWJA35dwMoGgKoa3semXRQ66UOq85Pdw-bLTDgsy4p3ZQdCVf3Pvpct4qFcujk-0uKbrmq2o2kNayIT8WbmvFDNtUz6bUUCvFCqfpf6oMTecrjlCDJN5jhC8U7GOPUtCSH6xt9oKBoe&sig=Cg0ArKJSzLFaOBnxPOa3EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:31:31 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 06:31:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241210/r20110914/ Frame 60F0 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241210/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:823::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
br
etag
12104404153384301539
age
51064
x-content-type-options
nosniff
expires
Wed, 25 Dec 2024 16:20:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 11 Dec 2024 16:20:27 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9049
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 60F0 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
br
etag
15965780714114583650
age
2266
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:53:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 05:53:45 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=Shift_JIS
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
1329950_Bismark_DE_T8_BB_EN_300x600_WG_SPb_WoWs.jpg
ssl.cdne.cpmstar.com/cached/creatives/1367482/ Frame 60F0 		143 KB
143 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.cdne.cpmstar.com/cached/creatives/1367482/1329950_Bismark_DE_T8_BB_EN_300x600_WG_SPb_WoWs.jpg
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.43.61 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tkc/BED4) /
Resource Hash
f544118ed4931d38a45d4c9bb7ca95cb4098e67416cbdd880c7d48bce2b9d7fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
public
age
82653
expires
Fri, 13 Dec 2024 06:31:32 GMT
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
content-length
146229
date
Thu, 12 Dec 2024 06:31:31 GMT
content-disposition
inline;filename=1367482_1329950_Bismark_DE_T8_BB_EN_300x600_WG_SPb_WoWs.jpg
content-type
image/jpeg
server
ECAcc (tkc/BED4)
last-modified
Wed, 11 Dec 2024 07:33:59 GMT
pixel.aspx
server.cpmstar.com/ Frame 60F0 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://server.cpmstar.com/pixel.aspx?poolid=81290&subpoolid=5687&campaignid=489043&creativeid=1367482&pixelid=PX_CR&guid=1de75933-9ff8-4153-acf7-f82cb45bff2f&bid=0.07&sp=243.936922616087&s=1733985090_5E76593E&referer=https%3a%2f%2fcoronar.io%2f
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
131.153.172.93 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

Transfer-Encoding
chunked
Cache-Control
private,no-store, no-cache, must-revalidate
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Date
Thu, 12 Dec 2024 06:31:30 GMT
Content-Type
image/gif
Server
Microsoft-IIS/10.0
bidscape
edge.venatusmedia.com/ 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://edge.venatusmedia.com/bidscape?tenantId=2&accountId=2&siteId=0&configId=0&instanceId=0&executionCount=1&renderCount=1&pageSessionId=69a545a1-e756-444c-865b-02a36c2aadab&cpm=0.07&bidder=cpmstar&auctionId=0&size=300x600&source=auction&route=Adserver&aid=197ece7a25f5c7f&cid=1367482&responseTime=679&u=2b002377-bf22-4aad-9563-f302d56c8a2e&cb=6364e879-cfeb-409b-a563-819f4f4d3d84
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.22.92.149 Seoul, Korea, Republic Of, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
149.92.22.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

access-control-allow-origin
*
date
Thu, 12 Dec 2024 06:31:31 GMT
x-envoy-upstream-service-time
0
content-type
application/json
server
istio-envoy
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 06:31:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 60F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstt_OWsZU0V4QX7ANdJaflAG6AYHtQUyg4LYmI_dGQ3qhdNJ7hLajz7Ix_3-6pfJbbm51BlSyPFmluge-Za6FzlaNA7NlN3o-eADsjb4oL0njHnP7TY_6jZoBiWsIN_Kre3usFX_ue8PQnErMzHWCDXi30Ly48SOtJpqsOmuMEw6I83fexaSL9i2s4R9UrhW7O-Oxbs0loY4-FwnXSdwzEW7fBvn9X_JN5HyBdLhioSxuk3z9unKNxg72yCK2QXWGxXPaM58EYzxkQ7AirUFsLil0gXn_pYgBUSr_7oACkI55ZGxuZFlTKMUkPbcPSOwnkrjngJ1FtK1IghtoDWsqxiRkDMBZHOzYM7wkaXwL3uWFgjVFAWTNErTfmm0hvrcgioQX4NfxbS3e5qtyPXhX77SuVipm7IcgedvR_2G2DBz2-T&sai=AMfl-YS99RDXmn67svzkvabUyvDqaB87Y4wtAJaprULcoCn8rwDTpioF_kK2WyTr1YNEmqLUATjO8k606aZK3eDSSLvlvCREU_z0FvwSrc4e97dJHPFQbwf44WnZ5Sc-mMpcGQztZwr0FqlLo7rqjhpR&sig=Cg0ArKJSzMpV7oVofFYIEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:31:31 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 12 Dec 2024 06:31:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
truncated
/ Frame 60F0 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
45015aefa080bbc0dec9c018f6b8306d8ced5f59bf5459b204a251cea56aff61

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 12 Dec 2024 06:31:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
ad4i.=888x10;
fundingchoicesmessages.google.com/f/AGSKWxVnmQY0dFFDvCUkAGNV6DGIZqv4o0KV-QRYTj1Usc-cJpAbgnvDJMITUuaFTsraJxUPsFTU2omLEsZj1yK6938U21vf1wrtmf38eLBjx7YflPdnrZ0uZDbylJTqDDM7wf5FdPV4JsOQyICA5nyku2ZUK2oHS... 		54 B
108 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVnmQY0dFFDvCUkAGNV6DGIZqv4o0KV-QRYTj1Usc-cJpAbgnvDJMITUuaFTsraJxUPsFTU2omLEsZj1yK6938U21vf1wrtmf38eLBjx7YflPdnrZ0uZDbylJTqDDM7wf5FdPV4JsOQyICA5nyku2ZUK2oHSIAiLDGvaDzMte66_WLp9ESiuLHdyhmF/_/adsrot./promo/ad_/adverfisement./ad4i.=888x10;
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyncxffpLdz7J7rPNO0qVlu51D2bw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
d725d7bd11f1b02f5c252bec801d98b0725436b41cff9f10ee8d4f5764599a3e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--rBBrtQug1rtQVoKv8JnOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBxue7WLTWDC-nU_mZQ0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLjAGHvEWk"
content-security-policy
script-src 'report-sample' 'nonce--rBBrtQug1rtQVoKv8JnOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMyncxffpLdz7J7rPNO0qVlu51D2bw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
br
etag
2157040660662159465
age
1386
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 07:08:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 12 Dec 2024 06:08:25 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
15113
x-xss-protection
0
server
cafe
AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5Sfc4eIqRSBxKCTNxladIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjcNurXWwCDXeXdjEruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDI0MDPQPz-AIDAOvIKqk"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-5Sfc4eIqRSBxKCTNxladIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://coronar.io
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Pycp4VBMGFvKR_OxCCTXXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw05BicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjcNurXWwCDZdP9jIruSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDI0MDPQPz-AIDAPYwKss"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Pycp4VBMGFvKR_OxCCTXXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://coronar.io
content-length
0
x-xss-protection
0
server
ESF
placementscape
edge.venatusmedia.com/ 		0
30 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://edge.venatusmedia.com/placementscape?u=2b002377-bf22-4aad-9563-f302d56c8a2e
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.22.92.149 Seoul, Korea, Republic Of, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
149.92.22.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

access-control-allow-origin
https://coronar.io
date
Thu, 12 Dec 2024 06:31:31 GMT
x-envoy-upstream-service-time
0
content-type
application/json
server
istio-envoy
access-control-allow-credentials
true
AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-m71ppiY-fxBHwBR3p9q7kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiIfjcNurXWwCP36u7GdWcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGRoYGegbm8QUGABYjKz4"
content-security-policy
script-src 'report-sample' 'nonce-m71ppiY-fxBHwBR3p9q7kg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://coronar.io
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWd68-s3yQXTaI5Uxbkvn5XehYlQk_TriGl75gDS5NfMcrdpfaIAh6-aPGy8dN0fBNHAD8r_dQkcKMNTEal_-PGDi-VrEnDbJRQtxAhvJQhPmNNI8_CyzR2cz_Qd7IQDnWUlVtXvg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bYdIgYgDW_jE91cVDJ99EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsAUD8of4y6w8gZvh6hZUDiIV4OA63vdrFJrDi3J1-ZiWXpPzC-OT8vJLUvBLdxJRiXRC7KDOptCS_CIWdWgZSkZOfnp6Zlx5vZGBkYmhkaKBnYB5fYAAAAUAq9w"
content-security-policy
script-src 'report-sample' 'nonce-bYdIgYgDW_jE91cVDJ99EQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://coronar.io
content-length
0
x-xss-protection
0
server
ESF
AGSKWxVKYCW9csSSMJDGQkukqmiz6tuOymAVmAdzast_g1BFXr7hWIOre6RUDAovWoqBcASLCezp63rI_geB5sAxWEMrJGwWzyOtcnhmzQTxxQf8mh-MDwMQ3xcZeM3Jneb1hplndNE5Rg==
fundingchoicesmessages.google.com/f/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVKYCW9csSSMJDGQkukqmiz6tuOymAVmAdzast_g1BFXr7hWIOre6RUDAovWoqBcASLCezp63rI_geB5sAxWEMrJGwWzyOtcnhmzQTxxQf8mh-MDwMQ3xcZeM3Jneb1hplndNE5Rg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTg1MDkxLDgxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY29yb25hci5pby8iLG51bGwsW1s4LCItQXVQSzd5Zm5wNCJdLFs5LCJqYSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
caa2b5c4556fec0bd97343dfe06082f7974737f5754edcb7e067ec4815919ead
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-179tP8r6RmtpYqDtWI6d2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBxue7WLTWDBk3fzmJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLjAGXqUXb"
content-security-policy
script-src 'report-sample' 'nonce-179tP8r6RmtpYqDtWI6d2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXaMqJ7vWVSer3Qn-yulcxBGjMEdru9P9rkuosXi5V4evPyvVpDYB9nfFgyhx4-rYUP9v5nr1orrUtE6kdvIiyKnmvKGijvJEEMCRBHeBokrzlDm-MKNdw1PQ7dcrbr2JmM35Qftw==
fundingchoicesmessages.google.com/f/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXaMqJ7vWVSer3Qn-yulcxBGjMEdru9P9rkuosXi5V4evPyvVpDYB9nfFgyhx4-rYUP9v5nr1orrUtE6kdvIiyKnmvKGijvJEEMCRBHeBokrzlDm-MKNdw1PQ7dcrbr2JmM35Qftw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTg1MDkxLDkwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vY29yb25hci5pby8iLG51bGwsW1s4LCItQXVQSzd5Zm5wNCJdLFs5LCJqYSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
fbd46c2f2782c50370268805ad18b7f46f793900e91e1360d224f0163d5a385b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kKV5vp2fgGcfQDnMkot_gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:31 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAvxcBxue7WLTWDDhqMnmJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDI0MLPUMjOMLjAGK3EWu"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kKV5vp2fgGcfQDnMkot_gg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
advert.gif
mc.yandex.ru/metrika/ 		43 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"674f133a-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 12 Dec 2024 07:31:32 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Thu, 12 Dec 2024 06:31:32 GMT
content-type
image/gif
last-modified
Tue, 03 Dec 2024 14:18:34 GMT
1
mc.yandex.ru/watch/61924642/
Redirect Chain
  • https://mc.yandex.ru/watch/61924642?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44tf8xglmzmdcdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja...
  • https://mc.yandex.ru/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44tf8xglmzmdcdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3A...
622 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44tf8xglmzmdcdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A913124817567%3Ahid%3A546758131%3Az%3A540%3Ai%3A20241212153131%3Aet%3A1733985092%3Ac%3A1%3Arn%3A517883584%3Arqn%3A1%3Au%3A1733985092226319831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2238%3Awv%3A2%3Ads%3A92%2C23%2C560%2C5%2C0%2C0%2C%2C1552%2C1%2C%2C%2C%2C2234%3Aco%3A0%3Acpf%3A1%3Ans%3A1733985087626%3Apani%3AM2JkNGFhYTU3MGU3MGU0ODA1MTFlZmYyYjBjMjE4NWNhMDJjNDc5NGI1ZmE2ZGMwYzBiMDliYWZhYzJiYzExNQ%3D%3D%3Arqnl%3A1%3Ast%3A1733985092%3At%3ACoronar.io%20play%20online&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
Requested by
Host: coronar.io
URL: https://coronar.io/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
48ebdc4bcd9ec6f876157cf8f0bd8f6bc4cdfbb7041d5917819205ccde1b595d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Thu, 12-Dec-2024 06:31:32 GMT
access-control-allow-origin
https://coronar.io
content-length
622
x-xss-protection
1; mode=block
date
Thu, 12 Dec 2024 06:31:32 GMT
last-modified
Thu, 12-Dec-2024 06:31:32 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A14pwap7gbnncs44tf8xglmzmdcdb%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aja-JP%3Av%3A1541%3Acn%3A1%3Adp%3A0%3Als%3A913124817567%3Ahid%3A546758131%3Az%3A540%3Ai%3A20241212153131%3Aet%3A1733985092%3Ac%3A1%3Arn%3A517883584%3Arqn%3A1%3Au%3A1733985092226319831%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A2238%3Awv%3A2%3Ads%3A92%2C23%2C560%2C5%2C0%2C0%2C%2C1552%2C1%2C%2C%2C%2C2234%3Aco%3A0%3Acpf%3A1%3Ans%3A1733985087626%3Apani%3AM2JkNGFhYTU3MGU3MGU0ODA1MTFlZmYyYjBjMjE4NWNhMDJjNDc5NGI1ZmE2ZGMwYzBiMDliYWZhYzJiYzExNQ%3D%3D%3Arqnl%3A1%3Ast%3A1733985092%3At%3ACoronar.io%20play%20online&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Thu, 12-Dec-2024 06:31:32 GMT
access-control-allow-origin
https://coronar.io
x-xss-protection
1; mode=block
date
Thu, 12 Dec 2024 06:31:32 GMT
last-modified
Thu, 12-Dec-2024 06:31:32 GMT
AGSKWxUvWTNkHNWO10J4qM-UOvwSfdaiS6m58gY49jxWuVrDhXOWY1pmnKVBxm6e4gZRV2S_QmSjsWrN6sTrs_bz0uPFI9iehA56kZotBQxowXNX5koXQjQe3BJqgl7IjgePs6K-b9EodQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUvWTNkHNWO10J4qM-UOvwSfdaiS6m58gY49jxWuVrDhXOWY1pmnKVBxm6e4gZRV2S_QmSjsWrN6sTrs_bz0uPFI9iehA56kZotBQxowXNX5koXQjQe3BJqgl7IjgePs6K-b9EodQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMzOTg1MDkyLDE4MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw2LDEwLDldLG51bGwsMixudWxsLCJqYSIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDFdLCJodHRwczovL2Nvcm9uYXIuaW8vIixudWxsLFtbOCwiLUF1UEs3eWZucDQiXSxbOSwiamEiXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
ad72535e19131ae3ff3303e58db71898747d9bb5980a41edadc2e9cae7560a13
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-he2LKkAKzE1XnmoT-E7xFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:32 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmJw15BikPj6kkkNiJ3SZ7AGAHHrzXOsk4HYaO15VgcgTvp3nrUAiA0VLrHaA7Fj0SVWTyBW7bnEagzE99ddYn0OxB_qL7P-AOIZ5y-zLgDiIokrrA1AzPD1CisHEAtxcxxpe7WLTWDC3-0KShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGRgaWegbG8QXGAD10RSQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-he2LKkAKzE1XnmoT-E7xFg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
AGSKWxXkCMnzdy1QmKPBq9akhKR9rPFcIe4zNeZ51ye9uJ2gpQTpse6CIgGDhZ-FnzoPzvYneJSIm9RhXHIhrEhqYGFZgtonddfSSDM655ADoQRFyMYBxoz3U15QSSL7LTPQFBJkV08XoA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXkCMnzdy1QmKPBq9akhKR9rPFcIe4zNeZ51ye9uJ2gpQTpse6CIgGDhZ-FnzoPzvYneJSIm9RhXHIhrEhqYGFZgtonddfSSDM655ADoQRFyMYBxoz3U15QSSL7LTPQFBJkV08XoA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.ja.-AuPK7yfnp4.es5.O/am=DAY/d=1/rs=AJlcJMxNlTIDw1SCQPjmORYOiE0dSVJR9A/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.142 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s45-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vao5Q5fdpO73zJLP_NC_7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://coronar.io/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:32 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoAxB_qL7P-AGKGr1dYOYBYiJvjSNurXWwCE-5_tlRyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJoZGhgZ6BubxBQYA4RgqvA"
content-security-policy
script-src 'report-sample' 'nonce-Vao5Q5fdpO73zJLP_NC_7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy
same-origin
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://coronar.io
content-length
0
x-xss-protection
0
server
ESF
syncframe
gum.criteo.com/ Frame B461 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=coronar.io&gdpr=0&gdpr_consent=&gpp=&gpp_sid=-1
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:4::b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 06:31:31 GMT
server
Kestrel
server-processing-duration-in-ticks
683893
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
metrika_match.html
mc.yandex.ru/metrika/ Frame 2444 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX YANDEX LLC, RU),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1473
content-type
text/html
date
Thu, 12 Dec 2024 06:31:32 GMT
etag
"674f133a-5c1"
expires
Thu, 12 Dec 2024 07:31:32 GMT
last-modified
Tue, 03 Dec 2024 14:18:34 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
activeview
pagead2.googlesyndication.com/pcs/ Frame 60F0 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1h61GpQQPgkc888WZYn4bPmqbBi8HtBVMqe-OK9EE6OZoxSdd2ZtmaPpohlb2gp571ZjLtUg6Zu2tKnlSnHVIYorTUQm4t2fZhN599UXTVA2Ng2VZtLX0b8BiFGj0qhHOW2rWcjusIhbQg9DmYSdiJG7us22aRmiyYOwU429VAMqO2uhfRpM6Tv9P5LBKEIFwcxDv&sig=Cg0ArKJSzG5IaRB3meLaEAE&id=lidar2&mcvt=1005&p=600,0,1200,300&tm=1015.1000003814697&tu=9.700000762939453&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3734526345&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=2991789100&rst=1733985091515&rpt=109&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.26.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bom05s09-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 12 Dec 2024 06:31:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.220.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s01-in-f130.1e100.net
Software
cafe /
Resource Hash
e86980dc7c692f51622cbef2a2c329e1a00c0ff00d828ed92d9448ef23fae9de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12946
date
Thu, 12 Dec 2024 06:31:33 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.png
coronar.io/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://coronar.io/favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.135.47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8346a55f318541268fa3926e3b7bd26d4c83fd93d3f8e44e9f17b4ff8503ffa5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

cf-cache-status
MISS
etag
"5e95d59e-208b"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ox8hzgQH%2BwymN01NfRNZmIktvyjGoHzr64RxGUa5qDqJqdwYnPmLJx1NQppGBNOxilHOVmQ0VCQVBwma0FS%2FnOQY808m7%2FV27xZQvTfJ6SAVCz0di0WLhh%2FrznY"}],"group":"cf-nel","max_age":604800}
expires
Fri, 13 Dec 2024 06:31:33 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2057&min_rtt=1418&rtt_var=861&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4342&recv_bytes=6703&delivery_rate=990&cwnd=12000&unsent_bytes=0&cid=088c824bf7634a07&ts=5427&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 12 Dec 2024 06:31:33 GMT
content-type
image/png
last-modified
Tue, 14 Apr 2020 15:24:14 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f0bac103aa1ebff-NRT
accept-ranges
bytes
content-length
8331
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js?cb=31089395
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://coronar.io/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Thu, 12 Dec 2024 06:31:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 12 Dec 2024 06:31:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame A9A8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 06:17:49 GMT
expires
Thu, 12 Dec 2024 07:07:49 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8E4A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.164 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s46-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0JX2bcUFTMYVOkkUMRaHSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0JX2bcUFTMYVOkkUMRaHSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 06:31:33 GMT
expires
Thu, 12 Dec 2024 06:31:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
usync.html
eus.rubiconproject.com/ Frame 1D91 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.54.42 Tokyo, Japan, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-45-54-42.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 06:31:33 GMT
etag
"2052a-10d-6142d69a886c0"
last-modified
Thu, 21 Mar 2024 15:32:19 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame F135 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
8
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8f0bac139adefd46-NRT
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 12 Dec 2024 06:31:33 GMT
expires
Thu, 12 Dec 2024 10:31:33 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame BB58 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1733985090220
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.154.9 Singapore, Singapore, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ip9.ip-51-79-154.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 80DC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.220.70.107 Tokyo, Japan, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-220-70-107.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 12 Dec 2024 06:31:33 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 Dec 2024 06:31:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
load-cookie.html
elb.the-ozone-project.com/static/ Frame D2A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&gpp=&gpp_sid=&pubcid.org=f4811761-bff5-47d0-8e47-bd39a64d8817&criteo.com=RjATjF8lMkZDRjJlcWh5Mklob3JUd25wSmZOTiUyRkN4TEdycFhaTWpLTlE1VW82Z1JGZkJXclVPT0NHOSUyQmJMT0hZckRsbEIxQ0xJcmtNNlRET2RRSUVRJTJCcXlUMVNnJTNEJTNE&publisherId=OZONEAIP0001&siteId=1500000135&cb=1733985090129&bidder=ozone
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/v4/live/aip/ad-manager.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.34.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://coronar.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8f0bac139c71736a-NRT
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 12 Dec 2024 06:31:33 GMT
expires
0
last-modified
Fri, 06 Dec 2024 11:39:09 GMT
pragma
no-cache
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
vary
Origin, Accept-Encoding
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=3768993730192345&bg=!FBelF1jNAAbtGp3CzRo7ADQBe5WfOBGDBsEGt8LnUttu31eCKQe3p7ivXrN3xs3E3OVw0VSZ5P5081Ew11v4Pq4Zvp5YAgAAADVSAAAAA2gBB34ANuhb092soAfl6y7laAe0-Kg_ZcUL5QUN4Q-EMgQQKAaAKUKich8mYpjG9zCxffo4_BVLZ8FGv5kCjZoi6V2BLktByB-VVm4rJ_2dwrJyfblZn9ehovF6lEGYF-whPkga1j7CLZIUt5xHd2J8vaFA2yHH42QTvA6wi90hUCp7wyCpXj8TK7l9I0Dn9BPp9kG4SW7Cb---NNOTqeeF6oF9s8PGJHTuO3MIFl8MAJs58yRFhzmMr9NAe6pSJ1iXmR5GwTiqnqlqCf1fcoX6JuYhIR9oFdu9qdtrYC_V5YwAFYHpYZCWZHuFmfhkQA6Pzg-DElxB4vfPYCX_prRyBqJYjQ5EjLgnQobukjSswqYhN56po7uH66P5dBDbhOpFcrBywKTLh5M_nMCIXu3lHoSAspzRCjq3tptW7NDWRRUO-cvdppT8znbF696FLP5UOMM5faAfGNl7lVMI1uEZEgbjB8xJn42TdJcmauLRVmJxBJl79FWU2SFmSSaBU_sCVTiOQi-pRRY4esjitqQrtsWZ6VvS3dXfX8H8EVtgtkB6n7dpS8AVQLjJYT4_l78-VIQU-epBcCpQZN88NMocWmCpFNap-88ZdfPym4JiJFlXtiuVJV-egZx6X7yFgMfYp7HnXbsV27UOqyqrfsUL_rdxChxvktSXg9WQNVM6TKdZRgdvFaiO3J6VzrPmnpwldjLgtW-oqHu4_6N4BiEoxZHmUI4mUL_WOVGmtF1LN409A7zsxZWfA4rcOMCa5KC-k_s7DcQGCZpMqBVMretZM88wVrEd2fdGl1f72tb62xe3vuzZcaySiIv-aLHjG8J5rINR2sr9d6g9aLHbFeWFKnHeAc_LhNBYjvwwsHiCei-9n1d-g3b623dsoDSilcqlaNUEwyBgfFjjcjQ_TRrJtwETqakAAbWK-ofm4nIuf8OelBalowo5v9vn

Verdicts & Comments Add Verdict or Comment

286 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 function| GameAdsRenew number| gameadslastcall function| gameads_ping_pic object| aiptag object| aipAPItag object| __VM object| __VM_WPK_C_LR__m object| prebidEvents object| aipDisplayTag function| aipPlayer function| setImmediate function| clearImmediate object| __core-js_shared__ object| core object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| CSSPlugin function| TimelineLite function| TimelineMax function| BezierPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ShowLeftBanner function| HideLeftBanner function| ShowAbout function| HideAbout object| lastTimeAds function| checktimeForAds function| updateLastAdsTime object| adplayer function| pauseGame function| resumeGame function| showingAds function| showPreroll function| showBottomAds function| hideBottomAds function| showStartAds function| hideStartAds function| toggleBottomAd function| toggleSideAd function| ym object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ggeac object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| googletag object| google_tag_data object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTUyYWZhYTA0NDI2ZGFhOGxvYWRlcl9qcw== string| ZTUyYWZhYTA0NDI2ZGFhOGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners object| __gppManager boolean| __gppPostMessageReady object| google_tag_topics_state number| google_unique_id object| pbjs object| regeneratorRuntime object| ox_esp object| criteo_pubtag object| criteo_identitytag_159 object| Criteo object| Criteo_identitytag_159 object| __uid2SecureSignalProvider object| __uid2 object| __id5_finalization_registry function| lotameIsCompatible function| sync16589_aa function| sync16589_c function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ia object| sync16589_ja object| sync16589_s object| sync16589_wa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_ga function| sync16589_ha function| sync16589_t function| sync16589_v function| sync16589_w function| sync16589_x function| sync16589_ka function| sync16589_la function| sync16589_y function| sync16589_ma function| sync16589_z function| sync16589_A function| sync16589_u function| sync16589_C function| sync16589_na function| sync16589_oa function| sync16589_pa function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_qa function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_M function| sync16589_L function| sync16589_N function| sync16589_O function| sync16589_J function| sync16589_ra function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_P function| sync16589_Q function| sync16589_xa function| sync16589_R function| sync16589_ya function| sync16589_za function| sync16589_Aa function| sync16589_S function| sync16589_Ba function| sync16589_Ca function| sync16589_Da function| sync16589_Ea function| sync16589_T function| sync16589_Fa function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_X function| sync16589_Ga function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_1 function| sync16589_2 function| sync16589_Ha function| sync16589_3 function| sync16589_Ja function| sync16589_Ia function| sync16589_4 function| sync16589_La function| sync16589_Ma function| sync16589_Ka function| sync16589_Na function| sync16589_Qa function| sync16589_Pa function| sync16589_Oa function| sync16589_Sa function| sync16589_Ua function| sync16589_Ra function| sync16589_6 function| sync16589_Ta function| sync16589_Xa function| sync16589_Wa function| sync16589_Va function| sync16589_7 function| sync16589_5 function| sync16589_8 function| sync16589_Ya function| sync16589_Za function| sync16589__a function| sync16589_0a function| sync16589_9 function| sync16589_1a function| sync16589_$ function| sync16589_2a function| sync16589_3a function| sync16589_4a object| lotame_sync_16589 object| signal_decrypted function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| a3b8e932-ece2-4cf2-84e1-96678787e14d object| Ya object| yaCounter61924642 object| criteo_syncframe_state object| GoogleGcLKhOms object| google_image_requests

85 Cookies

Domain/Path Name / Value
.smartadserver.com/api Name: pid
Value: 2910082781725190018
.n.gameads.io/ Name: _gameadsuid
Value: 18031151116
.n.gameads.io/ Name: cid0
Value: 1
.coronar.io/ Name: _sharedid
Value: f4811761-bff5-47d0-8e47-bd39a64d8817
.coronar.io/ Name: _sharedid_cst
Value: zix7LPQsHA%3D%3D
.criteo.com/ Name: cto_bundle
Value: mtsWd19iS0ZZSjVoVTdYVkxjJTJCUzM1cHRuT21XVnBHZG5kellqUkxyYXdZWXRQZ24wYmslMkZ1dkNWSUcySlNBNTVybmFxVkVPSlNod0ElMkI2ZlNlckpCblR0eVpZajRlSWxjVWVod3ZVT3RrcXhLaVdsZyUzRA
.coronar.io/ Name: cto_bidid
Value: RjATjF8lMkZDRjJlcWh5Mklob3JUd25wSmZOTiUyRkN4TEdycFhaTWpLTlE1VW82Z1JGZkJXclVPT0NHOSUyQmJMT0hZckRsbEIxQ0xJcmtNNlRET2RRSUVRJTJCcXlUMVNnJTNEJTNE
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.rubiconproject.com/ Name: khaos
Value: M4KXYAOR-N-M8JG
.server.cpmstar.com/ Name: USER_ID
Value: %84%00%09%c6%2bM%b4%e4%94%e4%7f%87%94%ea%99
.yandex.ru/ Name: i
Value: e/TFSbZyMo2ejAX7TSC6b2hg2/v2uunjFvu1FJfQ6ikT1gCYuw/JTV0hM7lC8h+DJU1lKzYorPBTAQtA0PoWiC7mvvk=
.yandex.ru/ Name: yandexuid
Value: 1972068101733985091
.yandex.ru/ Name: yashr
Value: 9027842041733985091
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 8bde96bf62eeb2f9a66d219b916e7f04
.coronar.io/ Name: _cc_id
Value: 8bde96bf62eeb2f9a66d219b916e7f04
.coronar.io/ Name: panoramaId_expiry
Value: 1734589891437
.coronar.io/ Name: panoramaId
Value: 3bd4aaa570e70e480511eff2b0c2185ca02c4794b5fa6dc0c0b09bafac2bc115
.coronar.io/ Name: panoramaIdType
Value: panoDevice
.coronar.io/ Name: __gads
Value: ID=07e66e3d4a87ccf3:T=1733985091:RT=1733985091:S=ALNI_Mai16Bpu-i193GE5sNd-GOsydY94g
.coronar.io/ Name: __gpi
Value: UID=00000f8be3eeca17:T=1733985091:RT=1733985091:S=ALNI_MY8-9tNzDh69bHRKuCIQRLvIPHKIQ
.coronar.io/ Name: __eoi
Value: ID=282813ff7fdaa9f6:T=1733985091:RT=1733985091:S=AA-AfjbDLoVPlysrh8084GaLE4gI
.doubleclick.net/ Name: IDE
Value: AHWqTUnv4RSnynzo8l9tKI9jwYMjx_84179pZLEEbiydXniG9X_LhSoX_xVPlJxc8Cs
edge.venatusmedia.com/ Name: u
Value: 2b002377-bf22-4aad-9563-f302d56c8a2e
.server.cpmstar.com/ Name: n49
Value: 0,81290,489043,1367482,1733985091,5687
.coronar.io/ Name: _ym_uid
Value: 1733985092226319831
.coronar.io/ Name: _ym_d
Value: 1733985092
.coronar.io/ Name: FCNEC
Value: %5B%5B%22AKsRol8pY_JQAzy27cklXJlK07O8Yb8SDpCDi2ckBmQPi-O3dGiaiQ3bEW2izhWKQ1Jbs447ZBUXy7AbBJBsfEun_VghH43wjBRZBLVDcWQRMOuV0qUlBH6sdSIGlIIAPSQp1FgwxbY22EgT9BTXiccnwEznOYJxlA%3D%3D%22%5D%5D
.criteo.com/ Name: uid
Value: b44c4724-bada-4a6e-922f-336c72b4eada
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.coronar.io/ Name: cto_bundle
Value: a-pPc19kN1YzSngzSVRtNkQ3RTQxMFpYWFZjYTBmR2VTc1Nic2JPOFVJUllta1ZmdzRPTklNcnBXTUElMkIxJTJCUmZUNk4xbjJHZllnWXhUY1dqaFA5MjREbUdTaTNrJTJGSEoyV3ZoaDRiSEFINHoyYVR5ZXNDM0xQQmE4UlZNb3IzbERPS3MyJTJGbnBCaURvSkhESTZZM1VaM3Q1RHNUdyUzRCUzRA
mc.yandex.ru/ Name: yabs-sid
Value: 2032418281733985092
.yandex.ru/ Name: yuidss
Value: 1972068101733985091
.yandex.ru/ Name: ymex
Value: 2049345092.yrts.1733985092
.yandex.ru/ Name: receive-cookie-deprecation
Value: 1
.coronar.io/ Name: _ym_isad
Value: 2
.yandex.ru/ Name: bh
Value: KgI/MGDEhuq6Bg==
.the-ozone-project.com/ Name: ozone_uid
Value: 2q6ZgGoOLpzphxUBAYC3fTKcKD1
.the-ozone-project.com/ Name: __cf_bm
Value: 4mhgO6uIg6LmCMOFUXvnc2Eh96yU2MPZzly82qX8ZG8-1733985094-1.0.1.1-nVkCCaG.XIgb4XhqSRoyRl7XFKyG418LB2LLlntiygtX.rAJjPhNpUAV1tqd7lZ7pc2mAQnyMEmDOFWIz84gOQ
.rubiconproject.com/ Name: khaos_p
Value: M4KXYAOR-N-M8JG
.adsrvr.org/ Name: TDID
Value: c070ab5f-7785-4a45-aa7e-2267649757bb
.bidr.io/ Name: bito
Value: AAD33U7OtQcAABZFojFTzA
.bidr.io/ Name: bitoIsSecure
Value: ok
.casalemedia.com/ Name: CMID
Value: Z1qDRhdaRJMAADNOE3Fc0AAA
.casalemedia.com/ Name: CMPS
Value: 5456
.casalemedia.com/ Name: CMPRO
Value: 5456
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 21b4a799-3ff0-44f9-be90-2deb5657ae15|1733985094
.linkedin.com/ Name: bcookie
Value: "v=2&e05f759b-2ec3-402d-8acc-7a8fe88b1afc"
.linkedin.com/ Name: lidc
Value: "b=OGST03:s=O:r=O:a=O:p=O:g=3423:u=1:x=1:i=1733985094:t=1734071494:v=2:sig=AQGZW7xGBjOWKgD1Ok6nsuHGSoav54gP"
.tapad.com/ Name: TapAd_TS
Value: 1733985095083
.tapad.com/ Name: TapAd_DID
Value: 16be3007-0e06-4ee4-9132-6325df3e66b3
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: EFA52C46-AABD-43F8-BB83-C5AB71C51979
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 0:2
.pubmatic.com/ Name: DPSync4
Value: 1735171200%3A245_226%7C1734048000%3A248
.pubmatic.com/ Name: SyncRTB4
Value: 1735171200%3A202_76_54_71_220_201_21_13%7C1734566400%3A223%7C1734825600%3A63
.ladsp.com/ Name: cr
Value: 1
.ladsp.com/ Name: smn_uid
Value: WTXTVUdBYDOdqG7FPAwO7SDtMusMarU
.ladsp.com/ Name: lum
Value: CNGcw8y7MhIFCAoQ4BI
.pubmatic.com/ Name: KRTBCOOKIE_629
Value: 11487-AU0GNjOMJ_A9ks8AIO0y6wxqtc8AAAGTuZDOUQ
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-c070ab5f-7785-4a45-aa7e-2267649757bb&KRTB&22918-c070ab5f-7785-4a45-aa7e-2267649757bb&KRTB&22926-c070ab5f-7785-4a45-aa7e-2267649757bb&KRTB&23031-c070ab5f-7785-4a45-aa7e-2267649757bb
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCN7D6oGVoM09EAUSFwoIcHVibWF0aWMSCwjGncSHlaDNPRAFEhQKBXRhcGFkEgsI6Pj-h5WgzT0QBRgBIAEoAjILCKTvgbWroM09EAU4AVoFdGFwYWRgAg..
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEC9w-iGfpQczMX_kz1dszpk&KRTB&16514-CAESEC9w-iGfpQczMX_kz1dszpk&KRTB&23025-CAESEC9w-iGfpQczMX_kz1dszpk&KRTB&23386-CAESEC9w-iGfpQczMX_kz1dszpk
.primis.tech/ Name: csuuid
Value: 675a834736547
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!8334
.pubmatic.com/ Name: PugT
Value: 1733914556
.socdm.com/ Name: SOSYNC
Value: anNvbjp7InB1Ym1hdGljIjoxNzMzOTg1MDk1fQ
.pubmatic.com/ Name: KRTBCOOKIE_656
Value: 23509-Z1qDR8Co8XkAAMhDdPkAAAAA&KRTB&23514-Z1qDR8Co8XkAAMhDdPkAAAAA
.simpli.fi/ Name: suid
Value: FEEBBF79B91243309C69737BFFAC315C
.intentiq.com/ Name: intentIQ
Value: eVZuLzm3Yg
.intentiq.com/ Name: IQver
Value: 1.9
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1733985095542
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: IQPData
Value: 533500331#1733985095541#0#1733985095541
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZVV2lta1gx
.ipredictive.com/ Name: cu
Value: eed23336-0349-44d3-8435-2d763b9fdeeb|1733985095593
.amazon-adsystem.com/ Name: ad-id
Value: A8Mer3TZsUiIqW1tk_6IlkE
.rubiconproject.com/ Name: audit_p
Value: 1|WD0cx+9RTMKpsdnvMpqJEw0hdUE+ispaKqore7kLuGvrfFet/M5iynQ/OcKsPqMbE/FYJ/AltTyVZld1ABOc37cRAC0oDN0kSIv9D4DGqRE=
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMKpsdnvMpqJEw0hdUE+ispaKqore7kLuGvrfFet/M5iynQ/OcKsPqMbE/FYJ/AltTyVZld1ABOc37cRAC0oDN0kSIv9D4DGqRE=
.the-ozone-project.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJpeCI6eyJ1aWQiOiJaMXFEUmhkYVJKTUFBRE5PRTNGYzBBQUFcdTAwMjY1NDU2IiwiZXhwaXJlcyI6IjIwMjQtMTItMjZUMDY6MzE6MzQuNzY5Mjg2OTY2WiJ9LCJvcGVueCI6eyJ1aWQiOiJjYmM2MTcwZi0yZmU4LTQ4ZTctOGZjYS0yNTE2YjMyYjVmNjUiLCJleHBpcmVzIjoiMjAyNC0xMi0yNlQwNjozMTozNS4xMzQ1NTE4MDNaIn0sInB1Ym1hdGljIjp7InVpZCI6IkVGQTUyQzQ2LUFBQkQtNDNGOC1CQjgzLUM1QUI3MUM1MTk3OSIsImV4cGlyZXMiOiIyMDI0LTEyLTI2VDA2OjMxOjM1LjMwODYzMzQ2NFoifSwicnViaWNvbiI6eyJ1aWQiOiJNNEtYWUFPUi1OLU04SkciLCJleHBpcmVzIjoiMjAyNC0xMi0yNlQwNjozMTozNS44MzE1MDc2NVoifSwic21hcnQiOnsidWlkIjoiMjkxMDA4Mjc4MTcyNTE5MDAxOCIsImV4cGlyZXMiOiIyMDI0LTEyLTI2VDA2OjMxOjM0LjU2MjM5NDc1NFoifX0sImJkYXkiOiIyMDI0LTEyLTEyVDA2OjMxOjM0LjU2MjM5MTYyNVoifQ==
.yahoo.com/ Name: A3
Value: d=AQABBGeCWmcCEMCV7F-q4zieATYljUPMuX0FEgEBAQHTW2dkZ2ChyyMA_eMAAA&S=AQAAAvjaeunNNa2Y5jnDg15jUR8

1 Console Messages

Source Level URL
Text
network error URL: https://hb.vntsm.io/content.html
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

141432870037c58093e943b9304358ce.safeframe.googlesyndication.com
acdn.adnxs.com
ad-delivery.net
api.adinplay.com
bcp.crwdcntrl.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
coronar.io
edge.venatusmedia.com
elb.the-ozone-project.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
esp.rtbhouse.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
gum.criteo.com
hb-vntsm-com.global.ssl.fastly.net
hb.vntsm.io
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
imasdk.googleapis.com
invstatic101.creativecdn.com
js-sec.indexww.com
mc.yandex.ru
mug.criteo.com
n.gameads.io
oa.openxcdn.net
onetag-sys.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
server.cpmstar.com
ssl.cdne.cpmstar.com
static.criteo.net
tags.crwdcntrl.net
tpc.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
103.43.91.210
104.18.25.18
104.18.27.193
104.18.34.190
13.228.141.68
131.153.172.93
141.95.98.65
142.251.42.142
142.251.42.164
151.101.129.194
151.101.65.229
152.199.43.61
172.217.26.226
172.67.135.47
18.64.123.116
182.161.74.11
216.58.220.130
23.220.70.107
23.45.54.42
2404:6800:4004:818::200a
2404:6800:4004:81e::200e
2404:6800:4004:820::2001
2404:6800:4004:823::2001
2404:6800:4004:827::2001
2406:2600:4::1
2406:2600:4::b
2600:9000:21ee:be00:a:e047:754:f4a1
2606:4700:10::6816:3456
2606:4700:10::ac43:2483
2606:4700:20::681a:3e8
2606:4700:20::ac43:4513
2606:4700:3033::ac43:872f
2a02:6b8::1:119
2a04:4e42:400::485
34.102.146.192
34.22.92.149
34.96.70.87
35.190.39.111
51.79.152.81
51.79.154.9
51.81.57.71
69.173.158.65
0220b07e7fccf2fa59f39efb6ae7aaa9dcdf4ad8172d0893f616f5b578877da0
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
04e91b031f9526ff060b6858d2839e93f91b0da5fbd8b8620455837e618e2906
0e38c599e6a401c3fcb2b6a521303f2bd55e600117e93e010e065954e874bcbf
11989778ad59d6cd5d85994f83207da6bca98e79389ff0214cb84e1571abb615
124d1a2ea919926efb5e43134f7d14b2b945729df7bf33b9c775093f5c2e4b82
139e5b81a9490f17cd87a6bd0246e5b82d44cd831f778ed34d56e30b115a0930
15c1d2c57f6b12e9dfd82ef1b9d2b10e227a9f274d3df68eccf2b056cd6fcd7d
1635d2075d3343c86490d2229c1fb868ad59d92958ef65e04cb65767c703e9f6
18d5515350e9063c94b108a8c7f05e047167c1cb6a0120e6fb9de8e42f259445
228e88d29b1bed0d183cec598aa617bf7b03012510d9c45fd8cfb212836f4c93
240417e37cdff4bb321b21751c4bf5e96f04ec106d1ff6865037c368c3416356
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2829475609eabd8b4be8febbd154c7be3699957c38dac974ae78daa08a549af4
30b32e97f2e3e06deb742bf2e19daeb4f4657a956e836c2a25a7df2bc72f7500
33b8b91d731c3f42f5b87a32a1b703f9f4999032355f161c6c46b5e121e6610f
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45015aefa080bbc0dec9c018f6b8306d8ced5f59bf5459b204a251cea56aff61
47ddd240b27cf40557d1a3c45df99107cfba84e5c3a8b5a4f711f62b6a8d06f2
48ebdc4bcd9ec6f876157cf8f0bd8f6bc4cdfbb7041d5917819205ccde1b595d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54979a57b8bec446a421044649ded15f5e4da6bbffd4b8406280ed46229a1005
5d8dac2d4ae43a0b541c160f30e8238951b42b13bb5f01ca2697271b3a804ad2
64d4f82e115cf31cd13f732de4a15dddf0c32c79b21772b520e325c081d4ef36
65fa0fccd5e00990bfeb46e09a6b35e935b34f853e4cca51f1c61aa0a3df4e61
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6e9a6b334cb9810f7d25fafab61725edf522f8b7372ac65f1274db79867a6537
6f71aa0c67cfc824ca1ff2afbe9e2b0f4e3ce145fb774533faf532ffeca79b3a
6f72b9a372a5d2e159a527bbdcc1a9839b4481a2557c25984f6b37f8e641ddeb
7d49fd142c0f355c82e85a06c9da27340646a33c69cd6eeafad3bfc04c5a70e6
80e3f302134bb875cc49009cd69e08920a56e4f96bc6b682440ca9d8de4fbf25
8346a55f318541268fa3926e3b7bd26d4c83fd93d3f8e44e9f17b4ff8503ffa5
871d8f0f85182c994a468466dfc82c6a722632bd835031a77d51913e407619d9
8a15b0e2840ad35ba425ca104a0347f35384f15e78a9e1df58a7880d3da02106
8fa7ac3525ae8b74b9de4f759318e03ac412a6cc7627b43c00b3e35e5d365167
9de64b2d72bc9fca370d00a26f0633b1d3411bc94e8bc8096d45d938b5e838b6
a070bf8b094322fc676f3820f25ddb360933959709d18b086a67fdbcfb65b52d
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
ad72535e19131ae3ff3303e58db71898747d9bb5980a41edadc2e9cae7560a13
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ed39530ceb15b5174220e247bcfdd6cbf37028f65efa61eed35300cdcab943
b39fdaabfe63faca7d21b1ee38c593bb29663d70de9938eca8dd6159f405fe9a
b5c556ab91f2d3ded2650738fe630635ae71c1f3d8988474476d24a92c667596
bf4baebad5bfea80098680bf3037f54fe7129285e246d37e61afc9f0cf3f611c
c1d8ab3ad9798d30b91185a67f8bbf8237406f60563c6c96d169fef908165615
caa2b5c4556fec0bd97343dfe06082f7974737f5754edcb7e067ec4815919ead
cd2e7881b71383928ec6ce46109caaa4449fd95d77fabb407e464328a4a279e7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d495a8e91497430d2c54e28e8bf512f2608ec199b525c528853da41dab80dfd3
d627d32bf260395d4ab41c340e67ad705eaf944ab513b170b83ed30785a94d7c
d725d7bd11f1b02f5c252bec801d98b0725436b41cff9f10ee8d4f5764599a3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e86980dc7c692f51622cbef2a2c329e1a00c0ff00d828ed92d9448ef23fae9de
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef42649c52b16db783e33616f4c09e8d35eaa72faa2cf92a692d9e7ac5fee4ba
f0db2da3ee90dcf1f14054ba3c18ccc331993a4f19fd95c56169f3de5047950e
f0fed7e7f1b59f2382f43d43e813a074df7d715e2084065a3de7d322d87c035f
f29ceb3ace705a9cc43cde2e14c88e2205263c4975bd4a6be67a537eb0a859e5
f544118ed4931d38a45d4c9bb7ca95cb4098e67416cbdd880c7d48bce2b9d7fb
f5ceba7a73f4944cec4bb2644aef7cadd51f7e8c0dc6d5e7f30549d74c2da51d
fbd46c2f2782c50370268805ad18b7f46f793900e91e1360d224f0163d5a385b
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99