dgza.mydrawingstar.com Open in urlscan Pro
2606:4700:20::681a:9d4 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://dgza.mydrawingstar.com/
Submission: On December 17 via api (December 17th 2023, 6:02:07 pm UTC) from US — Scanned from US

Summary HTTP 127 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 23 domains to perform 127 HTTP transactions. The main IP is 2606:4700:20::681a:9d4, located in United States and belongs to CLOUDFLARENET, US. The main domain is dgza.mydrawingstar.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 17th 2023. Valid for: a year.

This is the only time dgza.mydrawingstar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	2606:4700:20:... 2606:4700:20::681a:9d4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2607:f8b0:400... 2607:f8b0:4006:806::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80d::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
14 22	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
15	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1 19	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
3 3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 14	142.250.65.226 142.250.65.226	15169 (GOOGLE) (GOOGLE)
2 2	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	20.253.86.149 20.253.86.149	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 3	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
2 2	52.70.100.39 52.70.100.39	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a02:66d2:da85:8248:ed74	14618 (AMAZON-AES) (AMAZON-AES)
2 2	50.31.142.191 50.31.142.191	23352 (SERVERCEN...) (SERVERCENTRAL)
2 3	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
2 2	184.86.146.172 184.86.146.172	16625 (AKAMAI-AS) (AKAMAI-AS)
1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1	2600:1f18:445... 2600:1f18:445b:903:dce4:98d5:7ff6:aef4	14618 (AMAZON-AES) (AMAZON-AES)
1 1	51.222.39.185 51.222.39.185	16276 (OVH) (OVH)
1 1	35.208.249.213 35.208.249.213	15169 (GOOGLE) (GOOGLE)
127	19

22 2606:4700:20::681a:9d4 (United States)

ASN13335 (CLOUDFLARENET, US)

dgza.mydrawingstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image.mydrawingstar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:806::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80d::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:824::2002 (United States) 14 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:81e::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:816::2003 (United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.65.226 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.0.66 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.253.86.149 (Tappahannock, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mweb.ck.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.211.178.172 (North Charleston, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.70.100.39 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-100-39.compute-1.amazonaws.com

t.pswec.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a02:66d2:da85:8248:ed74 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.31.142.191 (Chicago, United States) 2 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.86.146.172 (Minneapolis, United States) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-146-172.deploy.static.akamaitechnologies.com

px.owneriq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:445b:903:dce4:98d5:7ff6:aef4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.185 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip185.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 213.249.208.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	doubleclick.net 15 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 75 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	117 KB
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	479 KB
22	google.com 1 redirects analytics.google.com — Cisco Umbrella Rank: 152 www.google.com — Cisco Umbrella Rank: 2	3 KB
22	mydrawingstar.com dgza.mydrawingstar.com image.mydrawingstar.com — Cisco Umbrella Rank: 269098	555 KB
15	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138	22 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	79 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5624	1 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 336	2 KB
3	adsrvr.org 3 redirects match.adsrvr.org — Cisco Umbrella Rank: 331	1 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	222 KB
2	owneriq.net 2 redirects px.owneriq.net — Cisco Umbrella Rank: 1523	2 KB
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 586	1 KB
2	pswec.com 2 redirects t.pswec.com — Cisco Umbrella Rank: 3656	1 KB
2	travelaudience.com 2 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	1002 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	129 KB
1	mediago.io 1 redirects gtrace.mediago.io	513 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 714	443 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1771	296 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	760 B
1	inmobi.com 1 redirects mweb.ck.inmobi.com — Cisco Umbrella Rank: 3950	506 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 864	7 KB
127	23

	Domain	Requested by
22	googleads.g.doubleclick.net	14 redirects pagead2.googlesyndication.com www.googletagmanager.com googleads.g.doubleclick.net
19	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
15	www.googleadservices.com	www.googletagmanager.com
14	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
14	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	dgza.mydrawingstar.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	dgza.mydrawingstar.com	dgza.mydrawingstar.com static.cloudflareinsights.com
9	image.mydrawingstar.com
4	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	an.yandex.ru	2 redirects
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	3 redirects
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	analytics.google.com	www.googletagmanager.com
3	www.googletagmanager.com	dgza.mydrawingstar.com www.googletagmanager.com
2	px.owneriq.net	2 redirects
2	b1sync.zemanta.com	2 redirects
2	t.pswec.com	2 redirects
2	ads.travelaudience.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
1	gtrace.mediago.io	1 redirects
1	onetag-sys.com	1 redirects
1	ag.innovid.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	mweb.ck.inmobi.com	1 redirects
1	stats.g.doubleclick.net	www.googletagmanager.com
1	static.cloudflareinsights.com	dgza.mydrawingstar.com
127	29

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://dgza.mydrawingstar.com/
Frame ID: 7E1BD8301DFDE5B97119012AC45158AC
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 4365EA08DD67798A44993BC6FB97FABB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6150993149788596&output=html&adk=2256557096&adf=402691422&lmt=1702463517&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&channel=3561613167&format=0x0&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702836119569&bpp=3&bdt=559&idt=285&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2605430685161&frm=20&pv=2&ga_vid=1690869007.1702836120&ga_sid=1702836120&ga_hid=1558430667&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079979%2C95320376%2C95320884&oid=2&pvsid=939867692259472&tmod=519478264&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=298
Frame ID: D309AC706AA8B8D5440EB4818016A098
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6150993149788596&output=html&h=280&slotname=1856364423&adk=2620056696&adf=1116041453&pi=t.ma~as.1856364423&w=1200&fwrn=4&fwrnh=100&lmt=1702463517&rafmt=1&channel=3561613167&format=1200x280&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702836119573&bpp=1&bdt=563&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2605430685161&pv_ch=3561613167%2B&frm=20&pv=1&ga_vid=1690869007.1702836120&ga_sid=1702836120&ga_hid=1558430667&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079979%2C95320376%2C95320884&oid=2&pvsid=939867692259472&tmod=519478264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303
Frame ID: 87F6E416163B6016A9AEDA1A352E364B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 422D1ED364502DE889EA110128A4906C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EDCC075A33D63A3B8A04C5B1FB76315
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5726C7C8362BACC3F45B67610309C483
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: E5A38F2F25E31CDBA957755D1F0A35FA
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 44FFEB82B8C99565EF4A4F2A49A6C57C
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: EB7E66C6229919A6ECCDEB3B09697ED3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C2C0CE97824CF278EAFD8FB8B0273891
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 114656E356A1FE6878B9B7F41E793135
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 7066141CD76428AB555459B3E26CEAAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

My Drawing Star

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

Page Statistics

127
Requests

80 %
HTTPS

57 %
IPv6

23
Domains

29
Subdomains

19
IPs

3
Countries

1610 kB
Transfer

3518 kB
Size

28
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=1658594257&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=xNXZCIjDk4cDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZeeiBN-UoPMPlfGLwAM&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkPtoP-R5t_i0WaLC0NIzdnZou3mlTgXsQ&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04c2pjdlA3ZUFuNXBwYzJaQmlDODkxOHhLZjVCQ3VOYTNfX015VVNVUi1INHBST2F6Ui1MT3pGUSITCOfOsPCGl4MDFV8KaAgdlfgCOA HTTP 302
https://www.google.com/pagead/1p-conversion/320045868/?random=1658594257&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=xNXZCIjDk4cDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04c2pjdlA3ZUFuNXBwYzJaQmlDODkxOHhLZjVCQ3VOYTNfX015VVNVUi1INHBST2F6Ui1MT3pGUSITCOfOsPCGl4MDFV8KaAgdlfgCOA&is_vtc=1&ocp_id=mDd_ZeeiBN-UoPMPlfGLwAM&cid=CAQSKQAvHhf_cJqcBZeVGm7tHgZuAVMOhyTi_Mq8rJ4oJtXiF6QB9RvWGXb4&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzuvcAl8DmjBX5yPTGGo8LZmon065WsrrOQ&random=1257163770

Request Chain 45

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=1117167283&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=LHNcCNOq8osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZdGgBIGjNcvkrPAE&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzonKwdO2us8pgp8TPhq6pkaDN0ZZ8mtzsQ&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fVXBEazl2OE9XNEpvNi13OF9PM0N4ZkF1ckQwdUFiZDRabUxBdi0zVWxRQWlWQUNEV05mUzhyUSITCNHMsPCGl4MDFYFRDQodSzILTg HTTP 302
https://www.google.com/pagead/1p-conversion/405170755/?random=1117167283&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=LHNcCNOq8osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fVXBEazl2OE9XNEpvNi13OF9PM0N4ZkF1ckQwdUFiZDRabUxBdi0zVWxRQWlWQUNEV05mUzhyUSITCNHMsPCGl4MDFYFRDQodSzILTg&is_vtc=1&ocp_id=mDd_ZdGgBIGjNcvkrPAE&cid=CAQSKQAvHhf_rxIubZQ5KreqnZpaRe0wSr-aqwn7rqyDGpgYIAN-_zb_oN5R&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkDtNifbVS-SDEAOJGFC9e-L5WhXAQX8HA&random=1062791787

Request Chain 46

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=139498779&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=EbVTCM6V2IoDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZZWlBMq1_gTghJKIDg&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzu_OCHZW6_4IcEwLLwWNOI5NiJwpiOyj_g&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05WHFsQmt0RDRFakN3U0VZTXk4Njg2UldkU0tXd2JHVlFHc1pUVFJxZEdra1lMSUE3aHg5dG43dyITCJXRsPCGl4MDFcqanwodYIIE4Q HTTP 302
https://www.google.com/pagead/1p-conversion/405170755/?random=139498779&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=EbVTCM6V2IoDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05WHFsQmt0RDRFakN3U0VZTXk4Njg2UldkU0tXd2JHVlFHc1pUVFJxZEdra1lMSUE3aHg5dG43dyITCJXRsPCGl4MDFcqanwodYIIE4Q&is_vtc=1&ocp_id=mDd_ZZWlBMq1_gTghJKIDg&cid=CAQSKQAvHhf_-USOci_4Y1cuW0TY1kyvnB1sfIUHH9nnmZBwgKfGJkzK9Zuw&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzhu3bcNbjiO--IMW87l8ypHS0bW1drfN2g&random=3481274594

Request Chain 47

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=2116164515&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=P5dkCL_h6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZaGoBPisoPMP8YKfmAM&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzu0mZvdGL57psF2y2KK1yqdLJHJiQn-2oQ&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04eU9hYWZmeTFGNkdGYzc3RnMxaVlzU1FrVExoYUkxV1VyOXg3ZTNROU40SW9XbGlaLWlnWHpXQSITCKHUsPCGl4MDFXgWaAgdccEHMw HTTP 302
https://www.google.com/pagead/1p-conversion/405170755/?random=2116164515&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=P5dkCL_h6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04eU9hYWZmeTFGNkdGYzc3RnMxaVlzU1FrVExoYUkxV1VyOXg3ZTNROU40SW9XbGlaLWlnWHpXQSITCKHUsPCGl4MDFXgWaAgdccEHMw&is_vtc=1&ocp_id=mDd_ZaGoBPisoPMP8YKfmAM&cid=CAQSKQAvHhf_r_rCRjuV9PKRgHUhfLLwO0GpgBRsCEGe2cuFZExukkNUlj6c&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkW1-eom4X6OBjCAMLnmZDiLlhCx-4OG2A&random=3551379044

Request Chain 48

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=1784584421&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=yPjvCNWPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZeqbBJqYoPMP282zKA&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzg5ZplZoqmAjB-Zsgmkdt4A9eo9vD88B9Q&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOXJLTGJHX3A2Y0dtUUJOdTF1RlM0dWE4YmRoOWFqd2cwX1B6Wl9US3lacFM0RUcyYUZyRlpHdyITCOrHsPCGl4MDFRoMaAgd2-YMBQ HTTP 302
https://www.google.com/pagead/1p-conversion/11007413418/?random=1784584421&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=yPjvCNWPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOXJLTGJHX3A2Y0dtUUJOdTF1RlM0dWE4YmRoOWFqd2cwX1B6Wl9US3lacFM0RUcyYUZyRlpHdyITCOrHsPCGl4MDFRoMaAgd2-YMBQ&is_vtc=1&ocp_id=mDd_ZeqbBJqYoPMP282zKA&cid=CAQSKQAvHhf_6w8_5JDuakKm9nxqCPluMa8-ZA6H-rwlPP1wv_jLfxBl9km5&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzvZne_pFYmxp28Ug8FWebJidC9goYMHm6A&random=3690031122

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=1598481190&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=Ps3XCOe9mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZeGeBPe5oPMPvOGPCA&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzjyPiwDddTPDz_ZRvNxFVGqKI4QnKAuAeg&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tYndncDFFdXZGSDJtZWt6WUxyb0dpMzZsc0tYNi04UWNfVlJ5Qnh4bzJ2YWJXUENxTHRmTnhrZyITCOHKsPCGl4MDFfccaAgdvPADAQ HTTP 302
https://www.google.com/pagead/1p-conversion/320045868/?random=1598481190&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=Ps3XCOe9mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tYndncDFFdXZGSDJtZWt6WUxyb0dpMzZsc0tYNi04UWNfVlJ5Qnh4bzJ2YWJXUENxTHRmTnhrZyITCOHKsPCGl4MDFfccaAgdvPADAQ&is_vtc=1&ocp_id=mDd_ZeGeBPe5oPMPvOGPCA&cid=CAQSKQAvHhf_s_Moc_YujAfImz6kkQ8AY1GqGXkq5vmTinj2NRYSvWK4GeT3&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mziVSWSeHQzSTe6Uf00rB5OxjJ2Lm592bXg&random=2347145297

Request Chain 51

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=12322543&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=oLfKCOePuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mDd_ZZrLCcWV_gSB5r7ACA&sscte=1&crd=&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzqX8CRWWW1IcSO9c1lb2gySObPVdr6nS3g&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05UHJObERucUdrSDZwVGJlYktUQXE4WVhBcmtwM0NJWW9FdXp4SHhNZVlhRHdXcjRJdGZBdWduQSITCJr3tfCGl4MDFcWKnwodAbMPiA HTTP 302
https://www.google.com/pagead/1p-conversion/11007413418/?random=12322543&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=oLfKCOePuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05UHJObERucUdrSDZwVGJlYktUQXE4WVhBcmtwM0NJWW9FdXp4SHhNZVlhRHdXcjRJdGZBdWduQSITCJr3tfCGl4MDFcWKnwodAbMPiA&is_vtc=1&ocp_id=mDd_ZZrLCcWV_gSB5r7ACA&cid=CAQSKQAvHhf_suFqpCn4hUIa2loCjby69EAcmviDvsxqoEba7UwCbcZ39FC8&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzppj8yNBeeGV908pTNdqmPrjewz-nLOB8A&random=1786266481

Request Chain 72

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKUbhrZJetsk0k6P6g9kjMo&google_cver=1&google_push=AXcoOmRD2_vsks182g6QiHUCurTk9LeW0QvSuL2mw4yU5NpVFA1_o_TMJHx2kXnm273oKND5CBMNrKHw5TRbxMj6msFsKe7s8LvZ147WgT8sXzM0B_1UbbKkadAjim1M-dgDL_xY-iDTPaL0BBq1Xa2DTMD3HQ HTTP 302
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKUbhrZJetsk0k6P6g9kjMo&google_cver=1&google_push=AXcoOmRD2_vsks182g6QiHUCurTk9LeW0QvSuL2mw4yU5NpVFA1_o_TMJHx2kXnm273oKND5CBMNrKHw5TRbxMj6msFsKe7s8LvZ147WgT8sXzM0B_1UbbKkadAjim1M-dgDL_xY-iDTPaL0BBq1Xa2DTMD3HQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c

Request Chain 73

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJcThp_wJ7ul0vrESeD00Rg&google_cver=1&google_push=AXcoOmRn3eDczaCyHIPJ82SwpnBlaMvpt8tEHBvFtOUK7mVRKX86q_3BHNFgCMMuaqz9rYLnhl2fnikUmIJGcUe8vrsPWScjV9HdVnsh00xEmTIJjUaoeKwURfJMs9IkpT1QkPrLXXYQMSXlvB6NPTWVUV3U7g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmRn3eDczaCyHIPJ82SwpnBlaMvpt8tEHBvFtOUK7mVRKX86q_3BHNFgCMMuaqz9rYLnhl2fnikUmIJGcUe8vrsPWScjV9HdVnsh00xEmTIJjUaoeKwURfJMs9IkpT1QkPrLXXYQMSXlvB6NPTWVUV3U7g

Request Chain 74

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDJZfQ70lgCoAkQHCO-k-pQ&google_cver=1&google_push=AXcoOmQjAmR_IE2iAJKtEZ7tY0bU9VLzGLBlEK4JtzLGwLIMQuLWQUEN1ecCunOlH5RzZpeIMYmWhlZk6NzhG9GUbdLgxLF-zIoN08s5Qny-kcvcayGqPh24jkfUbD4HP9lb-HKczDxXt7-otUx7uso3bvDc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTE0YTExNzUtMGIzMS00Y2VjLWI2NTUtMjk4NTI2NjAwMjli&google_gid=CAESEDJZfQ70lgCoAkQHCO-k-pQ&google_cver=1&google_push=AXcoOmQjAmR_IE2iAJKtEZ7tY0bU9VLzGLBlEK4JtzLGwLIMQuLWQUEN1ecCunOlH5RzZpeIMYmWhlZk6NzhG9GUbdLgxLF-zIoN08s5Qny-kcvcayGqPh24jkfUbD4HP9lb-HKczDxXt7-otUx7uso3bvDc

Request Chain 75

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGSpi_iD9MBmVEs4PN2RnDU&google_cver=1&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9sd-54FmxOOF92atYm9Y3anAMqTjbO6-kMdsaHsC2_6RUhVg1COa2vZHV4-slOfztX HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGSpi_iD9MBmVEs4PN2RnDU&google_cver=1&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9sd-54FmxOOF92atYm9Y3anAMqTjbO6-kMdsaHsC2_6RUhVg1COa2vZHV4-slOfztX HTTP 302
https://t.pswec.com/bsw_sync?ssp=google&bsw_user_id=d6fc6b37-e8cf-443d-80f8-f36841e40675 HTTP 302
https://t.pswec.com/ul_cb/bsw_sync?ssp=google&bsw_user_id=d6fc6b37-e8cf-443d-80f8-f36841e40675 HTTP 302
https://x.bidswitch.net/sync?dsp_id=2&user_id=99bb13f1-6351-4fa7-918b-e4320803cce8&expires=3&user_group=1&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9sd-54FmxOOF92atYm9Y3anAMqTjbO6-kMdsaHsC2_6RUhVg1COa2vZHV4-slOfztX&google_hm=1vxrN-jPRD2A-PNoQeQGdQ==

Request Chain 76

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELkteGBuBDzcnZv2J9ftwF4&google_cver=1&google_push=AXcoOmRfa5RdAlfa5E1mhmzoAm6GJUegu07P0Z6rOSyvxXWqPiB66Lbp271x8KSjcSVrd9Wb-k1uLUrDbOgpNywyhQ1AGuJ_Wz1eX_6KEi85CNJM5vwft_bjpoK48xoRGwlEFGDmvrXl3MJnJd1xIqT0dSwxRA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRfa5RdAlfa5E1mhmzoAm6GJUegu07P0Z6rOSyvxXWqPiB66Lbp271x8KSjcSVrd9Wb-k1uLUrDbOgpNywyhQ1AGuJ_Wz1eX_6KEi85CNJM5vwft_bjpoK48xoRGwlEFGDmvrXl3MJnJd1xIqT0dSwxRA&google_hm=eS1CMUpQWDJSRTJwRXRyMGhLMHN6YmU0cDNMSEh4N3NqVH5B

Request Chain 77

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKgizce5nlY7xqj_StJJN3M&google_cver=1&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM7yp-LiYrtTVtZ2FUCtcYtj4NvTkIQ2XL_roocce5ekHYYZi-JbKYIwwwapegMMtNNqoMZA1_Q HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKgizce5nlY7xqj_StJJN3M&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM7yp-LiYrtTVtZ2FUCtcYtj4NvTkIQ2XL_roocce5ekHYYZi-JbKYIwwwapegMMtNNqoMZA1_Q&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM7yp-LiYrtTVtZ2FUCtcYtj4NvTkIQ2XL_roocce5ekHYYZi-JbKYIwwwapegMMtNNqoMZA1_Q&google_hm=ZVBNaGoyMmhUUVgyQnZCcDJKajI=

Request Chain 78

https://an.yandex.ru/mapuid/google/CAESEEwFg3F6qxHUgHcCGK1a7nU?ext-param=AXcoOmS3lrYP_7YN6nSGN_RI7_o4T8rz55btmR3I7BEh3b4hGIXutGBwI0chNKEA1ndCCepzLRHMSe7vUlxIuE8h0T-bOItihs5TdoiCTb1oiMll4ICaa6a7GeeSPnP74xlTjdYFEe3BhLjcseSqH_JclpVxf8M&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEEwFg3F6qxHUgHcCGK1a7nU?redir-setuniq=1&ext-param=AXcoOmS3lrYP_7YN6nSGN_RI7_o4T8rz55btmR3I7BEh3b4hGIXutGBwI0chNKEA1ndCCepzLRHMSe7vUlxIuE8h0T-bOItihs5TdoiCTb1oiMll4ICaa6a7GeeSPnP74xlTjdYFEe3BhLjcseSqH_JclpVxf8M&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEwFg3F6qxHUgHcCGK1a7nU&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 90

https://googleads.g.doubleclick.net/pagead/adview?ai=C87_gmDd_ZafsB-C9998PgtuK2A_mia7sdNGzjeikEt_u_t2VDhABIOPD5IMBYMmGgIDco8QQoAHW29r8AsgBCakCwR1qVDszgT6oAwHIA8sEqgTcAU_Qnr73Osh3-uchi94M1EY_vmVdK8JJBWAPTLgByJwliR9iUJ5pIhK3lGift-KvRoY3hxkLySlnpwIf9VJH2xosvQ4T866UNgZc86u80QIotQzBS4uz29tirs9oQLlnycVKAcTTnRlyKofwveasRIKMBFZTTact-oVfRe1SI99eU_gW4SHDnFlDig2BFv9pTIq0AUrhuqKT_XYEat77LH4vkLNkMs0WS8f1bLzWW9TJ8Of9ssgmRi-AaoLNF93gUyuVBB0MOUNGQe97T7d7wD2iQJc_XrX7sxD1CyfABOTIgM7jBIgFzfzdsU2SBQQIBBgBkgUECAUYBKAGLoAH2qqq9gOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBRDwwLkB0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljHqLLwhpeDA5oJHmh0dHBzOi8vbWV0YXNvbGl0YXJlLmNvbS9zaGFyZYAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBEKCxCwyNmu3YTOl4QBEgIBA7gT5APYEwzQFQGAFwGyFxwKGggAEhRwdWItNjE1MDk5MzE0OTc4ODU5NhgA&sigh=An-5rftYeL0&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_wGxt1bvDEYhIz1O1Khs8dUJyeGHQErh9lQ0OcQ_LG9yB3tDIn4tD1tj-4b5e0zAsd4vW1cf_GAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90e5d4b3dfdd86bc0000000000000000%22,%222%22:%220x1a9a2ddf912294e50000000000000000%22,%223%22:%220xda1c07f3e6d37e3b0000000000000000%22,%224%22:%220x2f268f0f63cb55b40000000000000000%22,%225%22:%220xf00cb48c33eeb1820000000000000000%22},%22debug_key%22:%224393885931226983599%22,%22debug_reporting%22:true,%22destination%22:%22https://metasolitare.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215003772865093833665%22}&andc=true

Request Chain 103

https://px.owneriq.net/ecmg?google_gid=CAESEMhVmR1bViehZ0rBTSiVySk&google_cver=1&google_push=AXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiBpzqY_BHMnXgl3N5pba0gGEvoVQB58oU-8HkGPI7Nm4qhr4sUj7Mp0g HTTP 302
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiBpzqY_BHMnXgl3N5pba0gGEvoVQB58oU-8HkGPI7Nm4qhr4sUj7Mp0g%26google_cver%3d1%26google_gid%3dCAESEMhVmR1bViehZ0rBTSiVySk%26google_hm%3dUTc1NjEyMjUyMjEyMzc1MjIxMjA%3d&uid=Q7561225221237522120&ref=%2Fecmg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiBpzqY_BHMnXgl3N5pba0gGEvoVQB58oU-8HkGPI7Nm4qhr4sUj7Mp0g&google_cver=1&google_gid=CAESEMhVmR1bViehZ0rBTSiVySk&google_hm=UTc1NjEyMjUyMjEyMzc1MjIxMjA=

Request Chain 104

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIh7jAtEUEbyEWb7n138yW8&google_cver=1&google_push=AXcoOmSI7Mb3Wntfsn3GUUCZfg6Gx_oVoUZbHwxm2pHZJ5lfa1j_tzmDsS23FYdboEHEnHOJGKwUDYLGFe-jHZGP8am9HoZLakut2XPoGQ1Y9x4kLwp1OImaNEkpqqqlVPF0bC070ZZgWnaGjTAlEbd143LvWg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c

Request Chain 105

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGrGoZfLV9zjKpONIeZVJyQ&google_cver=1&google_push=AXcoOmR3RGbryFtNgebf_MIQq4vJ_7uaG95dh9_7mEKsAtU8lH805WDfJGeXKv44DfQ6LRKEvzi9D8FjdKhuMABX6gjyp5mt0goPCimhyZE0zxJjQWzNVAd196TQFYSS2lqgp9SCinyTwF0iYq4xy9cwFC-IBg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmR3RGbryFtNgebf_MIQq4vJ_7uaG95dh9_7mEKsAtU8lH805WDfJGeXKv44DfQ6LRKEvzi9D8FjdKhuMABX6gjyp5mt0goPCimhyZE0zxJjQWzNVAd196TQFYSS2lqgp9SCinyTwF0iYq4xy9cwFC-IBg

Request Chain 108

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEObyvslo9p0RSWfkf8eMIPM&google_cver=1&google_push=AXcoOmQJzCQMVYB54nYnxHVwRfjjvys4hWyI0zOePGqv3a4bXmj8ZOEsoVKjAg9OM0ewI9ACpD3ojUk8NCmCsvqiU9SgyxPiVJp80Hpo6H5A7BM5SxmhaqoF4LuKheia93hNTznLJ1L1rQokUkyyvGs-ifJirQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJzCQMVYB54nYnxHVwRfjjvys4hWyI0zOePGqv3a4bXmj8ZOEsoVKjAg9OM0ewI9ACpD3ojUk8NCmCsvqiU9SgyxPiVJp80Hpo6H5A7BM5SxmhaqoF4LuKheia93hNTznLJ1L1rQokUkyyvGs-ifJirQ

Request Chain 109

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEBVuFG_o5jy5DpfCWCf5ho0&google_cver=1&google_push=AXcoOmQPBVdvENMnM2FVJ_VZKFtGiJs6zXp8iIyCsJydPKTfrHMTHYe5qq6-pW-WwQq08Vh2djRp3QLBjYVkP2E6ZKOOUflP9UzhtIAiibpzx6CS_Ruqaa4jSpxVpfVmegAp2oB_y8eaVuYPziWBU6WU9HQozEg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQPBVdvENMnM2FVJ_VZKFtGiJs6zXp8iIyCsJydPKTfrHMTHYe5qq6-pW-WwQq08Vh2djRp3QLBjYVkP2E6ZKOOUflP9UzhtIAiibpzx6CS_Ruqaa4jSpxVpfVmegAp2oB_y8eaVuYPziWBU6WU9HQozEg&google_hm=f5ef61caefc99d4d20jhxe00lq9snsxh

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 116

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=462360730&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=g7ZkCPe1mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mjd_ZZ71KeChoPMP28Ka6A0&sscte=1&crd=KAE&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkD-TvWVbmUUKZIStnzKvNYr3hKzg2tcDQ&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04alBSZ2s4RldDd25YYmd2WDlaTTJqallneHBEaWNDNGxQc2FHSXQ0TGdaUXUwVlZ0T21qOXQ1QSITCJ6q0PGGl4MDFeAQaAgdW6EG3Q HTTP 302
https://www.google.com/pagead/1p-conversion/320045868/?random=462360730&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=g7ZkCPe1mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04alBSZ2s4RldDd25YYmd2WDlaTTJqallneHBEaWNDNGxQc2FHSXQ0TGdaUXUwVlZ0T21qOXQ1QSITCJ6q0PGGl4MDFeAQaAgdW6EG3Q&is_vtc=1&ocp_id=mjd_ZZ71KeChoPMP28Ka6A0&cid=CAQSKQAvHhf_ZZ_lj3xo9dWrr46NVR70f3tQ6ox95wNCTrF3EFET4_IByftG&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzimNRXDjGjkknl9URtCTeQijGn6Lw_L40w&random=2121199511

Request Chain 117

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=275128370&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=SNNLCNuPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mjd_ZYWHKsWs_gTUrq_gBg&sscte=1&crd=KAE&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzgwyKeTp6emxPmv-O6vUlGD6Lzne1Hn5lA&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fSzdMVGdsb3BzMXkzQ05QSXc1X2N5WkNFYUZIYnpaMG42U29FWW8wdkpYN0RZOHl6OFByVExoZyITCIW80PGGl4MDFUWWnwodVNcLbA HTTP 302
https://www.google.com/pagead/1p-conversion/11007413418/?random=275128370&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=SNNLCNuPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fSzdMVGdsb3BzMXkzQ05QSXc1X2N5WkNFYUZIYnpaMG42U29FWW8wdkpYN0RZOHl6OFByVExoZyITCIW80PGGl4MDFUWWnwodVNcLbA&is_vtc=1&ocp_id=mjd_ZYWHKsWs_gTUrq_gBg&cid=CAQSKQAvHhf_vbeq0yxxYlroGtGw6qW5pP0lGzCMvHjvNcK65mmPZSIY0nI0&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzj-CZdXd5ze5XKHOghC3s64Ly9Q_cG_QOQ&random=3949181739

Request Chain 118

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=921948943&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=OPZYCKCxwosDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=mjd_ZbCiKualoPMPyuKxuAU&sscte=1&crd=KAE&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzsoAOcfnFxqPABlHCD2vTHT6A7P0Tvqt-A&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOHl1NWNkZFJ2ZXBLZVdXNWk1MXl3YmRyRTVLbENkcklXV2szaTQxMV9WMHIzWE4tY0h3Q25oQSITCLDX0PGGl4MDFeYSaAgdSnEMVw HTTP 302
https://www.google.com/pagead/1p-conversion/405170755/?random=921948943&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=OPZYCKCxwosDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOHl1NWNkZFJ2ZXBLZVdXNWk1MXl3YmRyRTVLbENkcklXV2szaTQxMV9WMHIzWE4tY0h3Q25oQSITCLDX0PGGl4MDFeYSaAgdSnEMVw&is_vtc=1&ocp_id=mjd_ZbCiKualoPMPyuKxuAU&cid=CAQSKQAvHhf_CvQcYAZ1SRrmYm-whfFV_5JDKwwWs8gCxfqOH3KgX8St8N4O&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzs1mNaSalK0x3WXD5AAE7ov_3Ju_s1HhAQ&random=1264769605

Request Chain 123

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=329324889&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=1lsICP-3mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=nTd_ZcPIKsir_gT_tYC4Aw&sscte=1&crd=KAE&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzpGePibiEqrG9G3Yy1w0ygGITnr5Z9Kf7w&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSjNJTExMdkNvcENORk1UdVUtNWF3UDFPdUxWaTFHSTFIQ19lcDF5bGdNLUZzdmk0OG5pdEg5ZyITCIOLiPOGl4MDFciVnwod_xoANw HTTP 302
https://www.google.com/pagead/1p-conversion/320045868/?random=329324889&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=1lsICP-3mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSjNJTExMdkNvcENORk1UdVUtNWF3UDFPdUxWaTFHSTFIQ19lcDF5bGdNLUZzdmk0OG5pdEg5ZyITCIOLiPOGl4MDFciVnwod_xoANw&is_vtc=1&ocp_id=nTd_ZcPIKsir_gT_tYC4Aw&cid=CAQSKQAvHhf_eWXfR0KDDhKPYZoCChZxTjoUnmA4zhPNfzwOfCEEsWj7kG4S&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mztEQhaglptilohwqpppHeBD5G5ysbPxvoQ&random=1437495121

Request Chain 124

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=2090584290&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tluiCOGPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=nTd_ZYPvKv6aoPMPt_GXuAU&sscte=1&crd=KAE&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mztp83qGYhl8SXsdjVE0MKc8u99g1oVPF_A&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05RGRxcGF4U1lYWUdZRFI2MjRJczU3UTdhWWU3MVYzNTRxSVFyZHNZSUpnQnFHTUxFRnVLTDk3QSITCMOxiPOGl4MDFX4NaAgdt_gFVw HTTP 302
https://www.google.com/pagead/1p-conversion/11007413418/?random=2090584290&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tluiCOGPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05RGRxcGF4U1lYWUdZRFI2MjRJczU3UTdhWWU3MVYzNTRxSVFyZHNZSUpnQnFHTUxFRnVLTDk3QSITCMOxiPOGl4MDFX4NaAgdt_gFVw&is_vtc=1&ocp_id=nTd_ZYPvKv6aoPMPt_GXuAU&cid=CAQSKQAvHhf_VyowH8LFGgDaj2smIfDA36LL88E9dAnyfpwWrYgFSxH6M_mx&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzl6QPB2S9qe3n_8lyTNEpMduU_DpNbLXYA&random=1916186568

Request Chain 125

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=1399631206&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tY5XCN_m6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=nTd_Zf6eK-CloPMP5cWewAg&sscte=1&crd=KAE&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzlW30bIRG-eb_54DTqKES2zo-M1RXFfPJg&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSFRRXzJXZVgwY29LTnpPS0NtUTdFbV8tLVN1Y3FhYVUwVms2NVBlQU80V05tNUdJd0tzb3lNUSITCL7hiPOGl4MDFeASaAgd5aIHiA HTTP 302
https://www.google.com/pagead/1p-conversion/405170755/?random=1399631206&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tY5XCN_m6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSFRRXzJXZVgwY29LTnpPS0NtUTdFbV8tLVN1Y3FhYVUwVms2NVBlQU80V05tNUdJd0tzb3lNUSITCL7hiPOGl4MDFeASaAgd5aIHiA&is_vtc=1&ocp_id=nTd_Zf6eK-CloPMP5cWewAg&cid=CAQSKQAvHhf_yPjwM2AdA6iCHLGjdkAdRu7i1jMIk9yAa9GbeT7Bw1yAp-P7&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzs7eBIaHYlBP7NWtPfvVzOE0hD4QOKlFCg&random=4099166811

127 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
dgza.mydrawingstar.com/ 47 KB
12 KB 338ms
239ms Document
text/html 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgza.mydrawingstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c9f4b20b1d90a518789b873cb6c678ff7d9204ac8244d28405f1306e9ebe4e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8371130e6fc14974-MIA
content-encoding: br
content-type: text/html
date: Sun, 17 Dec 2023 18:01:58 GMT
last-modified: Wed, 13 Dec 2023 10:31:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R1QGxHDSvSVqbVv5gXqmvvY9K2x5Ceowf3M6rVAdAaYpiWe7pKjlm7qDZ9xCwCJzY09aNk%2BTRHLp8xaR11vUjsqlSvqCirQp7P9tzFdXWXIw4B5o7MqaSenByKnTGbay1UdL3h9%2Bee5EUW0uwgSxIb05494%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 common.css
dgza.mydrawingstar.com/static/css/ 6 KB
1 KB 135ms
134ms Stylesheet
text/css 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgza.mydrawingstar.com/static/css/common.css?t=1702463475852
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bc7e24df748f94d54108e927952feb5d6f4d11c4e274a8111b1080cf39931e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=6484
etag: W/"65798804-1954"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L1%2B1BlFJ3ep0RUBOE0KXxcFwip1VNRdJ2Ci5Pb%2FapdJmUBXBJQOXvjC%2BbDHoErFrlSshT5yAY91%2BI5eJSiDr%2FM8%2B9Zv4Roh6KgzsZNouvBcuRHH7QdccXLoxOmORk59sLX6meaZgitgRwl%2Fn22LBT4cNBWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=691200
cf-ray: 8371130ff9f34974-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 logo_2.png
dgza.mydrawingstar.com/static/image/ 13 KB
13 KB 151ms
151ms Image
image/webp 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgza.mydrawingstar.com/static/image/logo_2.png
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86b314d66cf4371a39309bf0b086d2a13b561e08f1d88d9d7c8f19142d1a5f86

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=13698
content-disposition: inline; filename="logo_2.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
etag: "65798804-3582"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHEeNfeq249Lv3ABJi3Ckx1sZPKFfveG0CjYZGPOWX8usbKEXgVF5pidnRUSRUyqON8oX0Kvpxb79SOKxP30iZbLmx6UajaT4FqRfG4lC5VVgoY2C%2FvXmnleyLa5MrtiQdtbB7WglSPmGhv%2FbCvdWXqjz5M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 8371130ff9f64974-MIA

GET
H2 200 crocodile.png
dgza.mydrawingstar.com/static/image/pc/ 3 KB
3 KB 140ms
140ms Image
image/webp 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgza.mydrawingstar.com/static/image/pc/crocodile.png
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 965c3eafb9c2829a7a40e73e5a054e6a2837fa70092b7291157224efadd1b24f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=3297
content-disposition: inline; filename="crocodile.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2856
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
etag: "65798804-ce1"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xL%2FpDaybGgV8i6VybZLeMhQgTNSpElWI%2FA%2FKdkxTEibi5adRXqK38M%2Fu33eivpJCjec%2BIQDu%2FNenOhgGjd9I%2By95kyq0gXtEuyeU%2FGyH5TLz0KLt6t9dk75QGGbBtJmbrz%2FOkzLBGiDp5ZTgnhZLtA3eFCI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 8371130ff9f84974-MIA

GET
H2 200 loadmore.svg
dgza.mydrawingstar.com/static/image/ 7 KB
3 KB 157ms
156ms Image
image/svg+xml 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgza.mydrawingstar.com/static/image/loadmore.svg
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8309bd9fd1165cbf561bc356272e48d168900215bbb88f066042a2c8c6dfdedc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65798804-1c25"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJ%2FD5JBcFa2SKCNQesqMJvXscyjKG%2F7UkzksA%2FhtwXOS5jL9w%2BhvSuJ6OopGUUTrnnoOQgTT0nts2EGAsazfqA012VMfi2clwKNVJb4hdf0IGGykPp5omNFxecvbxKQm1QONvflUCg0np7Mgk%2BPLZshFC4U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=691200
cf-ray: 8371130ff9fa4974-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 email-decode.min.js Show response
dgza.mydrawingstar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 36ms
36ms Script
application/javascript 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dgza.mydrawingstar.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 17:59:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65735965-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=moQtSyrYYnELYH7SRy%2F2e3S3t4HiE2plMBCCpU2iuYWy8aUun2YUQ7em5%2BoHxbRFdeuj0bmgkH82HcIqKuYmyS2nlByvVEILAZsHAekCIeyu%2F5uhqvZr2Unpiq0CP%2BZ94FcGN3NByQNnSoJ8tmAffPNXWOg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8371130ff9fb4974-MIA
expires: Tue, 19 Dec 2023 18:01:59 GMT

GET
H2 200 rocket-loader.min.js Show response
dgza.mydrawingstar.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 37ms
36ms Script
application/javascript 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dgza.mydrawingstar.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Dec 2023 17:59:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65735965-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jFC%2FmVShXXNXu5iDcHyayHH4pjFRMEHw6%2Fo41VfsRcCiz8Yd%2Fzn4muk1X3pDEsZDi02UR8EdYnl%2BTiHlgXhsX8Bf7Z%2BOK3olsDLVOaaLiKrCV%2FxFll9oGjQuEAvnof6OXA3vlSLe2GmDFdYDZxhJm6riZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 8371130ff9fe4974-MIA
expires: Tue, 19 Dec 2023 18:01:59 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 150ms
80ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://dgza.mydrawingstar.com/
Origin: https://dgza.mydrawingstar.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 837113106f0731cc-MIA

GET
H3 200 background.png
dgza.mydrawingstar.com/static/image/ 16 KB
16 KB 174ms
174ms Image
image/png 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgza.mydrawingstar.com/static/image/background.png
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/static/css/common.css?t=1702463475852
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2101284c29e6911dc2cd14b0fddddad655e500d51b64a3d55074050b3fdb89b8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/static/css/common.css?t=1702463475852
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 15972
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
etag: "65798804-3e64"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s5kcQ6wCYv5gtsWVL6Sp%2BTEquBcSGeWcba6G%2B73sAw0d62Yl2sBakRg%2FIBp2%2FmNdl%2FLETTE9DoDtR67O65%2BfhA2hVcrHPjdVhsiXe85IKyzCE%2FTNj92cMwCiIgLFsujmtCT5KyFttulHcAkFelgTugfEnow%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83711310da7e5f1f-MIA

GET
H3 200 hand.png
dgza.mydrawingstar.com/static/image/ 3 KB
4 KB 139ms
139ms Image
image/webp 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgza.mydrawingstar.com/static/image/hand.png
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c9fd4772cf51cfc0671704a3901bb82bbeeb63641fdb198392df2746b254f55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=3446
content-disposition: inline; filename="hand.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3174
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
etag: "65798804-d76"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vAkg6MpdFH1tPXWVGqqp95acxLPug%2BMjXs9%2BLD2YWnqr%2BlkskGdoWu1Mq8Nn5weQm7LIUPYOgBKVw%2FAoIJD53UhPx5Efg0SM6BNhfA4tGCVcMzvrBzsFl0a1x8hJoSCe%2BeX646rP4N2WOg%2Bs4fJtDONMzws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83711310da815f1f-MIA

GET
H3 200 footer_bottom.png
dgza.mydrawingstar.com/static/image/pc/ 12 KB
12 KB 139ms
139ms Image
image/webp 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dgza.mydrawingstar.com/static/image/pc/footer_bottom.png
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc7e6d9821544a49db3d0d59162f22dd463ed68f36cba36c84b52b0db82410e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=13130
content-disposition: inline; filename="footer_bottom.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12104
cf-bgj: imgq:85,h2pri
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
etag: "65798804-334a"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MzFm7S4qF56n%2BiAqdJ9nfd4HLa%2FDjrk5vxBYNgVq0RJrCa33a2HcQWkb%2Bhsuk2OfPeIWOZScOWaCv7aoTH52QuqPxuWV05K16YQzZarj3lmlhdJvMF3Ra%2BLFSQwyoo%2BmkgojUoWzCd39gPUfx39Kt4YNy%2FA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 83711310da855f1f-MIA

GET
H3 200 common.js Show response
dgza.mydrawingstar.com/static/js/ 3 KB
2 KB 187ms
186ms Script
application/javascript 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgza.mydrawingstar.com/static/js/common.js?t=1702463475852
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd5ce0a20248623fbe10d6455446fa616d6fa6983f6e1c0a29c00d3fcbf5f400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"65798804-d5d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ceF1pkFxn1iziGt1wEDY7TPv5gVpKFAJIoESlnklF2%2B8JipFQsMiKTm01WAh94%2BqyO63jG1DevRcHZLL5zcalnacOpMtdSHvvxdl%2BOp2wkqMj9udWdLLIVy9Gu2u3breaURFTFMPwkDu8Wt6MnmFTdFzrh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 83711310eaac5f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 257ms
112ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c6a79d9ea7020bab42f63c35ec6c7c59d03ab88d1d5ed7a9cbf632c1550e885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51290
x-xss-protection: 0
server: cafe
etag: 9210819291130432650
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 18:01:59 GMT

GET
H3 200 jq.js Show response
dgza.mydrawingstar.com/static/js/ 87 KB
32 KB 194ms
191ms Script
application/javascript 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dgza.mydrawingstar.com/static/js/jq.js
Requested by: Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 13 Dec 2023 10:31:32 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=89501
etag: W/"65798804-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UER9nhoYyFWbj6ISZdyxD8zv9otOIvcqYUm4LGN4rjJ7pacTbq108l1K4ZhwzCpGYCMqf7oNjJ8MZnHS%2BuTNHkNbonn2Wt3eEaVb8Uv0hKSOuY83Ld%2FKBXKxLCjwULRQbnKjS9n7yQ1unYCetZlz%2FeAnU6w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=691200
cf-ray: 83711310eab25f1f-MIA
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
79 KB 220ms
80ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0LJR0B3FYM

Requested by

Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

75742a923ef1b9d65e11731017f4ce816d097184f176e8f1e91a744d99de9cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 18:01:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 298 KB
71 KB 187ms
186ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Requested by

Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3eb2fbd3fa1ad47f7e92cd8538bda81e30ee1fba2d2c888a9b092bab18d939f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72517
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 18:01:59 GMT

GET
H2 200 7661_1691478327365.jpeg
image.mydrawingstar.com/ 73 KB
73 KB 85ms
61ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/7661_1691478327365.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 009089ea247b27421e62b451972e8ccb553f620862a3ae84552ab3ffc382142c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 904
cf-polished: origSize=79414, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 74433
cf-bgj: imgq:85,h2pri
last-modified: Tue, 08 Aug 2023 07:05:34 GMT
server: cloudflare
etag: "64d1e93e-13636"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXvhQ%2FDfM3AhzaMBjnOBQ60NLK781yzFkNeQVpPlA6NorY6%2FN32g8oqrXISRKeQAETvHoCjeAawHxC%2FNm9wn1lMKSlwUV%2ByqYDN%2FHoUCgUVMwpn4u7eHzfnJT5qfIcLREEwEuvrmiD0TSS4qOpy%2FWVffIlj0"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113128dd74974-MIA

GET
H2 200 4943_1679972774268.jpeg
image.mydrawingstar.com/ 51 KB
52 KB 165ms
141ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/4943_1679972774268.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72b1ee02861148cea09b936a2f18f80c8bf743be7e1338c8310474be0dc8e894

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=55079, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 52349
cf-bgj: imgq:85,h2pri
last-modified: Tue, 28 Mar 2023 03:06:19 GMT
server: cloudflare
etag: "642259ab-d727"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8I02edyeV3p%2BtlbSk6lb%2FLCDlyO1%2FCYb4wvaDF30hKEGjiP7ft%2FvF2t7ugc0sMb9Q3THQ9SFmV47uRzNBhZrAZKv3CFpXKyzpuJ%2BoGnnvr%2BrWvfYdcrESMqjI7kV2TUA5KnOwQbqRPqNxdNby%2F6Bfu8RYxD"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113128dcf4974-MIA

GET
H2 200 3374_1673339547082.jpeg
image.mydrawingstar.com/ 20 KB
20 KB 174ms
150ms Image
image/webp 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/3374_1673339547082.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a10d4f2979176ce9f411d3f09d36a320432a4bf66a62fb7489e6e68dc8aa970

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: qual=85, origFmt=jpeg, origSize=27661
content-disposition: inline; filename="3374_1673339547082.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20140
cf-bgj: imgq:85,h2pri
last-modified: Tue, 10 Jan 2023 08:32:36 GMT
server: cloudflare
etag: "63bd22a4-6c0d"
vary: Accept
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/webp
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tXHR2FMehj9sB%2Fmz2Wk1PsBrX25NQXgTPSZFZNWIYB8s2QCiu0Hvrq%2FkLe8g1wvy1%2FSoTk0QkqLSVQmaFJxa8MQ7LswiKB3NxmTgOcs5gbMgGuAPwm5%2BsxZnWOYkvohDwffBEGR2X%2BpMGgrXBSiGHNdvXqRU"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113128dcc4974-MIA

GET
H2 200 5461_1682491839122.jpeg
image.mydrawingstar.com/ 48 KB
49 KB 162ms
139ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/5461_1682491839122.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ab1e9807e5e64517759ede6c3279a7d67afa8dc6fdd1cfb45a2791e1db49bd3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=51674, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 49285
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Apr 2023 06:50:44 GMT
server: cloudflare
etag: "6448c9c4-c9da"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAqj9VtQROjSBul%2Fp8q8x%2FtAcIclaW54pQJuRVG1%2ByEQCeVsQ4qKqH3S5DOaWCx6prfVirpbQYzMQQ5wIxCQqYDMNaRcfzBw2aPVl9P8ODNawSo2hMy9qB5fU07UIMHcn1Uk1fe%2FmYoqNLMzJ9blx6GxvZaP"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113128dc84974-MIA

GET
H2 200 5396_1682406073968.jpeg
image.mydrawingstar.com/ 60 KB
61 KB 195ms
172ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/5396_1682406073968.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888324931cbff2be6b8d98fcff8bc91ab0392c4676fbf8cc98ab2d28e1b2b75e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=64696, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 61701
cf-bgj: imgq:85,h2pri
last-modified: Tue, 25 Apr 2023 07:01:19 GMT
server: cloudflare
etag: "64477abf-fcb8"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AoTzefE%2BVSaqfqLVH0eoZ9f3muUhHegfAArK5y8IO1bPX5WdhigwqhU%2BF8NjAXcOcq%2FTsZv9N3jXMt2%2FiLJH%2FBtFdOr63YJ4pTck3eqRmol2ZcOUx62K8HwQCt%2F%2BCyE6u8rCvKcRCqlGxl1yJtdzcXgw5r6R"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113128dd44974-MIA

GET
H2 200 5394_1682308487324.jpeg
image.mydrawingstar.com/ 63 KB
64 KB 175ms
152ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/5394_1682308487324.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 873aca8311c1e9e03aaf47eeb667c0339f7a93e916c0c8574fec7dbd61075363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=68230, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 64859
cf-bgj: imgq:85,h2pri
last-modified: Mon, 24 Apr 2023 03:54:52 GMT
server: cloudflare
etag: "6445fd8c-10a86"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dfEsjFsB523eU201dEX2s1dgWoaYOJMLYNtHGBBx%2Bwk7xElIqyFH6FYFhW8Onza7Y2%2BrOueLGjs%2B1wuEcyJ6GUSDAK3W%2B%2FPYsyUgOOXDSdhZSigydNFemc2wLwxIlbDUqriKiKSIB53gRkVCXxDRDel%2BfDAM"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113128dd64974-MIA

GET
H3 200 5442_1682583816101.jpeg
image.mydrawingstar.com/ 52 KB
53 KB 44ms
43ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/5442_1682583816101.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd66de4a2ac5af093a0933344d61676716cf89f42768947b3996a17ca83bad7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 924
cf-polished: origSize=56282, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 53619
cf-bgj: imgq:85,h2pri
last-modified: Thu, 27 Apr 2023 08:23:43 GMT
server: cloudflare
etag: "644a310f-dbda"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KWimENghyPqTkCxER4KpMTiaErVFtUQPO4I2WGm7g0gDrwPdH08kt8wsTGwFk%2F9DbALpQu6%2BeAyjGDa1uYbMUkVrgEBOLBIUQZf0EGWSMsY7AI5wOObxJE7nvyHY3mmRTrDr16eIgyUXUgJA9QYRqohYXdn3"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113131e3c5f1f-MIA

GET
H3 200 7062_1689563318581.jpeg
image.mydrawingstar.com/ 34 KB
34 KB 78ms
77ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/7062_1689563318581.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 846e50b7bb05bf178ea56002276a819a69cd0d40109afe52c2516a10ec988a9d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5240
cf-polished: origSize=36245, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 34335
cf-bgj: imgq:85,h2pri
last-modified: Mon, 17 Jul 2023 03:08:44 GMT
server: cloudflare
etag: "64b4b0bc-8d95"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWJvz4jVbAw6fKP1%2Bdc9pGSwYJTOQ1XuJtelThfQ8csiLfOI6ysRK6oBao5CX66gCRVJts1D%2FGAlSu0sweeJMSdmJ8iRVWscGSqyIebDozuk9x7e%2BntXkLTbWATwt9sU%2FTvCNUiyabEI9KhHaalYg5EO3Lam"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113131e3d5f1f-MIA

GET
H3 200 5403_1682388908428.jpeg
image.mydrawingstar.com/ 46 KB
46 KB 79ms
78ms Image
image/jpeg 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.mydrawingstar.com/5403_1682388908428.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5436fc09ee9f3c8c6a039140b81104991939c77115cabe31738d1592b341e57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 924
cf-polished: origSize=48543, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 46598
cf-bgj: imgq:85,h2pri
last-modified: Tue, 25 Apr 2023 02:15:13 GMT
server: cloudflare
etag: "644737b1-bd9f"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FT%2F5g3mhSyoFUzvHi4mts4geb4a9c05dCckE702%2FTCz8tkA3mNBvffSNxSn6YTkFnOaLHK%2BH1023ac4dfU6GWwNqJbmZGF1yR2xKffB7yL1XgcFip3PmLwI%2BiAAtPTzoE6g2HH8jbRVXbz04oqgK0Ud08hU8"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=691200
accept-ranges: bytes
cf-ray: 837113131e425f1f-MIA

POST
H3 204 rum Show response
dgza.mydrawingstar.com/cdn-cgi/ 0
146 B 38ms
38ms XHR
text/plain 2606:4700:20::681a:9d4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://dgza.mydrawingstar.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:9d4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://dgza.mydrawingstar.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type: application/json

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://dgza.mydrawingstar.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 837113126d1c5f1f-MIA

POST
H2 204 collect
analytics.google.com/g/ 0
250 B 226ms
81ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0LJR0B3FYM&gtm=45je3bt0v884569042&_p=1702836119328&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1690869007.1702836120&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1702836119&sct=1&seg=0&dl=https%3A%2F%2Fdgza.mydrawingstar.com%2F&dt=My%20Drawing%20Star&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=877
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0LJR0B3FYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:01:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dgza.mydrawingstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 196ms
69ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-0LJR0B3FYM&cid=1690869007.1702836120&gtm=45je3bt0v884569042&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0LJR0B3FYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:01:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dgza.mydrawingstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
72 KB 85ms
81ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-320045868&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0LJR0B3FYM

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

622c616f606cf2af8345ff50a4eb0fc928cdb299f2f1539b08a8adfd766dfc84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 17 Dec 2023 18:01:59 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 154ms
153ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137920
x-xss-protection: 0
server: cafe
etag: 10942279955400410868
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 18:01:59 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 4365 9 KB
4 KB 209ms
68ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgza.mydrawingstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 81698
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 19:20:21 GMT
etag: 5585625838579639069
expires: Sat, 30 Dec 2023 19:20:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/405170755/ 3 KB
2 KB 474ms
86ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/405170755/?random=1702836119632&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=LHNcCNOq8osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

186119672fe686e51751e806599c95065c5578221adc2323f8b09e88089577c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1618
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/320045868/ 3 KB
2 KB 474ms
93ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/320045868/?random=1702836119644&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=Ps3XCOe9mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

71d7671eb07ce01a2d5d22a602584a055173ee285a2f20d1bda6236c3ef986b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1619
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/405170755/ 3 KB
2 KB 467ms
88ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/405170755/?random=1702836119645&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=EbVTCM6V2IoDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

3b34b9f2bf4fbb8208c3dbdc4c225991c236a2561e71ec01eb7145fa2be19216

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11007413418/ 3 KB
2 KB 470ms
92ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11007413418/?random=1702836119647&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=yPjvCNWPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

1eb43ef485f6abbb66cb6b798621102f5f6ba4ba80ba3093809e41d8a8d9ff92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1625
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/320045868/ 3 KB
2 KB 450ms
86ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/320045868/?random=1702836119657&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=xNXZCIjDk4cDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

32f55310528de0976edde7cf702a9d5b1ad10d8eaf46be03e25d4ebcbfac7358

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/405170755/ 3 KB
2 KB 452ms
89ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/405170755/?random=1702836119662&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=P5dkCL_h6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

d293dc6e8650840c51ec4c44a91423732fca2149f048f0b01ef6da6bca5aa1f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1623
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11007413418/ 3 KB
2 KB 90ms
89ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11007413418/?random=1702836119664&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=oLfKCOePuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

f739cc42e64490fe9e1d0e3c5ba7d53f967f24db11c0d06295b2db97116a3a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1621
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/ 2 KB
1 KB 122ms
92ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=1702836119686&cv=11&fst=1702836119686&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&auid=1715748006.1702836120&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-320045868&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc894d39284f8ef38ca5e8b4c83cd768812db0c4838e9e5fdda43de183f4ea94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1233
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/ 2 KB
1 KB 115ms
89ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=1702836119701&cv=11&fst=1702836119701&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&auid=1715748006.1702836120&uamb=0&uaw=0&data=event%3Dlp_loaded%3Bevent_category%3Dlp_q&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-320045868&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e55df9c6a46d472a4484e09a72747a40364d3df6c0969fbe5a5839b659153c95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:01:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1243
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/320045868/ 42 B
108 B 287ms
85ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/320045868/?random=1702836119701&cv=11&fst=1702836000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&frm=0&tiba=My%20Drawing%20Star&data=event%3Dlp_loaded%3Bevent_category%3Dlp_q&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_v9AYNO1p7UzBUPW0zHx87VqkaRT3VQ&random=922433538&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/320045868/ 42 B
455 B 285ms
84ms Image
image/gif 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/320045868/?random=1702836119686&cv=11&fst=1702836000000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&frm=0&tiba=My%20Drawing%20Star&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_ogsuK-dv1aaHseyC1xKLiooqaeBsrw&random=3172022012&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D309 202 KB
56 KB 1153ms
1137ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6150993149788596&output=html&adk=2256557096&adf=402691422&lmt=1702463517&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&channel=3561613167&format=0x0&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702836119569&bpp=3&bdt=559&idt=285&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2605430685161&frm=20&pv=2&ga_vid=1690869007.1702836120&ga_sid=1702836120&ga_hid=1558430667&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079979%2C95320376%2C95320884&oid=2&pvsid=939867692259472&tmod=519478264&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=298

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106ce215f5e20b1621e83400b24e1d6c6ddcde6a85577f9f26b0342891b79093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgza.mydrawingstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 56602
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 18:02:01 GMT
expires: Sun, 17 Dec 2023 18:02:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 256ms
98ms XHR
application/json 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0d3660ffb1d1f9cb6061314bb3cb48e184b85dbb046f9e7fd0d02975a53b9d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12093
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87F6 119 KB
42 KB 1286ms
1252ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6150993149788596&output=html&h=280&slotname=1856364423&adk=2620056696&adf=1116041453&pi=t.ma~as.1856364423&w=1200&fwrn=4&fwrnh=100&lmt=1702463517&rafmt=1&channel=3561613167&format=1200x280&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702836119573&bpp=1&bdt=563&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2605430685161&pv_ch=3561613167%2B&frm=20&pv=1&ga_vid=1690869007.1702836120&ga_sid=1702836120&ga_hid=1558430667&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079979%2C95320376%2C95320884&oid=2&pvsid=939867692259472&tmod=519478264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b0234cdd6589f60ff5e558639943c95b5eeedeb89901646149181b96b8beb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgza.mydrawingstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42422
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 18:02:01 GMT
expires: Sun, 17 Dec 2023 18:02:01 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
www.google.com/pagead/1p-conversion/320045868/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=1658594257&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/320045868/?random=1658594257&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

87ms
87ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/320045868/?random=1658594257&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=xNXZCIjDk4cDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04c2pjdlA3ZUFuNXBwYzJaQmlDODkxOHhLZjVCQ3VOYTNfX015VVNVUi1INHBST2F6Ui1MT3pGUSITCOfOsPCGl4MDFV8KaAgdlfgCOA&is_vtc=1&ocp_id=mDd_ZeeiBN-UoPMPlfGLwAM&cid=CAQSKQAvHhf_cJqcBZeVGm7tHgZuAVMOhyTi_Mq8rJ4oJtXiF6QB9RvWGXb4&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzuvcAl8DmjBX5yPTGGo8LZmon065WsrrOQ&random=1257163770

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/320045868/?random=1658594257&cv=11&fst=1702836119657&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=xNXZCIjDk4cDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04c2pjdlA3ZUFuNXBwYzJaQmlDODkxOHhLZjVCQ3VOYTNfX015VVNVUi1INHBST2F6Ui1MT3pGUSITCOfOsPCGl4MDFV8KaAgdlfgCOA&is_vtc=1&ocp_id=mDd_ZeeiBN-UoPMPlfGLwAM&cid=CAQSKQAvHhf_cJqcBZeVGm7tHgZuAVMOhyTi_Mq8rJ4oJtXiF6QB9RvWGXb4&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzuvcAl8DmjBX5yPTGGo8LZmon065WsrrOQ&random=1257163770
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/405170755/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=1117167283&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/405170755/?random=1117167283&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

86ms
86ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/405170755/?random=1117167283&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=LHNcCNOq8osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fVXBEazl2OE9XNEpvNi13OF9PM0N4ZkF1ckQwdUFiZDRabUxBdi0zVWxRQWlWQUNEV05mUzhyUSITCNHMsPCGl4MDFYFRDQodSzILTg&is_vtc=1&ocp_id=mDd_ZdGgBIGjNcvkrPAE&cid=CAQSKQAvHhf_rxIubZQ5KreqnZpaRe0wSr-aqwn7rqyDGpgYIAN-_zb_oN5R&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkDtNifbVS-SDEAOJGFC9e-L5WhXAQX8HA&random=1062791787

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/405170755/?random=1117167283&cv=11&fst=1702836119632&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=LHNcCNOq8osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fVXBEazl2OE9XNEpvNi13OF9PM0N4ZkF1ckQwdUFiZDRabUxBdi0zVWxRQWlWQUNEV05mUzhyUSITCNHMsPCGl4MDFYFRDQodSzILTg&is_vtc=1&ocp_id=mDd_ZdGgBIGjNcvkrPAE&cid=CAQSKQAvHhf_rxIubZQ5KreqnZpaRe0wSr-aqwn7rqyDGpgYIAN-_zb_oN5R&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkDtNifbVS-SDEAOJGFC9e-L5WhXAQX8HA&random=1062791787
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/405170755/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=139498779&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/405170755/?random=139498779&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...

42 B
108 B

91ms
91ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/405170755/?random=139498779&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=EbVTCM6V2IoDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05WHFsQmt0RDRFakN3U0VZTXk4Njg2UldkU0tXd2JHVlFHc1pUVFJxZEdra1lMSUE3aHg5dG43dyITCJXRsPCGl4MDFcqanwodYIIE4Q&is_vtc=1&ocp_id=mDd_ZZWlBMq1_gTghJKIDg&cid=CAQSKQAvHhf_-USOci_4Y1cuW0TY1kyvnB1sfIUHH9nnmZBwgKfGJkzK9Zuw&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzhu3bcNbjiO--IMW87l8ypHS0bW1drfN2g&random=3481274594

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/405170755/?random=139498779&cv=11&fst=1702836119645&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=EbVTCM6V2IoDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=0&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05WHFsQmt0RDRFakN3U0VZTXk4Njg2UldkU0tXd2JHVlFHc1pUVFJxZEdra1lMSUE3aHg5dG43dyITCJXRsPCGl4MDFcqanwodYIIE4Q&is_vtc=1&ocp_id=mDd_ZZWlBMq1_gTghJKIDg&cid=CAQSKQAvHhf_-USOci_4Y1cuW0TY1kyvnB1sfIUHH9nnmZBwgKfGJkzK9Zuw&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzhu3bcNbjiO--IMW87l8ypHS0bW1drfN2g&random=3481274594
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/405170755/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=2116164515&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/405170755/?random=2116164515&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

90ms
90ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/405170755/?random=2116164515&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=P5dkCL_h6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04eU9hYWZmeTFGNkdGYzc3RnMxaVlzU1FrVExoYUkxV1VyOXg3ZTNROU40SW9XbGlaLWlnWHpXQSITCKHUsPCGl4MDFXgWaAgdccEHMw&is_vtc=1&ocp_id=mDd_ZaGoBPisoPMP8YKfmAM&cid=CAQSKQAvHhf_r_rCRjuV9PKRgHUhfLLwO0GpgBRsCEGe2cuFZExukkNUlj6c&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkW1-eom4X6OBjCAMLnmZDiLlhCx-4OG2A&random=3551379044

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/405170755/?random=2116164515&cv=11&fst=1702836119662&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=P5dkCL_h6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04eU9hYWZmeTFGNkdGYzc3RnMxaVlzU1FrVExoYUkxV1VyOXg3ZTNROU40SW9XbGlaLWlnWHpXQSITCKHUsPCGl4MDFXgWaAgdccEHMw&is_vtc=1&ocp_id=mDd_ZaGoBPisoPMP8YKfmAM&cid=CAQSKQAvHhf_r_rCRjuV9PKRgHUhfLLwO0GpgBRsCEGe2cuFZExukkNUlj6c&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzkW1-eom4X6OBjCAMLnmZDiLlhCx-4OG2A&random=3551379044
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/11007413418/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=1784584421&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=160...
https://www.google.com/pagead/1p-conversion/11007413418/?random=1784584421&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%...

42 B
108 B

89ms
89ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11007413418/?random=1784584421&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=yPjvCNWPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOXJLTGJHX3A2Y0dtUUJOdTF1RlM0dWE4YmRoOWFqd2cwX1B6Wl9US3lacFM0RUcyYUZyRlpHdyITCOrHsPCGl4MDFRoMaAgd2-YMBQ&is_vtc=1&ocp_id=mDd_ZeqbBJqYoPMP282zKA&cid=CAQSKQAvHhf_6w8_5JDuakKm9nxqCPluMa8-ZA6H-rwlPP1wv_jLfxBl9km5&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzvZne_pFYmxp28Ug8FWebJidC9goYMHm6A&random=3690031122

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11007413418/?random=1784584421&cv=11&fst=1702836119647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=yPjvCNWPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOXJLTGJHX3A2Y0dtUUJOdTF1RlM0dWE4YmRoOWFqd2cwX1B6Wl9US3lacFM0RUcyYUZyRlpHdyITCOrHsPCGl4MDFRoMaAgd2-YMBQ&is_vtc=1&ocp_id=mDd_ZeqbBJqYoPMP282zKA&cid=CAQSKQAvHhf_6w8_5JDuakKm9nxqCPluMa8-ZA6H-rwlPP1wv_jLfxBl9km5&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzvZne_pFYmxp28Ug8FWebJidC9goYMHm6A&random=3690031122
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/320045868/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=1598481190&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/320045868/?random=1598481190&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

91ms
90ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/320045868/?random=1598481190&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=Ps3XCOe9mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tYndncDFFdXZGSDJtZWt6WUxyb0dpMzZsc0tYNi04UWNfVlJ5Qnh4bzJ2YWJXUENxTHRmTnhrZyITCOHKsPCGl4MDFfccaAgdvPADAQ&is_vtc=1&ocp_id=mDd_ZeGeBPe5oPMPvOGPCA&cid=CAQSKQAvHhf_s_Moc_YujAfImz6kkQ8AY1GqGXkq5vmTinj2NRYSvWK4GeT3&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mziVSWSeHQzSTe6Uf00rB5OxjJ2Lm592bXg&random=2347145297

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/320045868/?random=1598481190&cv=11&fst=1702836119644&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=Ps3XCOe9mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tYndncDFFdXZGSDJtZWt6WUxyb0dpMzZsc0tYNi04UWNfVlJ5Qnh4bzJ2YWJXUENxTHRmTnhrZyITCOHKsPCGl4MDFfccaAgdvPADAQ&is_vtc=1&ocp_id=mDd_ZeGeBPe5oPMPvOGPCA&cid=CAQSKQAvHhf_s_Moc_YujAfImz6kkQ8AY1GqGXkq5vmTinj2NRYSvWK4GeT3&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mziVSWSeHQzSTe6Uf00rB5OxjJ2Lm592bXg&random=2347145297
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 247ms
96ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 17 Dec 2023 18:02:00 GMT

GET
H2

200

/
www.google.com/pagead/1p-conversion/11007413418/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=12322543&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/11007413418/?random=12322543&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
108 B

93ms
90ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11007413418/?random=12322543&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=oLfKCOePuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05UHJObERucUdrSDZwVGJlYktUQXE4WVhBcmtwM0NJWW9FdXp4SHhNZVlhRHdXcjRJdGZBdWduQSITCJr3tfCGl4MDFcWKnwodAbMPiA&is_vtc=1&ocp_id=mDd_ZZrLCcWV_gSB5r7ACA&cid=CAQSKQAvHhf_suFqpCn4hUIa2loCjby69EAcmviDvsxqoEba7UwCbcZ39FC8&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzppj8yNBeeGV908pTNdqmPrjewz-nLOB8A&random=1786266481

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:00 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11007413418/?random=12322543&cv=11&fst=1702836119664&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=oLfKCOePuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05UHJObERucUdrSDZwVGJlYktUQXE4WVhBcmtwM0NJWW9FdXp4SHhNZVlhRHdXcjRJdGZBdWduQSITCJr3tfCGl4MDFcWKnwodAbMPiA&is_vtc=1&ocp_id=mDd_ZZrLCcWV_gSB5r7ACA&cid=CAQSKQAvHhf_suFqpCn4hUIa2loCjby69EAcmviDvsxqoEba7UwCbcZ39FC8&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzppj8yNBeeGV908pTNdqmPrjewz-nLOB8A&random=1786266481
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 422D 13 KB
5 KB 68ms
67ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgza.mydrawingstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 5245
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 16:34:35 GMT
expires: Mon, 16 Dec 2024 16:34:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EDC 829 B
561 B 86ms
86ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e99f4621d0238a6cc90c25dc9a2e3d850a06869e646a9df7d3af7297f55fc74e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4LYSSBhaqK08kJOWpOG7yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://dgza.mydrawingstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-4LYSSBhaqK08kJOWpOG7yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 18:02:00 GMT
expires: Sun, 17 Dec 2023 18:02:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EDC 0
0 126ms
125ms Image
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=939867692259472&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 422D 39 KB
15 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 20:08:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165187
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Dec 2024 20:08:53 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 422D 0
10 B 66ms
66ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7vtDEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 87F6 6 KB
1 KB 223ms
82ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6150993149788596&output=html&h=280&slotname=1856364423&adk=2620056696&adf=1116041453&pi=t.ma~as.1856364423&w=1200&fwrn=4&fwrnh=100&lmt=1702463517&rafmt=1&channel=3561613167&format=1200x280&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702836119573&bpp=1&bdt=563&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2605430685161&pv_ch=3561613167%2B&frm=20&pv=1&ga_vid=1690869007.1702836120&ga_sid=1702836120&ga_hid=1558430667&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079979%2C95320376%2C95320884&oid=2&pvsid=939867692259472&tmod=519478264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 17:45:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 87F6 2 KB
822 B 67ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 07:26:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 87F6 23 KB
9 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 01:52:46 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 87F6 3 KB
1 KB 80ms
79ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 15:44:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 87F6 20 KB
8 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 15:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 87F6 0
0 84ms
83ms Image
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXnlAIF9OxZWYn_GDZXXYWxrOLdO1A1dfDu9ca0qtS2rcpdulRPrmZqcbyIl3PSzDMqcNg0Y-Zt9uNnYr64vSAqUM3Yg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6150993149788596&output=html&h=280&slotname=1856364423&adk=2620056696&adf=1116041453&pi=t.ma~as.1856364423&w=1200&fwrn=4&fwrnh=100&lmt=1702463517&rafmt=1&channel=3561613167&format=1200x280&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702836119573&bpp=1&bdt=563&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2605430685161&pv_ch=3561613167%2B&frm=20&pv=1&ga_vid=1690869007.1702836120&ga_sid=1702836120&ga_hid=1558430667&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=566&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079714%2C31079979%2C95320376%2C95320884&oid=2&pvsid=939867692259472&tmod=519478264&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=303
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87F6 203 KB
65 KB 220ms
79ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 87F6 37 KB
16 KB 208ms
66ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 23:24:01 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 98ms
98ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94ba7a5dc1b9ef7f00ff51157a06e9c75f52da9bdf04d114c3263c3f98bcc367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55995
x-xss-protection: 0
server: cafe
etag: 15090547293979274280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 93 KB
32 KB 150ms
150ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e14311341d7bad006017ffd740fce2dfa5ae841a0d67debed77550ab065c6fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33003
x-xss-protection: 0
server: cafe
etag: 12330935598676447815
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12992464460418136959/ Frame 87F6 73 KB
73 KB 80ms
79ms Image
image/jpeg 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12992464460418136959/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3810033a55d49b3cdea9b7e016f831065a15c6a801bc378c5df97606c3b25dc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 15 Dec 2024 00:01:48 GMT
date: Sat, 16 Dec 2023 00:01:48 GMT
x-content-type-options: nosniff
age: 151213
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75091
x-xss-protection: 0
last-modified: Wed, 15 Nov 2023 22:10:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5726 1 KB
643 B 70ms
67ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 23:42:56 GMT
etag: 48472445140208031
expires: Sun, 17 Dec 2023 23:42:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 156ms
156ms Image
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=939867692259472&bg=!3d6l3pHNAAY3kmNgF5I7ADQBe5WfOHYa34jXJ_xp5yFGif4sVGWYDxAnJqMkW1No-nALFXx_e6Qo1oqz_Xo6wQ-VT6iQAgAAAFZSAAAABGgBB5kC8HgGaah730ro9ni4bdGKdOFgAtoFMYdeUKQuaS7nvs4WjEB0N4GP-yop_nfeEzbeK3znf2DvBfaqNoKllGSvK6mk-RpQy2aljtZfSb3SGYH3dgCmq8nfe1aqrzyHMapZ_osrwlc9OleYnxD90D4H0tg43RlvOIXpezl8bMaf-gMOjOxqQ_Ffq0RkZAADQ0oFVjKM8t9eDYUIJUe592fZ4jI-lTTB32N-9G5qh5l24QATPBLdhjfh9e203NgCNOJ4oLbFOjDZMl4mMZeHjV52bWpNP5jFoE7guIme_k1dRDIUdWenGOxMlWyyeYYCleepRbI5pM8z37TYmET0R5nKwNMECKqWCHxq8pf3Vqm1laBC88wjiPr-30KIU6gmqpTx1jGQJLJ1OBkFH4pDqEHTV1X7n_s5LZlwGTiXkhZS0J7V70F7UFSSwCzuf94m5eN_8U8ow6zHhcRsc-lNMHjHl4PlpnhxSvA4wYfK2gA795W-LsjIAT3E82lQOf2h-wbp9Rq7FSxGL7AhL_89PtKdxCTuwtS8-CQDFFfEE_LEdwmHpXPBaoWPik0i34R-a4tnjQlr0kCI6kPymaLGqusxPJuvMLm83FYaRvCmrqpkcxOarXPwDp8roUr3YIxIShTs-b5CnE8K3BvW5dXXMjAqzTIsh9lwfrGro8Il-1OocmWrXSR5-a3Og9lTgYeEKbPUgdhVR2R2MFkRgBYYImoAaDwwC8DsJXyD3bKKz1dYgXalOs9K_92DICgo9c53hfNUpiR5Z2tl2O49vj3haykQxsQkz13ZgLa5iDJ0fl9Qdjw4_h32LznBtcUBpzTsDwPJy15RfhzKQgAKpFUHxgEQFFrX_V3EriYbJeFtoQJjLE1vZTScsvVYSwTWmhGDHywooBTzv3kkJpoL-DfvKVlF3rCybVs2umIj6VFKbW7laO7lv0jemih50vIjV_fQNpyX-MKl66_YyC0Od4p74dKy6NdjRrDo1bnXdSkO9xQ_Ochr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 81ms
80ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0LJR0B3FYM&gtm=45je3bt0v884569042&_p=1702836119328&gcd=11l1l1l1l1&dma=0&cid=1690869007.1702836120&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1702836119&sct=1&seg=0&dl=https%3A%2F%2Fdgza.mydrawingstar.com%2F&dt=My%20Drawing%20Star&en=lp_loaded&_ee=1&ep.event_category=lp_q&_et=5&tfd=2739
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0LJR0B3FYM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dgza.mydrawingstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 87F6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bacd38eb2e944851d1a5bb2b7867b2902208a3efe9b7f9775598d66688e70b6f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5726
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEKUbhrZJetsk0k6P6g9kjMo&google_cver=1&google_push=AXcoOmRD2_vsks182g6QiHUCurTk9LeW0QvSuL2mw4yU5NpVFA1_o_TMJHx2kXnm273oKND5CBMNrKHw5TRbxMj6ms...
https://match.adsrvr.org/track/cmb/google?google_gid=CAESEKUbhrZJetsk0k6P6g9kjMo&google_cver=1&google_push=AXcoOmRD2_vsks182g6QiHUCurTk9LeW0QvSuL2mw4yU5NpVFA1_o_TMJHx2kXnm273oKND5CBMNrKHw5TRbxMj6ms...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c

170 B
232 B

83ms
83ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c
date: Sun, 17 Dec 2023 18:02:01 GMT
server: Kestrel
content-length: 423

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5726
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJcThp_wJ7ul0vrESeD00Rg&google_cver=1&google_push=AXcoOmRn3eDczaCyHIPJ82SwpnBlaMvpt8tEHBvFtOUK7mVRKX86q_3BHNFgCMMuaqz9rYLnhl2fnikUmIJGcUe8...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmRn3eDczaCyHIPJ82SwpnBlaMvpt8tEHBvFtOUK7mVRKX86q_3BHNFgCMMuaqz9rYLnhl2fnikUmIJGcUe8vrsPWScjV9HdVns...

170 B
232 B

85ms
84ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmRn3eDczaCyHIPJ82SwpnBlaMvpt8tEHBvFtOUK7mVRKX86q_3BHNFgCMMuaqz9rYLnhl2fnikUmIJGcUe8vrsPWScjV9HdVnsh00xEmTIJjUaoeKwURfJMs9IkpT1QkPrLXXYQMSXlvB6NPTWVUV3U7g

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Dec 2023 18:02:01 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmRn3eDczaCyHIPJ82SwpnBlaMvpt8tEHBvFtOUK7mVRKX86q_3BHNFgCMMuaqz9rYLnhl2fnikUmIJGcUe8vrsPWScjV9HdVnsh00xEmTIJjUaoeKwURfJMs9IkpT1QkPrLXXYQMSXlvB6NPTWVUV3U7g
x-host: tde-deliveryengine-production-6b95976987-4qhj8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5726
Redirect Chain

https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEDJZfQ70lgCoAkQHCO-k-pQ&google_cver=...
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTE0YTExNzUtMGIzMS00Y2VjLWI2NTUtMjk4NTI2NjAwMjli&google_gid=CAESEDJZfQ70lgCoAkQHCO-k-pQ&google_cver=1&google_push=AXcoOmQj...

170 B
232 B

84ms
84ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTE0YTExNzUtMGIzMS00Y2VjLWI2NTUtMjk4NTI2NjAwMjli&google_gid=CAESEDJZfQ70lgCoAkQHCO-k-pQ&google_cver=1&google_push=AXcoOmQjAmR_IE2iAJKtEZ7tY0bU9VLzGLBlEK4JtzLGwLIMQuLWQUEN1ecCunOlH5RzZpeIMYmWhlZk6NzhG9GUbdLgxLF-zIoN08s5Qny-kcvcayGqPh24jkfUbD4HP9lb-HKczDxXt7-otUx7uso3bvDc

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NTE0YTExNzUtMGIzMS00Y2VjLWI2NTUtMjk4NTI2NjAwMjli&google_gid=CAESEDJZfQ70lgCoAkQHCO-k-pQ&google_cver=1&google_push=AXcoOmQjAmR_IE2iAJKtEZ7tY0bU9VLzGLBlEK4JtzLGwLIMQuLWQUEN1ecCunOlH5RzZpeIMYmWhlZk6NzhG9GUbdLgxLF-zIoN08s5Qny-kcvcayGqPh24jkfUbD4HP9lb-HKczDxXt7-otUx7uso3bvDc
date: Sun, 17 Dec 2023 18:02:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5726
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEGSpi_iD9MBmVEs4PN2RnDU&google_cver=1&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9s...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEGSpi_iD9MBmVEs4PN2RnDU&google_cver=1&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV...
https://t.pswec.com/bsw_sync?ssp=google&bsw_user_id=d6fc6b37-e8cf-443d-80f8-f36841e40675
https://t.pswec.com/ul_cb/bsw_sync?ssp=google&bsw_user_id=d6fc6b37-e8cf-443d-80f8-f36841e40675
https://x.bidswitch.net/sync?dsp_id=2&user_id=99bb13f1-6351-4fa7-918b-e4320803cce8&expires=3&user_group=1&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9sd-54FmxOOF92atYm9Y3anAMqTjbO6-kMdsaHsC2_6R...

170 B
188 B

82ms
82ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9sd-54FmxOOF92atYm9Y3anAMqTjbO6-kMdsaHsC2_6RUhVg1COa2vZHV4-slOfztX&google_hm=1vxrN-jPRD2A-PNoQeQGdQ==

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmR3kapiQ-VIRPHBD3klwhW6X6fy0vVpxzxVwxRAC6XXbPdmuaMyA7bsvA6AUEVQoNvQFqZHqhWnIR6rVV0lZi9sd-54FmxOOF92atYm9Y3anAMqTjbO6-kMdsaHsC2_6RUhVg1COa2vZHV4-slOfztX&google_hm=1vxrN-jPRD2A-PNoQeQGdQ==
Date: Sun, 17 Dec 2023 18:02:02 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5726
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELkteGBuBDzcnZv2J9ftwF4&google_cver=1&google_push=AXcoOmRfa5RdAlfa5E1mhmzoAm6GJUegu07P0Z6rOSyvxXWqPiB66Lbp271x8KSjcSVrd9Wb-k1uLUrDbOgpNywyhQ1AGuJ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRfa5RdAlfa5E1mhmzoAm6GJUegu07P0Z6rOSyvxXWqPiB66Lbp271x8KSjcSVrd9Wb-k1uLUrDbOgpNywyhQ1AGuJ_Wz1eX_6KEi85CNJM5vwft_bjpoK48xoRGwlEF...

170 B
329 B

83ms
83ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRfa5RdAlfa5E1mhmzoAm6GJUegu07P0Z6rOSyvxXWqPiB66Lbp271x8KSjcSVrd9Wb-k1uLUrDbOgpNywyhQ1AGuJ_Wz1eX_6KEi85CNJM5vwft_bjpoK48xoRGwlEFGDmvrXl3MJnJd1xIqT0dSwxRA&google_hm=eS1CMUpQWDJSRTJwRXRyMGhLMHN6YmU0cDNMSEh4N3NqVH5B

Requested by

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Dec 2023 18:02:01 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRfa5RdAlfa5E1mhmzoAm6GJUegu07P0Z6rOSyvxXWqPiB66Lbp271x8KSjcSVrd9Wb-k1uLUrDbOgpNywyhQ1AGuJ_Wz1eX_6KEi85CNJM5vwft_bjpoK48xoRGwlEFGDmvrXl3MJnJd1xIqT0dSwxRA&google_hm=eS1CMUpQWDJSRTJwRXRyMGhLMHN6YmU0cDNMSEh4N3NqVH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5726
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEKgizce5nlY7xqj_StJJN3M&google_cver=1&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEKgizce5nlY7xqj_StJJN3M&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM7yp-LiYrtTVtZ2FUCtcYtj4NvTkIQ2XL_roocce5ekHYYZ...

170 B
232 B

84ms
84ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM7yp-LiYrtTVtZ2FUCtcYtj4NvTkIQ2XL_roocce5ekHYYZi-JbKYIwwwapegMMtNNqoMZA1_Q&google_hm=ZVBNaGoyMmhUUVgyQnZCcDJKajI=

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 17 Dec 2023 18:02:01 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmTCuW4oGfzw3YPyFPBQdMsrWM42GRutGfmqT_NZasje_sixCLBQujS6d04B9wtj6J6pUapeSkscQebTM7yp-LiYrtTVtZ2FUCtcYtj4NvTkIQ2XL_roocce5ekHYYZi-JbKYIwwwapegMMtNNqoMZA1_Q&google_hm=ZVBNaGoyMmhUUVgyQnZCcDJKajI=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 294
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 5726
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEEwFg3F6qxHUgHcCGK1a7nU?ext-param=AXcoOmS3lrYP_7YN6nSGN_RI7_o4T8rz55btmR3I7BEh3b4hGIXutGBwI0chNKEA1ndCCepzLRHMSe7vUlxIuE8h0T-bOItihs5TdoiCTb1oiMll4ICaa6a7GeeS...
https://an.yandex.ru/mapuid/google/CAESEEwFg3F6qxHUgHcCGK1a7nU?redir-setuniq=1&ext-param=AXcoOmS3lrYP_7YN6nSGN_RI7_o4T8rz55btmR3I7BEh3b4hGIXutGBwI0chNKEA1ndCCepzLRHMSe7vUlxIuE8h0T-bOItihs5TdoiCTb1o...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEEwFg3F6qxHUgHcCGK1a7nU&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

181ms
181ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:02 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Sun, 01 Dec 2024 18:02:02 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5726 0
130 B 237ms
83ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jd99KP-ZVD5UeeTQ5RkxNtgjq8ousCCl4udHHF2pEcDZrUkQOIJdx1SO6m9nLhQLPZbHQdig

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame E5A3 9 KB
4 KB 67ms
66ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dgza.mydrawingstar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 50444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Sun, 31 Dec 2023 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame E5A3 4 KB
744 B 82ms
81ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 17:50:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E5A3 205 B
520 B 69ms
67ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 10:32:33 GMT
x-content-type-options: nosniff
age: 199768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 14 Dec 2024 10:32:33 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E5A3 604 B
696 B 78ms
76ms Image
image/png 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 02:40:29 GMT
x-content-type-options: nosniff
age: 141692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 15 Dec 2024 02:40:29 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E5A3 16 KB
7 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58041
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 01:54:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame E5A3 22 KB
9 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 21:52:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72581
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Dec 2023 21:52:20 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Fetch
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://dgza.mydrawingstar.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87F6 15 KB
16 KB 211ms
67ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 12 Dec 2023 19:41:38 GMT
x-content-type-options: nosniff
age: 426023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Dec 2024 19:41:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87F6 15 KB
15 KB 228ms
85ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 17:49:20 GMT
x-content-type-options: nosniff
age: 87161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 15 Dec 2024 17:49:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 87F6 15 KB
15 KB 283ms
142ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 15 Dec 2023 18:08:19 GMT
x-content-type-options: nosniff
age: 172422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Dec 2024 18:08:19 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 87F6
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C87_gmDd_ZafsB-C9998PgtuK2A_mia7sdNGzjeikEt_u_t2VDhABIOPD5IMBYMmGgIDco8QQoAHW29r8AsgBCakCwR1qVDszgT6oAwHIA8sEqgTcAU_Qnr73Osh3-uchi94M1EY_vmVdK8J...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90e5d4b3dfdd86bc0000000000000000%22,%222%22:%220x1a9a2ddf912294e50000000000000000%22,%223%22:%220xda1c07...

0
0

93ms
93ms

Fetch
text/css

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x90e5d4b3dfdd86bc0000000000000000%22,%222%22:%220x1a9a2ddf912294e50000000000000000%22,%223%22:%220xda1c07f3e6d37e3b0000000000000000%22,%224%22:%220x2f268f0f63cb55b40000000000000000%22,%225%22:%220xf00cb48c33eeb1820000000000000000%22},%22debug_key%22:%224393885931226983599%22,%22debug_reporting%22:true,%22destination%22:%22https://metasolitare.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22798404054%22],%2222%22:[%22true%22],%224%22:[%2212-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215003772865093833665%22}&andc=true

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:02 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x90e5d4b3dfdd86bc0000000000000000","2":"0x1a9a2ddf912294e50000000000000000","3":"0xda1c07f3e6d37e3b0000000000000000","4":"0x2f268f0f63cb55b40000000000000000","5":"0xf00cb48c33eeb1820000000000000000"},"debug_key":"4393885931226983599","debug_reporting":true,"destination":"https://metasolitare.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"15003772865093833665"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 17 Dec 2023 18:02:02 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 17 Dec 2023 18:02:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x90e5d4b3dfdd86bc0000000000000000","2":"0x1a9a2ddf912294e50000000000000000","3":"0xda1c07f3e6d37e3b0000000000000000","4":"0x2f268f0f63cb55b40000000000000000","5":"0xf00cb48c33eeb1820000000000000000"},"debug_key":"4393885931226983599","debug_reporting":true,"destination":"https://metasolitare.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["798404054"],"22":["true"],"4":["12-17"],"6":["true"]},"priority":"500","source_event_id":"15003772865093833665"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 44FF 51 KB
19 KB 68ms
68ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 18:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84501
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 18:33:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EB7E 14 KB
1 KB 82ms
82ms Stylesheet
text/css 2607:f8b0:4006:824::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 17 Dec 2023 16:28:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EB7E 2 KB
822 B 66ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 07:26:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 07:26:25 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame EB7E 23 KB
9 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 01:52:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 01:52:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2C0 143 B
166 B 68ms
66ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 17:23:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EB7E 3 KB
1 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 15:44:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1146 1 KB
643 B 68ms
67ms Document
text/html 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 65945
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 16 Dec 2023 23:42:56 GMT
etag: 48472445140208031
expires: Sun, 17 Dec 2023 23:42:56 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame EB7E 20 KB
8 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 15:44:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 31 Dec 2023 15:44:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EB7E 0
0 83ms
82ms Image
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqCNcBLog0auWj3o-1D_ZcqtjT65fcnPKNLjlRlQxoAYBxeB6-sJrT-tQRKkgF1bwY7BHJWWvSRkdGRP24NfxFYhY-xg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame EB7E 203 KB
64 KB 87ms
86ms Script
text/javascript 2607:f8b0:4006:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Dec 2023 18:02:01 GMT

GET
H3 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame EB7E 37 KB
15 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 14 Dec 2023 23:24:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239880
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 23:24:01 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 232ms
94ms Preflight
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 17 Dec 2023 18:02:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1146
Redirect Chain

https://px.owneriq.net/ecmg?google_gid=CAESEMhVmR1bViehZ0rBTSiVySk&google_cver=1&google_push=AXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiB...
https://px.owneriq.net/ecc?redir=https%3a%2f%2fcm.g.doubleclick.net%2fpixel%3fgoogle_nid%3downeriq1%26google_sc%26google_push%3dAXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB...
https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiBpzqY_BHMnXgl3N5p...

170 B
188 B

85ms
84ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiBpzqY_BHMnXgl3N5pba0gGEvoVQB58oU-8HkGPI7Nm4qhr4sUj7Mp0g&google_cver=1&google_gid=CAESEMhVmR1bViehZ0rBTSiVySk&google_hm=UTc1NjEyMjUyMjEyMzc1MjIxMjA=

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 17 Dec 2023 18:02:02 GMT
Server: Apache/2.4.6 (CentOS)
X-Powered-By: PHP/7.3.33
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://cm.g.doubleclick.net/pixel?google_nid=owneriq1&google_sc&google_push=AXcoOmSsPonHBaNEjfxTVdnpzZTc1f69rr0J8Ujh2A61kHPWvCj9vZKkhAP2VxV4-zyGB_VsXjG7i23STFsbtL2wAUTcBu_R20OxbbiBpzqY_BHMnXgl3N5pba0gGEvoVQB58oU-8HkGPI7Nm4qhr4sUj7Mp0g&google_cver=1&google_gid=CAESEMhVmR1bViehZ0rBTSiVySk&google_hm=UTc1NjEyMjUyMjEyMzc1MjIxMjA=
Content-Type: text/html
Cache-Control: max-age=85832
Connection: keep-alive
Content-Length: 154

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1146
Redirect Chain

https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIh7jAtEUEbyEWb7n138yW8&google_cver=1&google_push=AXcoOmSI7Mb3Wntfsn3GUUCZfg6Gx_oVoUZbHwxm2pHZJ5lfa1j_tzmDsS23FYdboEHEnHOJGKwUDYLGFe-jHZGP8a...
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c

170 B
188 B

84ms
83ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZDhiY2IzMDctY2UyNC00Y2Y4LWEyOTYtYjJjMDdmM2E5MDJj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=d8bcb307-ce24-4cf8-a296-b2c07f3a902c
date: Sun, 17 Dec 2023 18:02:01 GMT
server: Kestrel
content-length: 423

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1146
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGrGoZfLV9zjKpONIeZVJyQ&google_cver=1&google_push=AXcoOmR3RGbryFtNgebf_MIQq4vJ_7uaG95dh9_7mEKsAtU8lH805WDfJGeXKv44DfQ6LRKEvzi9D8FjdKhuMABX...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmR3RGbryFtNgebf_MIQq4vJ_7uaG95dh9_7mEKsAtU8lH805WDfJGeXKv44DfQ6LRKEvzi9D8FjdKhuMABX6gjyp5mt0goPCim...

170 B
188 B

82ms
82ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmR3RGbryFtNgebf_MIQq4vJ_7uaG95dh9_7mEKsAtU8lH805WDfJGeXKv44DfQ6LRKEvzi9D8FjdKhuMABX6gjyp5mt0goPCimhyZE0zxJjQWzNVAd196TQFYSS2lqgp9SCinyTwF0iYq4xy9cwFC-IBg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Dec 2023 18:02:02 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=hP5XKFuyS1YI0OITgfo1rQ&google_push=AXcoOmR3RGbryFtNgebf_MIQq4vJ_7uaG95dh9_7mEKsAtU8lH805WDfJGeXKv44DfQ6LRKEvzi9D8FjdKhuMABX6gjyp5mt0goPCimhyZE0zxJjQWzNVAd196TQFYSS2lqgp9SCinyTwF0iYq4xy9cwFC-IBg
x-host: tde-deliveryengine-production-6b95976987-gmgq9
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1146 43 B
363 B 175ms
57ms Image
image/gif 74.119.119.150
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSE9ZXzxAozaQ1OveZEnOYk1WR5MlpFLlvwpmorHGMKPgZ7EAeXF79-7UqqTqPK8BZPUk5S14ZgoNJPVWynOFWvWsdQhUQh2J8Clm45UrH5JKYcUNCe9DtR85EqGhpEY_SxbEOfahZJWp6bAxOG98VWDg&google_gid=CAESEFieQMBSZI5GwKtPueZQjX8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:01 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 644894
expires: Sun, 17 Dec 2023 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 1146 43 B
296 B 451ms
61ms Image
image/gif 2600:1f18:445b:903:dce4:98d5:7ff6:aef4
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESECtjo9ssX4edh6bqQcvkdTw&google_cver=1&google_push=AXcoOmQuxyGblteN7iDKJA5rTNgIOYMvHsTXm5Quth2ASCng3dww-UysCbXuqcO5RvM-t1rMgO2tcbHMIus0IXL1htrcgwlNY4y_QvrnF6_qLDE7MbNXZvTEyBv5hmiZPEuyjCzoWHAUbGm6GPQ91smAL-YQDg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:445b:903:dce4:98d5:7ff6:aef4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1146
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEObyvslo9p0RSWfkf8eMIPM&google_cver=1&google_push=AXcoOmQJzCQMVYB54nYnxHVwRfjjvys4hWyI0zOePGqv3a4bXmj8ZOEsoVKjAg9OM0ewI9ACpD3ojUk8NCmC...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJzCQMVYB54nYnxHVwRfjjvys4hWyI0zOePGqv3a4bXmj8ZOEsoVKjAg9OM0ewI9ACpD3ojUk8NCmCsvqiU9SgyxPiVJp80Hpo6H5A7BM5SxmhaqoF...

170 B
188 B

84ms
84ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJzCQMVYB54nYnxHVwRfjjvys4hWyI0zOePGqv3a4bXmj8ZOEsoVKjAg9OM0ewI9ACpD3ojUk8NCmCsvqiU9SgyxPiVJp80Hpo6H5A7BM5SxmhaqoF4LuKheia93hNTznLJ1L1rQokUkyyvGs-ifJirQ

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJzCQMVYB54nYnxHVwRfjjvys4hWyI0zOePGqv3a4bXmj8ZOEsoVKjAg9OM0ewI9ACpD3ojUk8NCmCsvqiU9SgyxPiVJp80Hpo6H5A7BM5SxmhaqoF4LuKheia93hNTznLJ1L1rQokUkyyvGs-ifJirQ
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1146
Redirect Chain

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEBVuFG_o5jy5DpfCWCf5ho0&google_cver=1&google_push=AXcoOmQPBVdvENMnM2FVJ_VZKFtGiJs6zXp8iIyCsJydPKTfrHMTHYe5qq6-pW-WwQq08Vh2djRp3QLBjYVkP2E6ZKOOU...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQPBVdvENMnM2FVJ_VZKFtGiJs6zXp8iIyCsJydPKTfrHMTHYe5qq6-pW-WwQq08Vh2djRp3QLBjYVkP2E6ZKOOUflP9UzhtIAiibpzx6CS_Ruqaa4jSpxVp...

170 B
188 B

83ms
83ms

Image
image/png

142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQPBVdvENMnM2FVJ_VZKFtGiJs6zXp8iIyCsJydPKTfrHMTHYe5qq6-pW-WwQq08Vh2djRp3QLBjYVkP2E6ZKOOUflP9UzhtIAiibpzx6CS_Ruqaa4jSpxVpfVmegAp2oB_y8eaVuYPziWBU6WU9HQozEg&google_hm=f5ef61caefc99d4d20jhxe00lq9snsxh

Protocol

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 17 Dec 2023 18:02:02 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmQPBVdvENMnM2FVJ_VZKFtGiJs6zXp8iIyCsJydPKTfrHMTHYe5qq6-pW-WwQq08Vh2djRp3QLBjYVkP2E6ZKOOUflP9UzhtIAiibpzx6CS_Ruqaa4jSpxVpfVmegAp2oB_y8eaVuYPziWBU6WU9HQozEg&google_hm=f5ef61caefc99d4d20jhxe00lq9snsxh
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1146 0
12 B 84ms
83ms Image
text/html 142.250.65.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L0VmgQcddXK2FwyegIklYaZxKDYRp1DvuPCuL6mLrKyqrO5enj8Q9Byd0_eq4xYBjCVJgs6Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.226 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s73-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 17 Dec 2023 18:02:01 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2C0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
84ms

Document
text/html

2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 18:02:02 GMT
expires: Sun, 17 Dec 2023 18:02:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Dec 2023 18:02:01 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 7066 51 KB
19 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: dgza.mydrawingstar.com
URL: https://dgza.mydrawingstar.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 16 Dec 2023 18:33:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84502
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 15 Dec 2024 18:33:40 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/320045868/ 3 KB
2 KB 89ms
88ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/320045868/?random=1702836122640&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=g7ZkCPe1mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

87aab2ef04320d864d70c0e8264f51aecfdf9593c5d99c3a6e823b89b7382b86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1620
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11007413418/ 3 KB
2 KB 89ms
88ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11007413418/?random=1702836122643&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=SNNLCNuPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

5dc9bfc6ba66029ec052cca035fcf3348d05a20a603a40fa999f283b8a53cf43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/405170755/ 3 KB
2 KB 89ms
88ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/405170755/?random=1702836122647&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=OPZYCKCxwosDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

327986b940750ff7eb70eadc7596d6f73436cf57dc021791c6e018f27d76373f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1626
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/320045868/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=462360730&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/320045868/?random=462360730&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...

42 B
64 B

89ms
89ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/320045868/?random=462360730&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=g7ZkCPe1mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04alBSZ2s4RldDd25YYmd2WDlaTTJqallneHBEaWNDNGxQc2FHSXQ0TGdaUXUwVlZ0T21qOXQ1QSITCJ6q0PGGl4MDFeAQaAgdW6EG3Q&is_vtc=1&ocp_id=mjd_ZZ71KeChoPMP28Ka6A0&cid=CAQSKQAvHhf_ZZ_lj3xo9dWrr46NVR70f3tQ6ox95wNCTrF3EFET4_IByftG&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzimNRXDjGjkknl9URtCTeQijGn6Lw_L40w&random=2121199511

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/320045868/?random=462360730&cv=11&fst=1702836122640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=g7ZkCPe1mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE04alBSZ2s4RldDd25YYmd2WDlaTTJqallneHBEaWNDNGxQc2FHSXQ0TGdaUXUwVlZ0T21qOXQ1QSITCJ6q0PGGl4MDFeAQaAgdW6EG3Q&is_vtc=1&ocp_id=mjd_ZZ71KeChoPMP28Ka6A0&cid=CAQSKQAvHhf_ZZ_lj3xo9dWrr46NVR70f3tQ6ox95wNCTrF3EFET4_IByftG&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzimNRXDjGjkknl9URtCTeQijGn6Lw_L40w&random=2121199511
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/11007413418/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=275128370&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600...
https://www.google.com/pagead/1p-conversion/11007413418/?random=275128370&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3...

42 B
64 B

86ms
86ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11007413418/?random=275128370&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=SNNLCNuPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fSzdMVGdsb3BzMXkzQ05QSXc1X2N5WkNFYUZIYnpaMG42U29FWW8wdkpYN0RZOHl6OFByVExoZyITCIW80PGGl4MDFUWWnwodVNcLbA&is_vtc=1&ocp_id=mjd_ZYWHKsWs_gTUrq_gBg&cid=CAQSKQAvHhf_vbeq0yxxYlroGtGw6qW5pP0lGzCMvHjvNcK65mmPZSIY0nI0&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzj-CZdXd5ze5XKHOghC3s64Ly9Q_cG_QOQ&random=3949181739

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11007413418/?random=275128370&cv=11&fst=1702836122643&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=SNNLCNuPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fSzdMVGdsb3BzMXkzQ05QSXc1X2N5WkNFYUZIYnpaMG42U29FWW8wdkpYN0RZOHl6OFByVExoZyITCIW80PGGl4MDFUWWnwodVNcLbA&is_vtc=1&ocp_id=mjd_ZYWHKsWs_gTUrq_gBg&cid=CAQSKQAvHhf_vbeq0yxxYlroGtGw6qW5pP0lGzCMvHjvNcK65mmPZSIY0nI0&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzj-CZdXd5ze5XKHOghC3s64Ly9Q_cG_QOQ&random=3949181739
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/405170755/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=921948943&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/405170755/?random=921948943&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...

42 B
64 B

89ms
89ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/405170755/?random=921948943&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=OPZYCKCxwosDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOHl1NWNkZFJ2ZXBLZVdXNWk1MXl3YmRyRTVLbENkcklXV2szaTQxMV9WMHIzWE4tY0h3Q25oQSITCLDX0PGGl4MDFeYSaAgdSnEMVw&is_vtc=1&ocp_id=mjd_ZbCiKualoPMPyuKxuAU&cid=CAQSKQAvHhf_CvQcYAZ1SRrmYm-whfFV_5JDKwwWs8gCxfqOH3KgX8St8N4O&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzs1mNaSalK0x3WXD5AAE7ov_3Ju_s1HhAQ&random=1264769605

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/405170755/?random=921948943&cv=11&fst=1702836122647&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=OPZYCKCxwosDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE1fOHl1NWNkZFJ2ZXBLZVdXNWk1MXl3YmRyRTVLbENkcklXV2szaTQxMV9WMHIzWE4tY0h3Q25oQSITCLDX0PGGl4MDFeYSaAgdSnEMVw&is_vtc=1&ocp_id=mjd_ZbCiKualoPMPyuKxuAU&cid=CAQSKQAvHhf_CvQcYAZ1SRrmYm-whfFV_5JDKwwWs8gCxfqOH3KgX8St8N4O&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzs1mNaSalK0x3WXD5AAE7ov_3Ju_s1HhAQ&random=1264769605
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 87F6 42 B
64 B 100ms
100ms Fetch
image/gif 2607:f8b0:4006:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswiRXJI29sjnrAHArFfujuMwTBDJWarOK6IxodEO7eYaADAuihjOh0szbzc06a1qZQcD8xzl5pOR7FWwIGnNlqZToaGE6WY0XsLagV6iAzxZ4EvCNRmiQ0ru3bvap_5VmYbq2kNfrfXFHIITTjIc9pl055&sai=AMfl-YRELSYXQj-85cV9ZrnDOWeZwFlWqEZ7Dx3unEebyYTHLjKku1iat4EfF5JTitOoco_caqaR4v8yHbljAtBolWRWaql-B1TCwlUa81zy6xmXNuAsT47mSRRZlMQ&sig=Cg0ArKJSzDbuDKz4J-AgEAE&cid=CAQSOwAvHhf_wGxt1bvDEYhIz1O1Khs8dUJyeGHQErh9lQ0OcQ_LG9yB3tDIn4tD1tj-4b5e0zAsd4vW1cf_GAE&id=lidar2&mcvt=1001&p=0,0,280,1200&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2620056696&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702836119877&rpt=1866&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/320045868/ 3 KB
2 KB 89ms
87ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/320045868/?random=1702836125640&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=1lsICP-3mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

2a8e22b55009053d4cad8be87b81d8093b8b6ab37d04ab5def27a236ef29378b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1624
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/11007413418/ 3 KB
2 KB 90ms
89ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11007413418/?random=1702836125654&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tluiCOGPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

8f32fbfc591b4942d124017a374490941349bafe14dee2232fccf7f74527f539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1631
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/405170755/ 3 KB
2 KB 86ms
86ms Script
text/javascript 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/405170755/?random=1702836125660&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tY5XCN_m6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&bttype=purchase&auid=1715748006.1702836120&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N4P6FZ3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

34a410e77450e573d7c548e0ada47f1bfd3b002e0bc4b7564a30e9cfc7857ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1625
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/320045868/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/320045868/?random=329324889&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u...
https://www.google.com/pagead/1p-conversion/320045868/?random=329324889&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%...

42 B
64 B

92ms
92ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/320045868/?random=329324889&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=1lsICP-3mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSjNJTExMdkNvcENORk1UdVUtNWF3UDFPdUxWaTFHSTFIQ19lcDF5bGdNLUZzdmk0OG5pdEg5ZyITCIOLiPOGl4MDFciVnwod_xoANw&is_vtc=1&ocp_id=nTd_ZcPIKsir_gT_tYC4Aw&cid=CAQSKQAvHhf_eWXfR0KDDhKPYZoCChZxTjoUnmA4zhPNfzwOfCEEsWj7kG4S&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mztEQhaglptilohwqpppHeBD5G5ysbPxvoQ&random=1437495121

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/320045868/?random=329324889&cv=11&fst=1702836125640&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=1lsICP-3mYcDEKyGzpgB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSjNJTExMdkNvcENORk1UdVUtNWF3UDFPdUxWaTFHSTFIQ19lcDF5bGdNLUZzdmk0OG5pdEg5ZyITCIOLiPOGl4MDFciVnwod_xoANw&is_vtc=1&ocp_id=nTd_ZcPIKsir_gT_tYC4Aw&cid=CAQSKQAvHhf_eWXfR0KDDhKPYZoCChZxTjoUnmA4zhPNfzwOfCEEsWj7kG4S&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mztEQhaglptilohwqpppHeBD5G5ysbPxvoQ&random=1437495121
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/11007413418/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11007413418/?random=2090584290&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=160...
https://www.google.com/pagead/1p-conversion/11007413418/?random=2090584290&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%...

42 B
64 B

91ms
90ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/11007413418/?random=2090584290&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tluiCOGPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05RGRxcGF4U1lYWUdZRFI2MjRJczU3UTdhWWU3MVYzNTRxSVFyZHNZSUpnQnFHTUxFRnVLTDk3QSITCMOxiPOGl4MDFX4NaAgdt_gFVw&is_vtc=1&ocp_id=nTd_ZYPvKv6aoPMPt_GXuAU&cid=CAQSKQAvHhf_VyowH8LFGgDaj2smIfDA36LL88E9dAnyfpwWrYgFSxH6M_mx&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzl6QPB2S9qe3n_8lyTNEpMduU_DpNbLXYA&random=1916186568

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/11007413418/?random=2090584290&cv=11&fst=1702836125654&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tluiCOGPuYQYEKqZ34Ap&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE05RGRxcGF4U1lYWUdZRFI2MjRJczU3UTdhWWU3MVYzNTRxSVFyZHNZSUpnQnFHTUxFRnVLTDk3QSITCMOxiPOGl4MDFX4NaAgdt_gFVw&is_vtc=1&ocp_id=nTd_ZYPvKv6aoPMPt_GXuAU&cid=CAQSKQAvHhf_VyowH8LFGgDaj2smIfDA36LL88E9dAnyfpwWrYgFSxH6M_mx&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzl6QPB2S9qe3n_8lyTNEpMduU_DpNbLXYA&random=1916186568
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.com/pagead/1p-conversion/405170755/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/405170755/?random=1399631206&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&...
https://www.google.com/pagead/1p-conversion/405170755/?random=1399631206&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A...

42 B
64 B

87ms
86ms

Image
image/gif

2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-conversion/405170755/?random=1399631206&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tY5XCN_m6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSFRRXzJXZVgwY29LTnpPS0NtUTdFbV8tLVN1Y3FhYVUwVms2NVBlQU80V05tNUdJd0tzb3lNUSITCL7hiPOGl4MDFeASaAgd5aIHiA&is_vtc=1&ocp_id=nTd_Zf6eK-CloPMP5cWewAg&cid=CAQSKQAvHhf_yPjwM2AdA6iCHLGjdkAdRu7i1jMIk9yAa9GbeT7Bw1yAp-P7&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzs7eBIaHYlBP7NWtPfvVzOE0hD4QOKlFCg&random=4099166811

Protocol

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dgza.mydrawingstar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://www.google.com/pagead/1p-conversion/405170755/?random=1399631206&cv=11&fst=1702836125660&bg=ffffff&guid=ON&async=1&gtm=45He3bt0v854789617&gcd=11l1l1l1l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fdgza.mydrawingstar.com%2F&label=tY5XCN_m6osDEMPUmcEB&hn=www.googleadservices.com&frm=0&tiba=My%20Drawing%20Star&value=1&auid=1715748006.1702836120&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=KAE&pscrd=Ek5DaEFJZ05YNnF3WVFuTURQanRhZzRycFZFaVlBU3g1Y2VlMTc3YUFNNGpEWkRmUnRyU2o5U1dja01USGdyVVlqcm5uWlQ4YXNjdzY4WncaWkNoRUlnTlg2cXdZUWh0WEEtTTdVcGEzVEFSSXVBQkswWE0tSFRRXzJXZVgwY29LTnpPS0NtUTdFbV8tLVN1Y3FhYVUwVms2NVBlQU80V05tNUdJd0tzb3lNUSITCL7hiPOGl4MDFeASaAgd5aIHiA&is_vtc=1&ocp_id=nTd_Zf6eK-CloPMP5cWewAg&cid=CAQSKQAvHhf_yPjwM2AdA6iCHLGjdkAdRu7i1jMIk9yAa9GbeT7Bw1yAp-P7&eitems=ChAIgNX6qwYQr6nA46a_-MQ4Eh0Aut1mzs7eBIaHYlBP7NWtPfvVzOE0hD4QOKlFCg&random=4099166811
content-type: image/gif
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 79ms
79ms Ping
text/plain 2607:f8b0:4006:80d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-0LJR0B3FYM&gtm=45je3bt0v884569042&_p=1702836119328&gcd=11l1l1l1l1&dma=0&cid=1690869007.1702836120&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1702836119&sct=1&seg=0&dl=https%3A%2F%2Fdgza.mydrawingstar.com%2F&dt=My%20Drawing%20Star&_s=3&tfd=7740
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-0LJR0B3FYM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://dgza.mydrawingstar.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 17 Dec 2023 18:02:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://dgza.mydrawingstar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mydrawingstar.com/	1970-01-21 02:36:36	Name: _ga Value: GA1.1.1690869007.1702836120
.mydrawingstar.com/	1970-01-20 19:10:12	Name: _gcl_au Value: 1.1.1715748006.1702836120
.doubleclick.net/	1970-01-21 02:36:36	Name: IDE Value: AHWqTUlLEdUBSFriFhc6s2DEFkRcsKxZ4YVherVY2i6mBW0DGKhQzJlclyZod30Ns44
.mydrawingstar.com/	1970-01-21 02:22:12	Name: __gads Value: ID=66887bf637065c5e:T=1702836120:RT=1702836120:S=ALNI_Mbd1P47fZ3uTbqap5QuwoeGala1xg
.mydrawingstar.com/	1970-01-21 02:22:12	Name: __gpi Value: UID=00000daa6db0c341:T=1702836120:RT=1702836120:S=ALNI_MbhfFA2LdaArdXTq01A4oDqNweNPQ
.adsrvr.org/	1970-01-21 01:47:38	Name: TDID Value: d8bcb307-ce24-4cf8-a296-b2c07f3a902c
.yahoo.com/	1970-01-21 01:46:33	Name: A3 Value: d=AQABBJk3f2UCEH1nkeQP2oEO9N3O61TOQCIFEgEBAQGJgGWJZQAAAAAA_eMAAA&S=AQAAAk9mPqmvjS9Sxrf8DyadATI
.inmobi.com/	1970-01-20 19:10:12	Name: idsp_c Value: 514a1175-0b31-4cec-b655-29852660029b
.bidswitch.net/	1970-01-21 01:46:12	Name: tuuid Value: d6fc6b37-e8cf-443d-80f8-f36841e40675
.bidswitch.net/	1970-01-21 01:46:12	Name: c Value: 1702836121
.bidswitch.net/	1970-01-21 01:46:12	Name: tuuid_lu Value: 1702836121
.travelaudience.com/	1970-01-21 02:32:16	Name: _tracker Value: %7B%22UUID%22%3A%2284FE5728-5BB2-4B56-08D0-E21381FA35AD%22%7D
.zemanta.com/	1970-01-21 01:46:12	Name: zuid Value: ePMhj22hTQX2BvBp2Jj2
.mydrawingstar.com/	1970-01-21 02:36:36	Name: _ga_0LJR0B3FYM Value: GS1.1.1702836119.1.0.1702836121.58.0.0
.adsrvr.org/	1970-01-21 01:47:38	Name: TDCPM Value: CAESFQoGZ29vZ2xlEgsI9OfQ2YnNvzwQBRgFIAIoAjILCPyCqIOgzb88EAU4AQ..
.yandex.ru/	1970-01-21 02:36:36	Name: yuidss Value: 6845770411702836121
.yandex.ru/	1970-01-21 02:36:36	Name: yandexuid Value: 6845770411702836121
.pswec.com/	1970-01-21 02:36:36	Name: tuuid Value: 99bb13f1-6351-4fa7-918b-e4320803cce8
.pswec.com/	1970-01-21 02:36:36	Name: c Value: 1702836122
.pswec.com/	1970-01-21 02:36:36	Name: tuuid_lu Value: 1702836122
ads.travelaudience.com/	1970-01-21 02:32:16	Name: _tracker Value: %7B%22UUID%22%3A%2284FE5728-5BB2-4B56-08D0-E21381FA35AD%22%7D
.doubleclick.net/	1970-01-20 17:00:39	Name: DSID Value: NO_DATA
.mediago.io/	1970-01-21 01:46:12	Name: __mguid_ Value: f5ef61caefc99d4d20jhxe00lq9snsxh
.googleadservices.com/	1970-01-20 19:10:12	Name: ar_debug Value: 1
.owneriq.net/	1970-01-21 02:36:36	Name: si Value: Q7561225221237522120P
.owneriq.net/	1970-01-20 17:15:00	Name: p2 Value: gguuid
.owneriq.net/	1970-01-20 17:15:00	Name: gguuid Value: 1
.innovid.com/	1970-01-20 19:10:12	Name: uuid Value: 0a731e61-4a52-419d-b0ab-2e50a03d35b5-20231217 13:02:02

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.travelaudience.com
ag.innovid.com
an.yandex.ru
analytics.google.com
b1sync.zemanta.com
cm.g.doubleclick.net
dgza.mydrawingstar.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtrace.mediago.io
image.mydrawingstar.com
match.adsrvr.org
mweb.ck.inmobi.com
onetag-sys.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
px.owneriq.net
static.cloudflareinsights.com
stats.g.doubleclick.net
t.pswec.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.176.194
142.250.65.226
184.86.146.172
20.253.86.149
2600:1f18:445b:903:dce4:98d5:7ff6:aef4
2600:1f18:4e9:5a02:66d2:da85:8248:ed74
2606:4700:20::681a:9d4
2606:4700::6810:3965
2607:f8b0:4004:c06::9b
2607:f8b0:4006:806::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80e::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81e::2004
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::200a
2a02:6b8::90
35.190.0.66
35.208.249.213
35.211.178.172
50.31.142.191
51.222.39.185
52.223.40.198
52.70.100.39
74.119.119.150
009089ea247b27421e62b451972e8ccb553f620862a3ae84552ab3ffc382142c
0a10d4f2979176ce9f411d3f09d36a320432a4bf66a62fb7489e6e68dc8aa970
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
106ce215f5e20b1621e83400b24e1d6c6ddcde6a85577f9f26b0342891b79093
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
186119672fe686e51751e806599c95065c5578221adc2323f8b09e88089577c6
1eb43ef485f6abbb66cb6b798621102f5f6ba4ba80ba3093809e41d8a8d9ff92
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2101284c29e6911dc2cd14b0fddddad655e500d51b64a3d55074050b3fdb89b8
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a8e22b55009053d4cad8be87b81d8093b8b6ab37d04ab5def27a236ef29378b
2c6a79d9ea7020bab42f63c35ec6c7c59d03ab88d1d5ed7a9cbf632c1550e885
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
327986b940750ff7eb70eadc7596d6f73436cf57dc021791c6e018f27d76373f
32f55310528de0976edde7cf702a9d5b1ad10d8eaf46be03e25d4ebcbfac7358
34a410e77450e573d7c548e0ada47f1bfd3b002e0bc4b7564a30e9cfc7857ed2
3810033a55d49b3cdea9b7e016f831065a15c6a801bc378c5df97606c3b25dc1
38b0234cdd6589f60ff5e558639943c95b5eeedeb89901646149181b96b8beb7
3b34b9f2bf4fbb8208c3dbdc4c225991c236a2561e71ec01eb7145fa2be19216
3cd66de4a2ac5af093a0933344d61676716cf89f42768947b3996a17ca83bad7
3eb2fbd3fa1ad47f7e92cd8538bda81e30ee1fba2d2c888a9b092bab18d939f7
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5dc9bfc6ba66029ec052cca035fcf3348d05a20a603a40fa999f283b8a53cf43
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622c616f606cf2af8345ff50a4eb0fc928cdb299f2f1539b08a8adfd766dfc84
6ab1e9807e5e64517759ede6c3279a7d67afa8dc6fdd1cfb45a2791e1db49bd3
6c9fd4772cf51cfc0671704a3901bb82bbeeb63641fdb198392df2746b254f55
71d7671eb07ce01a2d5d22a602584a055173ee285a2f20d1bda6236c3ef986b7
72037311a4dfde4d042df73e31b7cbeafc0bdf2aaa605b69aff3326015a396da
72b1ee02861148cea09b936a2f18f80c8bf743be7e1338c8310474be0dc8e894
74e902da7510e538e4949ad6e725dcf9e987381e9b2b565b9249c659e85f9d0c
75742a923ef1b9d65e11731017f4ce816d097184f176e8f1e91a744d99de9cb7
7e14311341d7bad006017ffd740fce2dfa5ae841a0d67debed77550ab065c6fa
8309bd9fd1165cbf561bc356272e48d168900215bbb88f066042a2c8c6dfdedc
846e50b7bb05bf178ea56002276a819a69cd0d40109afe52c2516a10ec988a9d
86b314d66cf4371a39309bf0b086d2a13b561e08f1d88d9d7c8f19142d1a5f86
873aca8311c1e9e03aaf47eeb667c0339f7a93e916c0c8574fec7dbd61075363
87aab2ef04320d864d70c0e8264f51aecfdf9593c5d99c3a6e823b89b7382b86
888324931cbff2be6b8d98fcff8bc91ab0392c4676fbf8cc98ab2d28e1b2b75e
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8f32fbfc591b4942d124017a374490941349bafe14dee2232fccf7f74527f539
94ba7a5dc1b9ef7f00ff51157a06e9c75f52da9bdf04d114c3263c3f98bcc367
965c3eafb9c2829a7a40e73e5a054e6a2837fa70092b7291157224efadd1b24f
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
bacd38eb2e944851d1a5bb2b7867b2902208a3efe9b7f9775598d66688e70b6f
bc894d39284f8ef38ca5e8b4c83cd768812db0c4838e9e5fdda43de183f4ea94
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd5ce0a20248623fbe10d6455446fa616d6fa6983f6e1c0a29c00d3fcbf5f400
d0d3660ffb1d1f9cb6061314bb3cb48e184b85dbb046f9e7fd0d02975a53b9d5
d1c9f4b20b1d90a518789b873cb6c678ff7d9204ac8244d28405f1306e9ebe4e
d293dc6e8650840c51ec4c44a91423732fca2149f048f0b01ef6da6bca5aa1f3
d7bc7e24df748f94d54108e927952feb5d6f4d11c4e274a8111b1080cf39931e
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55df9c6a46d472a4484e09a72747a40364d3df6c0969fbe5a5839b659153c95
e99f4621d0238a6cc90c25dc9a2e3d850a06869e646a9df7d3af7297f55fc74e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5436fc09ee9f3c8c6a039140b81104991939c77115cabe31738d1592b341e57
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f739cc42e64490fe9e1d0e3c5ba7d53f967f24db11c0d06295b2db97116a3a2b
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fcc7e6d9821544a49db3d0d59162f22dd463ed68f36cba36c84b52b0db82410e

dgza.mydrawingstar.com Open in urlscan Pro 2606:4700:20::681a:9d4 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

127 Requests

80 %HTTPS

57 %IPv6

23 Domains

29 Subdomains

19 IPs

3 Countries

1610 kBTransfer

3518 kBSize

28 Cookies

0 Outgoing links

Redirected requests

127 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dgza.mydrawingstar.com Open in urlscan Pro
2606:4700:20::681a:9d4 Public Scan

Screenshot
Live screenshot

Full Image

127
Requests

80 %
HTTPS

57 %
IPv6

23
Domains

29
Subdomains

19
IPs

3
Countries

1610 kB
Transfer

3518 kB
Size

28
Cookies

127 HTTP transactions
1 data transactions