Submitted URL: https://psanaram.com/?h=6ffdfeb&iid=13_62622924_11_6
Effective URL: https://afuncan.com/
Submission: On January 12 via manual from US — Scanned from US

Summary

This website contacted 56 IPs in 8 countries across 61 domains to perform 236 HTTP transactions. The main IP is 2606:4700:3030::ac43:a37a, located in United States and belongs to CLOUDFLARENET, US. The main domain is afuncan.com.
TLS certificate: Issued by E1 on November 29th 2023. Valid for: 3 months.
This is the only time afuncan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 58 2606:4700:303... 13335 (CLOUDFLAR...)
7 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
22 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a02:6ea0:c45... 60068 (CDN77 ^_^)
1 45.60.150.169 19551 (INCAPSULA)
1 151.101.66.137 54113 (FASTLY)
2 151.101.2.137 54113 (FASTLY)
1 104.26.2.18 13335 (CLOUDFLAR...)
1 2600:9000:211... ()
1 1 20.118.40.0 8075 (MICROSOFT...)
1 107.162.133.105 55002 (DEFENSE-NET)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2a04:4e42:1f:... 54113 (FASTLY)
1 23.32.146.239 16625 (AKAMAI-AS)
1 2a00:1169:103... 21499 (GODADDY-SXB)
1 2610:1c8:1b::1 23393 (NUCDN)
2 166.62.10.47 26496 (AS-26496-...)
1 195.148.26.185 1741 (FUNETAS)
1 54.36.91.62 16276 (OVH)
1 141.193.213.20 209242 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.18.25.151 13335 (CLOUDFLAR...)
1 151.101.192.238 54113 (FASTLY)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:2800:220... 15133 (EDGECAST)
1 13.225.63.89 16509 (AMAZON-02)
1 2600:9000:219... 16509 (AMAZON-02)
2 203.107.86.226 37963 (ALIBABA-C...)
6 192.243.59.13 39572 (ADVANCEDH...)
15 2607:f8b0:400... 15169 (GOOGLE)
2 16 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
27 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 142.250.65.198 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 17 142.251.35.162 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
3 4 68.67.178.10 29990 (ASN-APPNEX)
2 5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 35.241.31.249 15169 (GOOGLE)
2 2 151.101.66.49 54113 (FASTLY)
1 1 2600:9000:234... 16509 (AMAZON-02)
1 1 172.105.199.172 63949 (AKAMAI-LI...)
1 1 20.230.171.39 8075 (MICROSOFT...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 74.119.119.150 19750 (AS-CRITEO)
1 1 185.98.54.153 39572 (ADVANCEDH...)
4 142.250.65.194 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.163.155 15169 (GOOGLE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 3.33.220.150 16509 (AMAZON-02)
3 3 35.211.178.172 19527 (GOOGLE-2)
2 2 52.205.240.92 14618 (AMAZON-AES)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 202.233.84.1 131957 (MICROAD M...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
236 56
Apex Domain
Subdomains
Transfer
58 afuncan.com
afuncan.com
3 MB
49 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 140
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
537 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
ad.doubleclick.net — Cisco Umbrella Rank: 199
cm.g.doubleclick.net — Cisco Umbrella Rank: 338
bid.g.doubleclick.net — Cisco Umbrella Rank: 1354
237 KB
19 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
209 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 115
ajax.googleapis.com — Cisco Umbrella Rank: 708
imasdk.googleapis.com — Cisco Umbrella Rank: 639
173 KB
6 washingoccasionally.com
washingoccasionally.com
5 google.com
www.google.com — Cisco Umbrella Rank: 6
865 B
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 173
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 356
4 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194
3 KB
4 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 407
gcdn.2mdn.net — Cisco Umbrella Rank: 1773
r3---sn-q4flrner.c.2mdn.net — Cisco Umbrella Rank: 241727
45 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 271
260 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 590
2 KB
3 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 104
174 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 8090
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 594
917 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1559
s.tribalfusion.com — Cisco Umbrella Rank: 3590
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 1396
907 B
2 adlooxtracking.com
am.adlooxtracking.com — Cisco Umbrella Rank: 148290
data00.adlooxtracking.com — Cisco Umbrella Rank: 17170
27 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
305 B
2 51.la
sdk.51.la — Cisco Umbrella Rank: 55358
collect-v6.51.la — Cisco Umbrella Rank: 51496
13 KB
2 cybotsai.com
cybotsai.com
695 KB
2 infoblox.com
blogs.infoblox.com
85 KB
2 isc2.org
blog.isc2.org
www.isc2.org — Cisco Umbrella Rank: 266750
514 B
2 contentstack.io
images.contentstack.io — Cisco Umbrella Rank: 13258
776 KB
2 shortpixel.ai
sp-ao.shortpixel.ai — Cisco Umbrella Rank: 40220
139 KB
2 securityintelligence.com
securityintelligence.com
132 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 395
82 KB
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 14785
665 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 14049
464 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 819
758 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 10841
336 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 943
363 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 2278
684 B
1 walmart.com
beacon.walmart.com — Cisco Umbrella Rank: 9263
978 B
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 9734
640 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 1340
724 B
1 f5.com
www.f5.com — Cisco Umbrella Rank: 386136
119 KB
1 helpnetsecurity.com
img2.helpnetsecurity.com
106 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1030
101 KB
1 deepwatch.com
www.deepwatch.com
42 KB
1 squarespace-cdn.com
images.squarespace-cdn.com — Cisco Umbrella Rank: 8563
92 KB
1 mdpi.com
www.mdpi.com — Cisco Umbrella Rank: 100012
211 KB
1 crowdstrike.com
www.crowdstrike.com — Cisco Umbrella Rank: 271744
251 KB
1 defencelogic.io
defencelogic.io
1 exabeam.com
www.exabeam.com
17 KB
1 nucleon-security.com
nucleon-security.com
35 KB
1 jamk.fi
cs4e.pages.labranet.jamk.fi
42 KB
1 comodo.com
techtalk.comodo.com
786 KB
1 rhebo.com
rhebo.com
193 KB
1 s81c.com
dw1.s81c.com
141 KB
1 trellix.com
www.trellix.com — Cisco Umbrella Rank: 469637
23 KB
1 wixstatic.com
static.wixstatic.com — Cisco Umbrella Rank: 8129
57 KB
1 sentinelone.com
www.sentinelone.com — Cisco Umbrella Rank: 427815
186 KB
1 contentstack.com
eu-images.contentstack.com — Cisco Umbrella Rank: 57017
26 KB
1 varonis.com
info.varonis.com
55 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
90 KB
1 best10.club
best10.club
444 B
1 psanaram.com
psanaram.com
493 B
0 rackfoundry.net Failed
anomali.cdn.rackfoundry.net Failed
0 securitytrails.com Failed
assets.securitytrails.com Failed
236 61
Domain Requested by
58 afuncan.com 1 redirects afuncan.com
27 tpc.googlesyndication.com googleads.g.doubleclick.net
afuncan.com
tpc.googlesyndication.com
imasdk.googleapis.com
pagead2.googlesyndication.com
22 pagead2.googlesyndication.com afuncan.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
17 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
afuncan.com
16 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.gstatic.com googleads.g.doubleclick.net
7 fonts.googleapis.com afuncan.com
googleads.g.doubleclick.net
6 fonts.gstatic.com fonts.googleapis.com
6 washingoccasionally.com afuncan.com
5 www.google.com 2 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
4 csi.gstatic.com imasdk.googleapis.com
4 www.googleadservices.com afuncan.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 x.bidswitch.net 3 redirects
3 i.ytimg.com afuncan.com
2 r3---sn-q4flrner.c.2mdn.net afuncan.com
2 ads.creative-serving.com 2 redirects
2 match.adsrvr.org 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 ad.doubleclick.net afuncan.com
2 www.google-analytics.com www.googletagmanager.com
2 cybotsai.com afuncan.com
2 blogs.infoblox.com afuncan.com
2 images.contentstack.io afuncan.com
2 sp-ao.shortpixel.ai afuncan.com
2 securityintelligence.com afuncan.com
2 cdnjs.cloudflare.com afuncan.com
cdnjs.cloudflare.com
1 gcdn.2mdn.net 1 redirects
1 ius.ctnsnet.com 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 s.tribalfusion.com afuncan.com
1 a.tribalfusion.com 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 collect-v6.51.la sdk.51.la
1 s.uuidksinc.net 1 redirects
1 dis.criteo.com googleads.g.doubleclick.net
1 ums.acuityplatform.com 1 redirects
1 beacon.walmart.com 1 redirects
1 a.c.appier.net 1 redirects
1 d.agkn.com 1 redirects
1 data00.adlooxtracking.com am.adlooxtracking.com
1 s0.2mdn.net googleads.g.doubleclick.net
1 am.adlooxtracking.com afuncan.com
1 ajax.googleapis.com afuncan.com
1 sdk.51.la afuncan.com
1 www.f5.com afuncan.com
1 img2.helpnetsecurity.com afuncan.com
1 pbs.twimg.com afuncan.com
1 www.deepwatch.com afuncan.com
1 images.squarespace-cdn.com afuncan.com
1 www.mdpi.com afuncan.com
1 www.crowdstrike.com afuncan.com
1 defencelogic.io afuncan.com
1 www.exabeam.com afuncan.com
1 nucleon-security.com afuncan.com
1 cs4e.pages.labranet.jamk.fi afuncan.com
1 techtalk.comodo.com afuncan.com
1 rhebo.com afuncan.com
1 dw1.s81c.com afuncan.com
1 www.trellix.com afuncan.com
1 www.isc2.org afuncan.com
1 blog.isc2.org 1 redirects
1 static.wixstatic.com afuncan.com
1 www.sentinelone.com afuncan.com
1 eu-images.contentstack.com afuncan.com
1 info.varonis.com afuncan.com
1 www.googletagmanager.com afuncan.com
1 best10.club 1 redirects
1 psanaram.com 1 redirects
0 anomali.cdn.rackfoundry.net Failed afuncan.com
0 assets.securitytrails.com Failed afuncan.com
236 75

This site contains no links.

Subject Issuer Validity Valid
afuncan.com
E1
2023-11-29 -
2024-02-27
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
edgestatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
securityintelligence.com
E1
2024-01-06 -
2024-04-05
3 months crt.sh
sp-ao.shortpixel.ai
R3
2024-01-09 -
2024-04-08
3 months crt.sh
imperva.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4
2023-12-31 -
2024-06-28
6 months crt.sh
*.contentstack.com
Gandi Standard SSL CA 2
2023-07-03 -
2024-08-02
a year crt.sh
*.contentstack.io
Gandi Standard SSL CA 2
2023-04-05 -
2024-05-05
a year crt.sh
sentinelone.com
Cloudflare Inc ECC CA-3
2023-04-09 -
2024-04-08
a year crt.sh
*.wixstatic.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-01 -
2024-06-29
6 months crt.sh
www.trellix.com
Sectigo ECC Organization Validation Secure Server CA
2023-08-24 -
2024-08-23
a year crt.sh
blogs.infoblox.com
R3
2023-11-16 -
2024-02-14
3 months crt.sh
dw1.s81c.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-18 -
2024-06-18
a year crt.sh
rhebo.com
Starfield Secure Certificate Authority - G2
2023-12-27 -
2025-01-16
a year crt.sh
*.comodo.com
Sectigo RSA Organization Validation Secure Server CA
2023-06-27 -
2024-06-26
a year crt.sh
cybotsai.com
Go Daddy Secure Certificate Authority - G2
2023-01-26 -
2024-02-27
a year crt.sh
gitlab.labranet.jamk.fi
GEANT OV RSA CA 4
2024-01-05 -
2025-01-04
a year crt.sh
nucleon-security.com
R3
2023-11-25 -
2024-02-23
3 months crt.sh
www.exabeam.com
Cloudflare Inc ECC CA-3
2023-06-16 -
2024-06-14
a year crt.sh
defencelogic.io
GTS CA 1P5
2023-12-10 -
2024-03-09
3 months crt.sh
crowdstrike.com
Cloudflare Inc ECC CA-3
2023-11-27 -
2024-11-26
a year crt.sh
mdpi.com
ZeroSSL RSA Domain Secure Site CA
2023-12-04 -
2024-03-03
3 months crt.sh
*.squarespace-cdn.com
R3
2023-12-02 -
2024-03-01
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
img2.helpnetsecurity.com
Amazon RSA 2048 M01
2023-07-14 -
2024-08-11
a year crt.sh
author-www.f5.com
Entrust Certification Authority - L1M
2023-12-20 -
2025-01-20
a year crt.sh
*.51.la
GlobalSign GCC R3 DV TLS CA 2020
2023-04-20 -
2024-05-21
a year crt.sh
washingoccasionally.com
R3
2023-12-06 -
2024-03-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
adlooxtracking.com
GTS CA 1P5
2023-11-27 -
2024-02-25
3 months crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.adlooxtracking.com
R3
2023-12-18 -
2024-03-17
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-12-01 -
2024-03-01
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018
2023-10-03 -
2024-11-03
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2024-01-02 -
2024-03-12
2 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 23 frames:

Primary Page: https://afuncan.com/
Frame ID: 12BA9CABA36B5367BC2419146DCBD7C0
Requests: 114 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 83DA6C972B8CBCC1E69BEDF8A73EF0B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&adk=2020088507&adf=637443794&lmt=1705072307&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fafuncan.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306923&bpp=22&bdt=651&idt=436&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3357768762848&frm=20&pv=2&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=465
Frame ID: C6D595012F5D4BCD1D3AD9F977FDA35D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Frame ID: EC264F83D368CE4272271604CE46236E
Requests: 15 HTTP requests in this frame

Frame: https://afuncan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: A2F0428DFF9A6F1E263E8EE8B4716065
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Frame ID: 693DCB5D0E9CD7C990F197375B1E0B12
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Frame ID: 6776DD2744D685EFB2BCFF4FFDB73862
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Frame ID: 8B6DF8FDCA0E6E26A6C364D4185A2DAB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 1B1A6DBE2BCD83DF3760ABE86C151B73
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 889206658554AA199F632E6D2639B145
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvy9QIQ8YXb8wEYwPjV2wEwAQ&v=APEucNVLJi2qP3h8L_8eHNW7Wv5Cf5px4fB79QvlQC1vpixXYtB0YEeohABWKaRDygPgHeN62YUcMgktQtwx9wwVyaIuKYU7fg
Frame ID: 6D19B47BF23779BB7F19BDB34EC7BA86
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 91EA7A0EEAE140AFAEC31750C0443A72
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 135DBE8E73FF561B2AA557AB0D853219
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1E92C34E347DB91E0A637B47421BBDA5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Frame ID: 4054A104D1951C34B1EC4CE7F8289F0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CDD9C4465D1492FEC7B60C469FA069CB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 265F10DAD3315931B3599656AD12450E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Frame ID: 236F1F47C40E10C69EA0E912B6D2849D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 96CD3A21787A3D8A0EA881F00B1F7827
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Frame ID: A67170D14A13A571DCB9F91DF93F478E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 855F9F40A12D407DB994A6C2E4986F21
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 00A2ABE89C32CF40AC5C0ADC8D6457A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2475BF6CD835421C1A4F00626C362851
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

AFunCan.com | Play HTML5 Games

Page URL History Show full URLs

  1. https://psanaram.com/?h=6ffdfeb&iid=13_62622924_11_6 HTTP 302
    https://best10.club/category.php/difference+between+cyber+kill+chain+and+mitre+att%26ck/?v=bc_v2_5 HTTP 302
    https://afuncan.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

236
Requests

90 %
HTTPS

51 %
IPv6

61
Domains

75
Subdomains

56
IPs

8
Countries

9610 kB
Transfer

12828 kB
Size

52
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://psanaram.com/?h=6ffdfeb&iid=13_62622924_11_6 HTTP 302
    https://best10.club/category.php/difference+between+cyber+kill+chain+and+mitre+att%26ck/?v=bc_v2_5 HTTP 302
    https://afuncan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://blog.isc2.org/.a/6a00e54f109b6788340240a50c14a8200b-pi HTTP 301
  • https://www.isc2.org/insights
Request Chain 110
  • https://afuncan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://afuncan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Request Chain 146
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7B8D6usTuUHayxnm6IEyk&google_cver=1
Request Chain 147
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFWtPAYz1ZoobFexL5FVgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTONTzmPG8kSq75r7yp-ts&google_cver=1
Request Chain 148
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAScdM6aB1Tr-N0DZyUS7d8&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAScdM6aB1Tr-N0DZyUS7d8%26google_cver%3D1
Request Chain 149
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyNjc1MjQ3MzEzODA2NTA0OQ%3D%3D
Request Chain 160
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 186
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEF96dXXxDceIsSoV1H_fyp4&google_cver=1&google_push=AXcoOmQKbxxgbM80cMahGcdtL9osgv-Y3VuqS616vTLDn1dqBRPt7zLH1RkmIH81aHv0hJCLtubVK-YzEKcaSZ-tuVg7MYBkRJryZt5k9CJitojkJC32gKYqXDenNHLKPPWgQozPofEcnL87DqCqlGGjoHtH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF96dXXxDceIsSoV1H_fyp4&google_push=AXcoOmQKbxxgbM80cMahGcdtL9osgv-Y3VuqS616vTLDn1dqBRPt7zLH1RkmIH81aHv0hJCLtubVK-YzEKcaSZ-tuVg7MYBkRJryZt5k9CJitojkJC32gKYqXDenNHLKPPWgQozPofEcnL87DqCqlGGjoHtH
Request Chain 187
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEHwGIgh8RY1AX4OwnIJGBfI&google_cver=1&google_push=AXcoOmSTDTt-gW1fwqKO08ruLnKKEVy_tf_lv_nRPSYFYSBCK7I5HVWs9XLApDONC5NeMwVa3bXcJV-6UorLcVS5JnUvltDArm0iIv2aTVx3BTPl7j6QGRkW5qphS6ek2VI-A4qNpDWnSEdm-xGHlC3aXQf3Fg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSTDTt-gW1fwqKO08ruLnKKEVy_tf_lv_nRPSYFYSBCK7I5HVWs9XLApDONC5NeMwVa3bXcJV-6UorLcVS5JnUvltDArm0iIv2aTVx3BTPl7j6QGRkW5qphS6ek2VI-A4qNpDWnSEdm-xGHlC3aXQf3Fg&google_hm=Q0FFU0VId0dJZ2g4UlkxQVg0T3duSUpHQmZJ
Request Chain 188
  • https://a.c.appier.net/gcm?google_gid=CAESEGtvr8cBotEBDgyBRsxXib4&google_cver=1&google_push=AXcoOmST20yiBig3unl4qepnKO3d_EP_XezlIev6e6lBAOiCQDVInD6WFHOwLtz23TIHHSA7PkpqXeetAPALMgcUxnss70pRDR7Cdj--MOFpEZUirsgkclE4UsiLe9n4xRYqIsxj_K22vBOP3QzHucd6NuKj HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VzltcF9rbmlCSWlxTDdEZXRWYWhaUQ%3D%3D&google_push=AXcoOmST20yiBig3unl4qepnKO3d_EP_XezlIev6e6lBAOiCQDVInD6WFHOwLtz23TIHHSA7PkpqXeetAPALMgcUxnss70pRDR7Cdj--MOFpEZUirsgkclE4UsiLe9n4xRYqIsxj_K22vBOP3QzHucd6NuKj
Request Chain 189
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEAyTHlQzUeSovVH6gGEkyU4&google_cver=1&google_push=AXcoOmROz4cd__Y6fycAJ6SPtAzS-HSGr_uEwTHNesdREOhMWe4gQCkyYA20Qe7AIUWTsULUSCIU10MmKPqTMZzT3roC7V7L0QnbQMo1kEgas5PpEc-gJYLhiIh8gFDR8cI1ia57Ulr-H9Tk1h0Oo5kRG-dnOw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Zyk2OaKdbqbsT-K_Krkapw&tap=gAds&google_gid=CAESEAyTHlQzUeSovVH6gGEkyU4&google_cver=1&google_push=AXcoOmROz4cd__Y6fycAJ6SPtAzS-HSGr_uEwTHNesdREOhMWe4gQCkyYA20Qe7AIUWTsULUSCIU10MmKPqTMZzT3roC7V7L0QnbQMo1kEgas5PpEc-gJYLhiIh8gFDR8cI1ia57Ulr-H9Tk1h0Oo5kRG-dnOw
Request Chain 190
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEByXQbyPiFIC-_Co5iVKaPQ&google_cver=1&google_push=AXcoOmQvWUiql7UNHpagxc4bs-iW62O5SPAj8_3dQfrKWvFjp9f8KxAX842taLMiS936_A5LIrLCTDJpj7u_K46k9O1-trBGWcXQPDYSdjYHgHfuYq8CxYQarJNAfSppa8hh8mU3IFCcIDFRcmsMhuPEdukS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876077944077&us_privacy=1---
Request Chain 192
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENohC6eVxsepDLXl6TkBuQg&c_param1=AXcoOmQrJs-jNLEXNd8E8GRk-aTGlwocY8ruPjcnjutgjvr0DMNq3VyDucXLnQ33l-aV8bcwLx6rA4zb7Bh_TWVCIJH6YIfoFuTkg9Rhj2rVxaKsP7R14hQF9L8ANobcDASkp5jG0G6WpehUvZWgh8OKa3VPdQ&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQrJs-jNLEXNd8E8GRk-aTGlwocY8ruPjcnjutgjvr0DMNq3VyDucXLnQ33l-aV8bcwLx6rA4zb7Bh_TWVCIJH6YIfoFuTkg9Rhj2rVxaKsP7R14hQF9L8ANobcDASkp5jG0G6WpehUvZWgh8OKa3VPdQ
Request Chain 194
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CjJsss1ahZbL_HfOOur8PhLGJkAOH36mDdbvLhoWoErCQHxABILLCpCVgyYaAgNyjxBCgAf3z2N0oyAEBqAMByAPLBKoEvQFP0KCN8d4UOjLOQbuPlIwUMhYaRMtkhz3S6am2DwseYnQF9uBBYf6o-tAlb4r_R0luqzoqs1bX4nlkfnVT5xcMUS8UKSs_VKNyT3Oi_sZN1F_GVRGRFF7LmVXPcbZqYtoJWG_8UaC39uGKocMlFS4duHexUT6gn6bInaIaB3BaAHGPkDP7C5VaKJk0HmICYhusJZ544lkZlI9FbBCsFAxhKQVVUwrf9Cz0ahw3VLb0XMQCfRDF7Cd3d7wA6nLABL2ht-O9BIgF16-J7k2SBQQIBBgBkgUECAUYBIAH_aupvQOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDFsRzSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WKatz6mR2IMDmgmfAWh0dHBzOi8vd3d3Lm92ZXJ3b2xmLmNvbS9vbmVhcHAvVGh1bmRlcnN0b3JlLVRodW5kZXJzdG9yZV9Nb2RfTWFuYWdlcj9QYXJ0bmVySWQ9NDQzNSZ1dG1fc291cmNlPWQmdXRtX21lZGl1bT1jcGMmdXRtX2NhbXBhaWduPTIwOTAwMzcwMzkxJnV0bV90ZXJtPTE1NDAyMjAzOTc0MYAKAcgLAdoMEQoLENCd2YHW5IGTwQESAgED2BMNiBQE0BUBgBcBshccChoIABIUcHViLTkwNjA4NTUzMjc4MDAxNTQYAA&sigh=U1dv-8FxBaI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_5pWG9WOU3IKXE8djO6AfE2w_AG6a5YP92OVzML-tRX6KJ0UpFrQm20R9ljv62F1GMkntv1BukwJ7b7uRiB6EM9FmiQ3N1e8BOeQYAQ&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2206f81fcb9198330000000000000000%22,%222%22:%220x245faec13be4433a0000000000000000%22,%223%22:%220x10264687308894ff0000000000000000%22,%224%22:%220xb9cc1fec7735c2b20000000000000000%22,%225%22:%220xc2c119d4d10f633c0000000000000000%22},%22debug_key%22:%2218443523003357781447%22,%22debug_reporting%22:true,%22destination%22:%22https://overwolf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210933910013%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221123693984398318881%22}&andc=true
Request Chain 195
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 208
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKHXIQckclBGpLwYfN8qXJc&google_cver=1&google_push=AXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKHXIQckclBGpLwYfN8qXJc&google_cver=1&google_push=AXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 209
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHzmOqLixT9gLR8Jija-kjg&google_cver=1&google_push=AXcoOmRK1kA0A5JDm4D1wkibsVt5ys3RgXxDHqmKKQUNcr8usNswf3FSG2EI2-T-5G_tIGwHxRStrQEhwhHADujDPAxtLqJR3yB5-mCKiosovLjDVnr7dnHwzGtxivxoFPZiyvr4gGz5-BCVDZGV4LwvAtje HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFGV3RRQU4yYUR2NFFBTQ==&google_gid=CAESEHzmOqLixT9gLR8Jija-kjg&google_cver=1&google_push=AXcoOmRK1kA0A5JDm4D1wkibsVt5ys3RgXxDHqmKKQUNcr8usNswf3FSG2EI2-T-5G_tIGwHxRStrQEhwhHADujDPAxtLqJR3yB5-mCKiosovLjDVnr7dnHwzGtxivxoFPZiyvr4gGz5-BCVDZGV4LwvAtje
Request Chain 210
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOd_cGcIWdxgPnfree-OzxY&google_cver=1&google_push=AXcoOmTfSuY5D_iqOIoMgsSYQ00-5_yd_SL0UiURBSsto8scigJCJrQNkFmDFkOvmgbui5xvv94Ysokt17a8AiNTDcFsJuDHzTghFWmQ0U49BaOknbiaT-vt2Y2QGdJ-E9C2TVsuFt82z73ADHZ1_Cxbxk51 HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEOd_cGcIWdxgPnfree-OzxY&google_cver=1&google_push=AXcoOmTfSuY5D_iqOIoMgsSYQ00-5_yd_SL0UiURBSsto8scigJCJrQNkFmDFkOvmgbui5xvv94Ysokt17a8AiNTDcFsJuDHzTghFWmQ0U49BaOknbiaT-vt2Y2QGdJ-E9C2TVsuFt82z73ADHZ1_Cxbxk51 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWY2ZTc0N2EtNjU3Ny00MTNjLTkzNTYtMTVlZjcyMTVkMWRj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ef6e747a-6577-413c-9356-15ef7215d1dc
Request Chain 211
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBXO1ShFlZHd6yj2Uw0u6IA&google_cver=1&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-29P0Of3CIEW45vBL8msUow_mMIwHzRaWbpkFj5mh-qVo2Bhwg7R-olHti4bWKVSKCA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBXO1ShFlZHd6yj2Uw0u6IA&google_cver=1&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-29P0Of3CIEW45vBL8msUow_mMIwHzRaWbpkFj5mh-qVo2Bhwg7R-olHti4bWKVSKCA HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=7b385344-a35d-4f90-82c8-db0333f5a652&gdpr=&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=7b385344-a35d-4f90-82c8-db0333f5a652&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=95b28aff-0d1f-4e8e-b542-831754e1a9bd&ssp=google&expires=30&user_group=5&bsw_param=7b385344-a35d-4f90-82c8-db0333f5a652 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-29P0Of3CIEW45vBL8msUow_mMIwHzRaWbpkFj5mh-qVo2Bhwg7R-olHti4bWKVSKCA&google_hm=ezhTRKNdT5CCyNsDM_WmUg==
Request Chain 212
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIKTBH4xkNWrpAM65mws-Q0&google_cver=1&google_push=AXcoOmRhKXw-EFEBCI3b3hpvKDRSrIhVP1Pjs09eIFx2b-oixdqQpN0Bv7Voy0E5euQNuCTZXV5BrPjRc-z5Dg4xWVuh_QOv4tIQUYSp3qSD0H4kzXr6MSUT3cGVr3BF_xnOraXRTXl-YznjkLgrv0BAauGQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhKXw-EFEBCI3b3hpvKDRSrIhVP1Pjs09eIFx2b-oixdqQpN0Bv7Voy0E5euQNuCTZXV5BrPjRc-z5Dg4xWVuh_QOv4tIQUYSp3qSD0H4kzXr6MSUT3cGVr3BF_xnOraXRTXl-YznjkLgrv0BAauGQ&google_hm=eS00ajloZTBGRTJwRTJxbVp6aS5IdW5pQ0h6VDluX05ESn5B
Request Chain 214
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEACrHrATgM_8jxUTOZghE6E&google_cver=1&google_push=AXcoOmRedHWDS5bkE_Kw5fILonDXFYXJfBkHcbI2egru-IOfX5lAlFfh2wnKP5LoUwXs5j59QsEkb5MxS0bnRpverHU9Pd5aJAFAXFl3cGYJiWlgyTkoL4KOKm1Fa3Sshvrpi3mug-6ReizGvbQZ7ind78T6Ag HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRedHWDS5bkE_Kw5fILonDXFYXJfBkHcbI2egru-IOfX5lAlFfh2wnKP5LoUwXs5j59QsEkb5MxS0bnRpverHU9Pd5aJAFAXFl3cGYJiWlgyTkoL4KOKm1Fa3Sshvrpi3mug-6ReizGvbQZ7ind78T6Ag&google_hm=U4KYHhlFRkKx2jEs-koss0Q
Request Chain 217
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cp52ItFahZeqcFMbHkPIP78mj8AqssqyTda_CuejhEZnQ17WcNhABILLCpCVgyYaAgNyjxBCgAaXavooDyAEBqAMByAPLBKoExQFP0H4tX6f9zxQeLSSRSuRsqa22O8AvLzYsWq0Rdot8iofX77dRgBERNR3e-PKDgQRrccM0sXuxFSMZztJMJz1iZ0WUQ_ZZYRkcvm-N5Xf73o2pMWxai8sZXoW5GLkzLjaJVG8jeJk-s_x7ai1xYizw2A_q4EbmQvovvK-mK30nRwmPgnG7QLuOvN3XyZHShPXvtPdhhIjMxhRi66QW4jtMwNgFaGRINoxpLXa7c7nzf9Dyxs3cFlyBTTpL1DwYuyum7QZ1gMAE7oLBzssBiAXX4N7qA5IFBAgEGAGSBQQIBRgEgAeNn4V3qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQkrEF0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOljAw4KqkdiDA5oJJmh0dHBzOi8vd3d3LmZyZWUtcGRmLXByby5jb20vbHBzL3BkZnQvgAoByAsB2gwQCgoQoKfe74mlosxTEgIBA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi05MDYwODU1MzI3ODAwMTU0GAA&sigh=lEO1CnuFhIU&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwAvHhf_8t88sI-LSFJxKIBJh9rN2YX2qVRmxipZ2MsWksMGqgKkeFoGlFcoZJSl0cRkE3Pbqvlhz2UWGAE&template_id=5001&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc25f35ae23c572bc0000000000000000%22,%222%22:%220x9c5078d6db8677e40000000000000000%22,%223%22:%220xcd14704688b08a4e0000000000000000%22,%224%22:%220xedacc8d24171ad1a0000000000000000%22,%225%22:%220xa6cff1d7135dbcfd0000000000000000%22},%22debug_key%22:%226277504843992472831%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226581919244049926881%22}&andc=true
Request Chain 220
  • https://gcdn.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/7162813D77D44896793A433858CE642627694ECF.136AE47C0A032D998D0DE5A46BD74098E4ECD0C3/key/ck2/file/file.mp4 HTTP 302
  • https://r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0784086A9F6D2AB102658515097997A152E510E2.4C5FF4AA41EBCE8967F7535722A2D69776CF487D/key/cms1/cms_redirect/yes/mh/2X/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4flrner/ms/onc/mt/1705071074/mv/u/mvi/3/pl/48/file/file.mp4

236 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
afuncan.com/
Redirect Chain
  • https://psanaram.com/?h=6ffdfeb&iid=13_62622924_11_6
  • https://best10.club/category.php/difference+between+cyber+kill+chain+and+mitre+att%26ck/?v=bc_v2_5
  • https://afuncan.com/
53 KB
8 KB
Document
General
Full URL
https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d98cebba6e6f64ced2df10ebf5f6fa5061e6e66e691b36003e71ba30685c3cf8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
844655784ce0d9c9-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 15:11:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r7wdAefYMShtLQBh3DW2lazfT0nIt9YBplvzb%2BOI3UXdLDB1l5dPp1Ay%2F%2FfNuc2j6Lhb4R5BmCgdpQyBj1SDUtYwHQbsCu%2FO47hYkNLEHR%2FK3no%2Br7%2FikmYeW7EfP2%2FtqnvMQ7qHEJsxew%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84465573ab0a4c00-MIA
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 15:11:45 GMT
location
https://afuncan.com
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k4O3AdUrEewmR%2BmAhZ7I7rSR%2FD57%2FcfcfymnIxX8E7gxV3Uk36GBzsyc85c2nAiWaKRX0L%2FM%2Blybr35uJZzjSvq7h%2BV8ga78b25hmIAQ9uJ9D%2B1%2F2Fx13%2BdhuKUUdJQVBlPIdrsTMWMPbw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/
3 KB
653 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:27:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:46 GMT
css
fonts.googleapis.com/
3 KB
995 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:38:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:46 GMT
bootstrap.min.css
afuncan.com/content/themes/dark-grid/style/
157 KB
25 KB
Stylesheet
General
Full URL
https://afuncan.com/content/themes/dark-grid/style/bootstrap.min.css
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d5ccef11c5234683e4bfe39d86b125b5bf31e76b9f83dbcde8213a41e9d77a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1444
etag
W/"27200-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNQxtjpC4%2Ffa4bm8Ee9mtiSRB7%2Bb9GZ%2FrJKtqCLSfLUQxhZAog%2BCGZlcgkDlxhdj7lmQAkIbw2ukpMDIz8EmUpGapuVt0K7Ph9Y5pq5inW76JTSq%2F5O8PwvzJigjjjTLLm2GnPExLQX4Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8446557a5f7cd9c9-MIA
alt-svc
h3=":443"; ma=86400
jquery-comments.css
afuncan.com/content/themes/dark-grid/style/
17 KB
4 KB
Stylesheet
General
Full URL
https://afuncan.com/content/themes/dark-grid/style/jquery-comments.css
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67855c0d2a4268115d80070d95185987c364e6ed8447358fb39780d0313c0ace

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1444
etag
W/"421b-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qKGWGcuGvghnrDMQgchY%2FnRMrZktunXeg0N69O%2BJfW3CkKg7wqhUfV57VOZZevsCvz%2B3QH%2F8qW0sEpyfUgAonWHZfp%2Bh9%2BfUSt02PHQIndoHPRLxgqluaVcJdC7RWiPtoEf%2FUdSgbJio6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8446557a5f80d9c9-MIA
alt-svc
h3=":443"; ma=86400
user.css
afuncan.com/content/themes/dark-grid/style/
3 KB
1 KB
Stylesheet
General
Full URL
https://afuncan.com/content/themes/dark-grid/style/user.css
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4421789f5871002698f84c2873e40ca98797ed85c785413e0bc525703a623602

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1444
etag
W/"b41-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmYz9MKL6%2BZ5WBGM1PFqf2RHQ%2FPTw9cdqTCPlYeFcV5aL3KqwDtzzo3r6yDdjQdK%2FXDAI2WJfDjEQinn2vq9o5bY9HhzesmvtY2%2FpG0JVHb%2FqSvurm1%2Br443XdatXfO6wHa9%2FCJcRv1Weg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8446557a5f81d9c9-MIA
alt-svc
h3=":443"; ma=86400
style.css
afuncan.com/content/themes/dark-grid/style/
10 KB
3 KB
Stylesheet
General
Full URL
https://afuncan.com/content/themes/dark-grid/style/style.css
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6386b0efc8c35b4a0c0bb5ecf673ccc4750380669d77d16ecfbecc03ea0b207d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 19 May 2023 02:10:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1444
etag
W/"2768-5fc026cea93c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AaFvbjPeQk9TkQzYI76Tz%2BoQo2HrrFp%2F%2FdhaXg51upWp2LJkE%2BZhkzuou7L1ozFpFeEYzTiAI8qPN4MuvOOiBJdL57ei4FGAuOh2vUWI5z%2FBHMLlukwbEdu9jrJiPNXnfBJyWL3W37e5KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8446557a5f83d9c9-MIA
alt-svc
h3=":443"; ma=86400
custom.css
afuncan.com/content/themes/dark-grid/style/
128 B
408 B
Stylesheet
General
Full URL
https://afuncan.com/content/themes/dark-grid/style/custom.css
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80aa1939fa8cbb3dd8f0880ebe4f07039923e7355890fca13f2e362fa42e5ee4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1444
etag
W/"80-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GDyRY6LCSwRylXXfGlyxBrF6hD83VJqrKfJmNo8xbisklx%2F9g3RiAXiF%2Fs8zwjhqgsPqQwTGFL8kp6%2FfJ3aIPmpVvuVg%2BGdU3eOsOUE71jJv5eDF5hm76Six8CKYyrWMo8rxonBfOPq%2Bow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8446557a5f84d9c9-MIA
alt-svc
h3=":443"; ma=86400
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1224928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z%2BYrNSPHM6pmAzs9P5folo0SrCFUpq%2BP7qMqkTZvoMsqzH2CTPFQUZmykQwkQU1PJZRsA54uf34BMmDfSqg%2B1UYbW0Zmba6oELF8dmPZjEebWpEO%2FNx3fJT0bsMuxiZ%2FHgcKKXPPRe7fahkvsMdPjfo"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8446557acc583708-MIA
expires
Wed, 01 Jan 2025 15:11:46 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
147 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9060855327800154
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a814007a4f63905bc0a163bffdb39469a153fcc6097497faaf51cb007d108f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Origin
https://afuncan.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51368
x-xss-protection
0
server
cafe
etag
2043018979125164715
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:46 GMT
js
www.googletagmanager.com/gtag/
270 KB
90 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JPJFVSE5RF
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2008 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ef441ee5fe05afbf37cb08967afead776802277a9553890f54cfded072a551ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92045
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 12 Jan 2024 15:11:46 GMT
a-logo.png
afuncan.com/images/
4 KB
4 KB
Image
General
Full URL
https://afuncan.com/images/a-logo.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63bebcc290548f2787451225dbbb18821a960500580bda3e4bd9e46c38fbf4dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Apr 2023 03:17:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1444
etag
"ead-5f8deb3f29140"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnY251r7%2FFqixnZaGlVV843zOVrLlN7LvoLNNm2NMhEnnzEEXEsEeFAxyZAZfCYp1Cn9W5Iz0Gk76JdtvPISNt2W7TBWrcMzCMiqhH6u1pFTfK0UGJ2Xq5CqDfbJzf8czF%2F4kGQqOSFtUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557a5f85d9c9-MIA
alt-svc
h3=":443"; ma=86400
content-length
3757
maxresdefault.jpg
i.ytimg.com/vi/qGTjYVLhy5Y/
78 KB
79 KB
Image
General
Full URL
https://i.ytimg.com/vi/qGTjYVLhy5Y/maxresdefault.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2016 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5efb971a1819b18f35f86d02976adc87e4d0136c6487326e554b9d409dabc70b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80234
x-xss-protection
0
server
sffe
etag
"1625981637"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 12 Jan 2024 17:11:46 GMT
si-mitre-modified-cyber-kill-chain-chart-1.jpg
securityintelligence.com/wp-content/uploads/2018/11/
43 KB
43 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/uploads/2018/11/si-mitre-modified-cyber-kill-chain-chart-1.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e407b45003d474ddf1a33b5d73c71c7217ba5761f713ba22dae37e237cf6de22

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Nov 2023 20:19:58 GMT
server
cloudflare
etag
"aab2-60a2282b3959b"
vary
Accept
content-type
image/webp
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
8446557b2a2d21e2-MIA
content-length
43698
THE-CYBER-KILL-CHAIN-body.png.pc-adaptive.1920.medium-878x1024.png
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_640,h_746/https://verveindustrial.com/wp-content/uploads/2022/06/
69 KB
70 KB
Image
General
Full URL
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_640,h_746/https://verveindustrial.com/wp-content/uploads/2022/06/THE-CYBER-KILL-CHAIN-body.png.pc-adaptive.1920.medium-878x1024.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
e49ca84eab8f21230dbdb4ff73088a2893dcb5ae15aa326d3299aaeaedef60f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 08:55:25 GMT
date
Fri, 12 Jan 2024 15:11:46 GMT
cdn-edgestorageid
885
cdn-cachedat
01/12/2024 15:11:46
cdn-pullzone
257218
cdn-tag
3012788; Domain: verveindustrial.com; 200
xtag-sp-debug
SLT: 0.013
content-length
70642
pragma
cache
last-modified
Tue, 26 Dec 2023 08:55:25 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
ee893c517ed44c99cedbbd1b24a0e8b5
content-type
image/webp
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=30095516, s-maxage=604800
cdn-requestid
43889bae141aa46b89d87e24d1369077
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://verveindustrial.com/wp-content/uploads/2022/06/THE-CYBER-KILL-CHAIN-body.png.pc-adaptive.1920.medium-878x1024.png>; rel="canonical"
cdn-requestpullsuccess
True
mitre-attack-uses.png
info.varonis.com/hubfs/Imported_Blog_Media/
53 KB
55 KB
Image
General
Full URL
https://info.varonis.com/hubfs/Imported_Blog_Media/mitre-attack-uses.png?hsLang=en
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.150.169 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
cloudflare /
Resource Hash
451b84fb5b869f5aed8cda2f9a92a68217963fb8e7215ebd167007f6a944d1e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-amz-meta-cache-tag
F-53579997880,FD-44912348718,P-142972,FLS-ALL
x-cdn
Imperva
x-amz-request-id
ZCD0566CX74WQQEH
x-amz-server-side-encryption
AES256
edge-cache-tag
F-53579997880,FD-44912348718,P-142972,FLS-ALL
x-iinfo
18-437896161-437896172 NNNN CT(1 9 0) RT(1705072305680 40) q(0 0 0 1) r(7 7) U24
x-amz-replication-status
COMPLETED
x-hs-https-only
worker
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
etag
"7eb9c7d1244109078e183cfbeff63498"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
x-amz-meta-created-unix-time-millis
1629753084473
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-robots-tag
all
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=31536000
via
1.1 18133da1ea724d113c4123fb3f20be9e.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-amz-version-id
TYb9cDmH2aAukZ.LpZ6qZou9Dl8gPNUU
x-amz-cf-pop
MIA3-P2
x-hs-alternate-content-type
text/plain
x-cache
Miss from cloudfront
cache-tag
F-53579997880,FD-44912348718,P-142972,FLS-ALL
x-amz-meta-index-tag
all
x-amz-storage-class
INTELLIGENT_TIERING
alt-svc
h3=":443"; ma=86400
content-length
54150
x-amz-id-2
Z/gLurKAAn/agcKZDnT0V207ZxXccSXy7pr9KRLAYb2xmlH3m2exsXsODxX/g+XZVsE2+VKvznU=
last-modified
Fri, 10 Feb 2023 22:30:41 GMT
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qjd2dZfIjKdKpVhb4PQ4dCIbz%2BopVNpGReBoIUd3LdR0UThVMvbczXBGK5XkwLy6R9b3u25Fvh8kpfyrAo494OV3zNyPEnMNXSoCJ6ZzXhDi41Cc0TnviBXho0qIVp2MhGE%3D"}],"group":"cf-nel","max_age":604800}
x-incap-sess-cookie-hdr
DpU1TZoCqXgJwsvOUcowFrJWoWUAAAAA6sl++yZrzzGYpoorEe+ARg==
accept-ranges
bytes
cf-ray
8446557ca9c80302-MIA
x-amz-cf-id
2dYMZGBavjwu6x07d56Ann7dk2v4ZRtPENKqGDL6_EGEfkiaUwp1IA==
si-mitre-modified-cyber-kill-chain-chart-2.jpg
securityintelligence.com/wp-content/uploads/2018/11/
89 KB
89 KB
Image
General
Full URL
https://securityintelligence.com/wp-content/uploads/2018/11/si-mitre-modified-cyber-kill-chain-chart-2.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
252dd69991f1b3a6a341690a8aadd352464f9fabc46322db3f51f1973ebd2058

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
DYNAMIC
last-modified
Tue, 14 Nov 2023 20:19:58 GMT
server
cloudflare
etag
"16222-60a2282b3959b"
vary
Accept
content-type
image/webp
x-webp-express
Redirected directly to existing webp
accept-ranges
bytes
cf-ray
8446557c1ba321e2-MIA
content-length
90658
210329_Turner_Article_Picture2.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt03391e00312499d8/60d94bc1993b0438463cbb2c/
26 KB
26 KB
Image
General
Full URL
https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt03391e00312499d8/60d94bc1993b0438463cbb2c/210329_Turner_Article_Picture2.png?width=690&quality=80&format=webply&disable=upscale
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
94dd8bfb4b63f48c489e8a309074263694c46325693c05853820a1342c35b20c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
0
x-cache
HIT, HIT
fastly-io-info
ifsz=451199 idim=1430x696 ifmt=png ofsz=26222 odim=690x336 ofmt=webp
filename1
custom
content-disposition
inline; filename=210329_Turner_Article_Picture2.webp
fastly-stats
io=1
content-length
26222
x-request-id
919694467d1a4fbc735becdc6ef69a9a
x-served-by
cache-ams12736-AMS, cache-mia-kmia1760060-MIA
x-runtime
120ms
server
contentstack
x-timer
S1705072307.648051,VS0,VE399
x-contentstack-organization
blt5948195ac13977b0
etag
"1UTcIFRRdwAc97/pMl+5jVsqjwyd+dlYbRV84s25F38"
content-type
image/webp
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
13, 1
UnifiedKillChain.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltfbd2bff8b0cc1b0c/623cbf6e483e2c64fe28828e/
522 KB
523 KB
Image
General
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/bltfbd2bff8b0cc1b0c/623cbf6e483e2c64fe28828e/UnifiedKillChain.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
60a835088a0aba897aa0176be33a61ba84d04f1efb5fafa3fa6f8b3e6055d4fb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-haf2300711
age
181034
x-cache
HIT, HIT
fastly-io-info
ifsz=612670 idim=1986x1286 ifmt=png ofsz=534313 odim=1986x1286 ofmt=png
content-disposition
inline; filename=UnifiedKillChain.png
fastly-stats
io=1
content-length
534313
x-request-id
1a90d505ad3777a2a148fc65c491d949
x-served-by
cache-sjc10063-SJC, cache-mia-kmia1760030-MIA
x-runtime
125ms
server
contentstack
x-timer
S1705072307.650177,VS0,VE77
x-contentstack-organization
blt848504a4924ca8db
etag
"QrR3BXW3YXa3Y8zu/pjH0cgNr9lkRoK42VTkKdD/tFs"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
20, 1
MITRE-Framework-and-Lockheed-Martin-Kill-Chain.jpeg
www.sentinelone.com/wp-content/uploads/2021/08/
185 KB
186 KB
Image
General
Full URL
https://www.sentinelone.com/wp-content/uploads/2021/08/MITRE-Framework-and-Lockheed-Martin-Kill-Chain.jpeg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5db11b0a3c65e542fe47648b89a8e32f9f6137c5114a25fe9c203e4bf66e3cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe2-b-b855dbfb-wfxb7
date
Fri, 12 Jan 2024 15:11:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options
nosniff
fastly-io-served-by
vpop-mnz1300702
x-cache
MISS, HIT, MISS, MISS
fastly-io-info
ifsz=288826 idim=2500x1200 ifmt=jpeg ofsz=189054 odim=2500x1200 ofmt=webp
expires
Thu, 10 Oct 2024 15:31:41 GMT
fastly-stats
io=1
content-length
189054
x-served-by
cache-chi-kigq8000159-CHI, cache-chi-kigq8000159-CHI, cache-mia-kmia1760089-MIA, cache-mia-kmia1760089-MIA
server
cloudflare
x-timer
S1704662729.804011,VS0,VE38
etag
"rXTcyR5srVdInViPekTFBf3RUKQ1vG8X/hE0L6E1L9s"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQy7nNLIK0hu4Mx6lcFQrmrsO5ItUChTqM6A0AnNJzImNv5wkl7MyOv1a0xyzrGs9nSBoiRiA%2Bod5F1LYrWdIpybWCUkKiff08gYAIfiv20RBlqrDMae49Dfc0jM7hmZtG3GFN4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
x-styx-req-id
1c7065fd-6782-11ee-8446-d6c034350060
cache-control
max-age=60
accept-ranges
bytes
cf-ray
8446557c9e028dae-MIA
x-cache-hits
0, 51, 0, 0
ea5ecd_2a9d6baafeca4dcf8f8b3e9f3cbeca33~mv2.png
static.wixstatic.com/media/ea5ecd_2a9d6baafeca4dcf8f8b3e9f3cbeca33~mv2.png/v1/fill/w_975,h_359,al_c,q_85,enc_auto/
56 KB
57 KB
Image
General
Full URL
https://static.wixstatic.com/media/ea5ecd_2a9d6baafeca4dcf8f8b3e9f3cbeca33~mv2.png/v1/fill/w_975,h_359,al_c,q_85,enc_auto/ea5ecd_2a9d6baafeca4dcf8f8b3e9f3cbeca33~mv2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211c:0:1e:5c56:d400:93a1 , United States, ASN (),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
4e22765d12aa4d167d6283b7c09c77efc17484f62aed6b97e57bfd9be96e5c3a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 21:26:01 GMT
via
1.1 google, 1.1 c49af0736096dd9eb595aafed0498ed4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P4
age
150345
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
57366
wix-tracer
2amRquDoLdDsGqsw5q4zzHNmUbR
server
openresty/1.21.4.1
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=15552000, immutable
timing-allow-origin
*
x-amz-cf-id
pXqmKjvp5w5fDrUdAQCnkMH825fYBmh9MRaTq_PJvXV5pV7pPZKAXQ==
x-seen-by
image-manipulator-7c76496fbd-n9l4x
insights
www.isc2.org/
Redirect Chain
  • https://blog.isc2.org/.a/6a00e54f109b6788340240a50c14a8200b-pi
  • https://www.isc2.org/insights
0
0
Image
General
Full URL
https://www.isc2.org/insights
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Server
107.162.133.105 , United States, ASN55002 (DEFENSE-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Redirect headers

Location
https://www.isc2.org/insights
Date
Fri, 12 Jan 2024 15:11:46 GMT
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Content-Length
152
Content-Type
text/html; charset=utf-8
mqdefault.jpg
i.ytimg.com/vi/qGTjYVLhy5Y/
12 KB
12 KB
Image
General
Full URL
https://i.ytimg.com/vi/qGTjYVLhy5Y/mqdefault.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2016 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
239587a291217700a3da18ef931f522711c9524cce329495063a2c23afc336c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12194
x-xss-protection
0
server
sffe
etag
"1625981637"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 12 Jan 2024 17:11:46 GMT
mitre-attack-containers.png
www.trellix.com/en-us/img/security-awareness/
23 KB
23 KB
Image
General
Full URL
https://www.trellix.com/en-us/img/security-awareness/mitre-attack-containers.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:141b:1c00:22::1730:e070 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
61017f866ecf87672d8b331517d012553204ef7105784e8a0033119374b50b56
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 14 Apr 2022 19:31:11 GMT
etag
"5b9c-5dca2561b5dc0"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=14400, s-maxage=14400
content-disposition
inline
server-timing
cdn-cache; desc=MISS, edge; dur=247, origin; dur=199, ak_p; desc="1705072306829_398664784_547010656_44521_5940_62_142_146";dur=1
accept-ranges
bytes
content-length
23452
x-xss-protection
1; mode=block
expires
Thu, 01 Jan 1970 00:00:00 GMT
Modified-FIgure-1-300x146.png
blogs.infoblox.com/wp-content/uploads/
27 KB
28 KB
Image
General
Full URL
https://blogs.infoblox.com/wp-content/uploads/Modified-FIgure-1-300x146.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
07fcbc456912a6c1f72a9c4ad8dfc05c61a470e3c608195406d74a2c9a5422a7
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-a-685d4d5969-ksmk4
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 12 Jan 2024 15:11:47 GMT
age
135838
x-cache
HIT, HIT, MISS, MISS
expires
Thu, 10 Oct 2024 11:13:17 GMT
content-length
27974
x-served-by
cache-chi-kigq8000150-CHI, cache-ams21068-AMS, cache-ams21066-AMS, cache-mad2200130-MAD
last-modified
Thu, 19 Dec 2019 12:14:19 GMT
server
nginx
x-timer
S1705072307.330686,VS0,VE50
etag
"5dfb699b-6d46"
content-type
image/png
x-styx-req-id
0376623f-675e-11ee-a659-42dc5f6a6a90
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1, 0, 0
53eb55ae-98d4-4454-b9a4-9c0f1c23aa38.jpg
dw1.s81c.com/IMWUC/MessageImages/TinyMce/
141 KB
141 KB
Image
General
Full URL
https://dw1.s81c.com/IMWUC/MessageImages/TinyMce/53eb55ae-98d4-4454-b9a4-9c0f1c23aa38.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.32.146.239 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-146-239.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d6724c36d9e0023ef184cd7d1aba93c0d5906029d5e999b1d23ddf77597012e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-amz-version-id
RFoqFOvq.JfXvKgcN60NryeAvejztvzW
Date
Fri, 12 Jan 2024 15:11:47 GMT
Last-Modified
Wed, 16 Jan 2019 21:26:28 GMT
Server
AmazonS3
x-amz-request-id
ZCDABDQ99J254TX6
ETag
"1b6b74c8a74b566fc1dd3c5fab9d6542"
x-amz-server-side-encryption
AES256
Content-Type
image/png
x-amz-replication-status
COMPLETED
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
144212
x-amz-id-2
nYYt52zp0D5iIYJ3bnqizcVcLumjt9AK/edjQnMvDw57QnmLyEB05z7BzDgPSdd67pFT2Hfnhe0=
2021-02-Rhebo-MITREATT&CK-Cyberkillchain-EN.png
rhebo.com/files/userdata/Grafiken/Zum%20Produkt/
193 KB
193 KB
Image
General
Full URL
https://rhebo.com/files/userdata/Grafiken/Zum%20Produkt/2021-02-Rhebo-MITREATT&CK-Cyberkillchain-EN.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1169:103:7df0:: Strasbourg, France, ASN21499 (GODADDY-SXB, DE),
Reverse DNS
Software
nginx /
Resource Hash
19499108d4d60cd434550b6c359f73a2331e3296841fcb52128fd671d5888eb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=31536000; preload
x-content-type-options
nosniff
last-modified
Fri, 15 Oct 2021 14:52:36 GMT
server
nginx
x-cache-status
BYPASS
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
197449
x-xss-protection
1; mode=block
expires
Sun, 11 Feb 2024 15:11:47 GMT
MITRE-Cyber-kill-chain-Comodo-Cybersecurity-Blog-Post-1.jpg
techtalk.comodo.com/wp-content/uploads/2020/08/
785 KB
786 KB
Image
General
Full URL
https://techtalk.comodo.com/wp-content/uploads/2020/08/MITRE-Cyber-kill-chain-Comodo-Cybersecurity-Blog-Post-1.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2610:1c8:1b::1 , United States, ASN23393 (NUCDN, US),
Reverse DNS
Software
NuCDN/v2.59.21 /
Resource Hash
9e1d6f4f85ec3b7244eaf9e663f5f130136aa895805bc1f4aaf76eb16fff928f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-beluga-cache-status
Miss
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 12 Jan 2024 15:11:47 GMT
last-modified
Thu, 27 Aug 2020 19:23:20 GMT
server
NuCDN/v2.59.21
etag
"c457a-5ade0de7a1662"
content-type
image/jpeg
x-beluga-node
098b22a3-9995-4af1-860f-4171e4c48918
x-beluga-response-time
304 ms
x-beluga-status
000
x-beluga-trace
2384e411-da8a-47f4-927f-2befef0f35f8
content-length
804218
x-beluga-record
6973f450a154beb703b12cfde2df370d5ca8145c
maxresdefault.jpg
i.ytimg.com/vi/gTR9Yb_4YXY/
83 KB
83 KB
Image
General
Full URL
https://i.ytimg.com/vi/gTR9Yb_4YXY/maxresdefault.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2016 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04982d17373c15f5c7986bedd43b76affe5260617240767b718e0cbeadab106c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85330
x-xss-protection
0
server
sffe
etag
"1620814359"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/jpeg
cache-control
public, max-age=7200
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 12 Jan 2024 17:11:47 GMT
mitre-attack-1.png
blogs.infoblox.com/wp-content/uploads/
57 KB
57 KB
Image
General
Full URL
https://blogs.infoblox.com/wp-content/uploads/mitre-attack-1.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1f::765 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e7bcb17abc554766500b3ef0a8dc4ef35ba471aa72d27938923decfd24f4df55
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-pantheon-styx-hostname
styx-fe1-b-68df99c475-vq9tt
strict-transport-security
max-age=300
via
1.1 varnish, 1.1 varnish, 1.1 varnish, 1.1 varnish
date
Fri, 12 Jan 2024 15:11:47 GMT
age
134295
x-cache
HIT, HIT, MISS, MISS
expires
Sat, 12 Oct 2024 13:50:25 GMT
content-length
58068
x-served-by
cache-chi-klot8100127-CHI, cache-ams21065-AMS, cache-ams12735-AMS, cache-mad2200130-MAD
last-modified
Tue, 22 Mar 2022 21:05:31 GMT
server
nginx
x-timer
S1705072307.330711,VS0,VE31
etag
"623a3a1b-e2d4"
content-type
image/png
x-styx-req-id
4bb2e26e-6906-11ee-9356-2ea8128d57de
cache-control
max-age=31622400
accept-ranges
bytes
x-cache-hits
1, 1, 0, 0
mitre-attack-vs-cyber-kill.jpg
assets.securitytrails.com/cdn-cgi/image/width=450,quality=100,format=auto/blog/mitre-attack-framework/
0
0

enterprise-matrix.png
anomali.cdn.rackfoundry.net/images/uploads/research/
0
0

cyber-kill-chain.jpg
cybotsai.com/wp-content/uploads/2021/08/
221 KB
221 KB
Image
General
Full URL
https://cybotsai.com/wp-content/uploads/2021/08/cyber-kill-chain.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.10.47 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
47.10.62.166.host.secureserver.net
Software
Apache /
Resource Hash
4b6116aac7c38f800dcd312ad141d7324bd66ab03906bcb4db7275bc40b3522f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
last-modified
Fri, 13 Aug 2021 07:54:30 GMT
server
Apache
accept-ranges
bytes
etag
"45c1d0f-37389-5c96c294b3980"
content-length
226185
content-type
image/jpeg
chain-vs-attck.png
cs4e.pages.labranet.jamk.fi/ooc/30-Cyber_Attack/img/
42 KB
42 KB
Image
General
Full URL
https://cs4e.pages.labranet.jamk.fi/ooc/30-Cyber_Attack/img/chain-vs-attck.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.148.26.185 , Finland, ASN1741 (FUNETAS, FI),
Reverse DNS
pages.labranet.jamk.fi
Software
/
Resource Hash
6a0d25e9ff989e534ee1318bc659ccf509c63f1df89aff9d50351fe3623c8bef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
last-modified
Fri, 12 Feb 2021 13:37:37 GMT
etag
"c94ca89767ab7e7f23acdc40ba7326c664cc59fe60b7bb98d52ac36d5856a221"
vary
Origin
content-type
image/png
cache-control
max-age=600
content-length
42652
expires
Fri, 12 Jan 2024 17:21:48 EET
figure6.png
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_706,h_724/https://verveindustrial.com/wp-content/uploads/2021/05/
68 KB
69 KB
Image
General
Full URL
https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_706,h_724/https://verveindustrial.com/wp-content/uploads/2021/05/figure6.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
28545b9903d0dc5ca1807906813c37bd4f10564265a6aaf03e1e82fc5b370a26

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sun, 22 Dec 2024 14:30:53 GMT
date
Fri, 12 Jan 2024 15:11:47 GMT
cdn-edgestorageid
885
cdn-cachedat
01/12/2024 15:11:47
cdn-pullzone
257218
cdn-tag
3012788; Domain: verveindustrial.com; 200
xtag-sp-debug
SLT: 0.012
content-length
69920
pragma
cache
last-modified
Sat, 23 Dec 2023 14:30:53 GMT
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
fc53f813c56759a8185a910e904c34aa
content-type
image/webp
access-control-allow-origin
*
cdn-cache
MISS
cdn-uid
ceac3dab-9909-4315-8d54-a27751b54dd0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
max-age=29805546, s-maxage=604800
cdn-requestid
2652cf265cd15dca5d1935007fbd0dc4
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
link
<https://verveindustrial.com/wp-content/uploads/2021/05/figure6.png>; rel="canonical"
cdn-requestpullsuccess
True
Cyber_Kill_Chain.jpg
nucleon-security.com/wp-content/uploads/2020/07/
35 KB
35 KB
Image
General
Full URL
https://nucleon-security.com/wp-content/uploads/2020/07/Cyber_Kill_Chain.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.36.91.62 , France, ASN16276 (OVH, FR),
Reverse DNS
cluster027.hosting.ovh.net
Software
Apache /
Resource Hash
1bac8012a904441a367d9e4935675e599a35e1fa017917da7a16552bd2fabc72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
last-modified
Thu, 30 Jul 2020 13:05:42 GMT
server
Apache
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
35721
expires
Fri, 12 Jan 2024 15:26:47 GMT
mitre-framework.png
cybotsai.com/wp-content/uploads/2021/08/
473 KB
474 KB
Image
General
Full URL
https://cybotsai.com/wp-content/uploads/2021/08/mitre-framework.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
166.62.10.47 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
47.10.62.166.host.secureserver.net
Software
Apache /
Resource Hash
eaced04974b5d5df070a8d3aa808505e4aa3e3ab032c96e8a9b37a5a69e795be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
last-modified
Fri, 13 Aug 2021 07:34:25 GMT
server
Apache
accept-ranges
bytes
etag
"45c1d57-765c0-5c96be1786240"
content-length
484800
content-type
image/png
cyber_kill_chain.png
www.exabeam.com/wp-content/uploads/2020/01/
15 KB
17 KB
Image
General
Full URL
https://www.exabeam.com/wp-content/uploads/2020/01/cyber_kill_chain.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.193.213.20 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78822d2329ca9112116e119272ec28031355719ba2be1881885dd963ac3101f5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://view.ceros.com/ https://code.jquery.com/ https://builder-assets.unbounce.com/ https://static.hotjar.com https://d34qb8suadcc4g.cloudfront.net/ https://script.hotjar.com/ https://js.driftt.com/ https://t.sf14g.com/ https://optimize.google.com https://cdn.bizible.com/ https://j.6sc.co/ http://www.google.com https://www.exabeam.com/ https://ml314.com/ https://trk.techtarget.com/ https://sc.lfeeder.com/ https://munchkin.marketo.net/ https://www.google-analytics.com/ https://www.googleanalytics.com/ https://static.ads-twitter.com/ https://snap.licdn.com/ https://tracking.g2crowd.com/ https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/ https://connect.facebook.net/ https://googleads.g.doubleclick.net/ https://bat.bing.com/ https://www.googleoptimize.com/ https://pages.exabeam.com/ https://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com/ https://player.vimeo.com/ https://vimeo.com/ https://js.adsrvr.org/; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: * https://optimize.google.com https://www.google-analytics.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' blob: data: https://fonts.googleapis.com/ https://optimize.google.com https://builder-assets.unbounce.com/ https://www.exabeam.com/ https://pages.exabeam.com/ http://www.google.com; font-src 'self' data: * https://fonts.gstatic.com; connect-src 'self' data: https://csmetrics.hotjar.com https://analytics.google.com/ wss://wsp37.hotjar.com wss://wsp4.hotjar.com wss://wsp23.hotjar.com https://content.hotjar.io https://builder-assets.unbounce.com/ https://ipv6.6sc.co/ http://www.google.com https://www.exabeam.com/ https://www.google-analytics.com/ https://bat.bing.com/ https://www.googletagmanager.com/ https://cdn.linkedin.oribi.io/ https://munchkin.marketo.net/ https://ml314.com/ https://cdn.bizible.com/ https://secure.adnxs.com/ https://in.hotjar.com/ https://stats.g.doubleclick.net/ https://c.6sc.co/ https://ibc-flow.techtarget.com/; frame-src 'self' https://view.ceros.com/ https://secure.adnxs.com/ https://player.vimeo.com https://vimeo.com/ https://www.facebook.com/ https://js.driftt.com/ https://pages.exabeam.com/ https://optimize.google.com https://www.youtube.com/ https://player.captivate.fm/ https://td.doubleclick.net/; object-src 'none'

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: https://view.ceros.com/ https://code.jquery.com/ https://builder-assets.unbounce.com/ https://static.hotjar.com https://d34qb8suadcc4g.cloudfront.net/ https://script.hotjar.com/ https://js.driftt.com/ https://t.sf14g.com/ https://optimize.google.com https://cdn.bizible.com/ https://j.6sc.co/ http://www.google.com https://www.exabeam.com/ https://ml314.com/ https://trk.techtarget.com/ https://sc.lfeeder.com/ https://munchkin.marketo.net/ https://www.google-analytics.com/ https://www.googleanalytics.com/ https://static.ads-twitter.com/ https://snap.licdn.com/ https://tracking.g2crowd.com/ https://metadata-static-files.sfo2.cdn.digitaloceanspaces.com/ https://connect.facebook.net/ https://googleads.g.doubleclick.net/ https://bat.bing.com/ https://www.googleoptimize.com/ https://pages.exabeam.com/ https://ajax.googleapis.com https://ssl.google-analytics.com https://www.googletagmanager.com/ https://player.vimeo.com/ https://vimeo.com/ https://js.adsrvr.org/; img-src 'self' 'unsafe-inline' 'unsafe-eval' blob: data: * https://optimize.google.com https://www.google-analytics.com https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' blob: data: https://fonts.googleapis.com/ https://optimize.google.com https://builder-assets.unbounce.com/ https://www.exabeam.com/ https://pages.exabeam.com/ http://www.google.com; font-src 'self' data: * https://fonts.gstatic.com; connect-src 'self' data: https://csmetrics.hotjar.com https://analytics.google.com/ wss://wsp37.hotjar.com wss://wsp4.hotjar.com wss://wsp23.hotjar.com https://content.hotjar.io https://builder-assets.unbounce.com/ https://ipv6.6sc.co/ http://www.google.com https://www.exabeam.com/ https://www.google-analytics.com/ https://bat.bing.com/ https://www.googletagmanager.com/ https://cdn.linkedin.oribi.io/ https://munchkin.marketo.net/ https://ml314.com/ https://cdn.bizible.com/ https://secure.adnxs.com/ https://in.hotjar.com/ https://stats.g.doubleclick.net/ https://c.6sc.co/ https://ibc-flow.techtarget.com/; frame-src 'self' https://view.ceros.com/ https://secure.adnxs.com/ https://player.vimeo.com https://vimeo.com/ https://www.facebook.com/ https://js.driftt.com/ https://pages.exabeam.com/ https://optimize.google.com https://www.youtube.com/ https://player.captivate.fm/ https://td.doubleclick.net/; object-src 'none'
cf-cache-status
HIT
age
230210
cf-polished
origFmt=png, origSize=18775
content-disposition
inline; filename="cyber_kill_chain.webp"
alt-svc
h3=":443"; ma=86400
content-length
15010
cf-bgj
imgq:100,h2pri
last-modified
Sat, 30 Apr 2022 13:30:01 GMT
server
cloudflare
etag
"626d39d9-4957"
vary
Accept
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
84465581189f6dd1-MIA
TTP_Pyramid.png
images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt0c658b77464f8db8/623cbf79ddd8655f56f6091b/
253 KB
253 KB
Image
General
Full URL
https://images.contentstack.io/v3/assets/blt36c2e63521272fdc/blt0c658b77464f8db8/623cbf79ddd8655f56f6091b/TTP_Pyramid.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
contentstack /
Resource Hash
77a32d0b8153be4e58858681694d2a298b0523c865b68b8c2b1795eaf23b004b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
via
1.1 varnish, 1.1 varnish
fastly-io-served-by
vpop-haf2300701
age
748412
x-cache
HIT, MISS
fastly-io-info
ifsz=370020 idim=1164x682 ifmt=png ofsz=258772 odim=1164x682 ofmt=png
content-disposition
inline; filename=TTP_Pyramid.png
fastly-stats
io=1
content-length
258772
x-request-id
e8dbad0d3fcb9eb0633610d815f331c5
x-served-by
cache-sjc10028-SJC, cache-mia-kmia1760030-MIA
x-runtime
102ms
server
contentstack
x-timer
S1705072307.277856,VS0,VE66
x-contentstack-organization
blt848504a4924ca8db
etag
"d+AWSMMNY0x92SHHr7X+D6J1wpr7+lYWFJ+uVTBGtoU"
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
content-disposition, content-type, cache-control, status, content-length
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
73, 0
mitre-attack-concept.png
defencelogic.io/wp-content/uploads/2022/02/
0
0
Image
General
Full URL
https://defencelogic.io/wp-content/uploads/2022/02/mitre-attack-concept.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4401 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

the-mitre-attack-matrix-1024x938.png
www.crowdstrike.com/wp-content/uploads/2021/05/
250 KB
251 KB
Image
General
Full URL
https://www.crowdstrike.com/wp-content/uploads/2021/05/the-mitre-attack-matrix-1024x938.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9a09 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ce4f58e2f0f4e7c490b390f75540063a704ffb0488947754ab9f4d022e8df5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 9b435e7a8d74607fede4b1f1f66d58dc.cloudfront.net (CloudFront)
cf-cache-status
HIT
x-amz-version-id
6aVJwcVAUdUFvBesSSM_rKQ2swuTu3yy
age
806
x-amz-cf-pop
MIA3-P2
cf-polished
status=not_needed
x-cache
Hit from cloudfront
content-length
256270
last-modified
Wed, 20 Sep 2023 00:40:22 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
etag
"de9867cd4d2b3a526002db06042fbcfb-1"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
84465580f9972203-MIA
x-amz-cf-id
yhg0GS54qcQ4ylfPgChplXpM4WeNiGp4D4bNfQPkhFE9hpKyDCOWTQ==
expires
Fri, 12 Jan 2024 19:11:47 GMT
sensors-22-01860-g001.png
www.mdpi.com/sensors/sensors-22-01860/article_deploy/html/images/
210 KB
211 KB
Image
General
Full URL
https://www.mdpi.com/sensors/sensors-22-01860/article_deploy/html/images/sensors-22-01860-g001.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.151 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5a5c3e842600ffe7dc179a696d1198375717533b93905e38e43529667344064
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origFmt=png, origSize=428043
content-disposition
inline; filename="sensors-22-01860-g001.webp"
alt-svc
h3=":443"; ma=86400
content-length
215074
x-xss-protection
1; mode=block
cf-bgj
imgq:85,h2pri
last-modified
Tue, 08 Mar 2022 09:21:51 GMT
server
cloudflare
etag
"6227202f-6880b"
vary
Accept
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/webp
access-control-allow-origin
*.mdpi.com
x-frame-options
SAMEORIGIN
access-control-allow-credentials
true
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
84465580fbd28e00-MIA
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 13 Jan 2024 15:11:47 GMT
1_TXZTj1kSjghetyifWUMOyA.png
images.squarespace-cdn.com/content/v1/5ab952d7506fbeaa1f512f11/1586079113414-32M5BP9VRFO8NAAQ9Y87/
92 KB
92 KB
Image
General
Full URL
https://images.squarespace-cdn.com/content/v1/5ab952d7506fbeaa1f512f11/1586079113414-32M5BP9VRFO8NAAQ9Y87/1_TXZTj1kSjghetyifWUMOyA.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.238 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
19dbb559923101aa3522a0548a34fedb82f04b1981060923a35a569574022389

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-cache-hits
22, 0
date
Fri, 12 Jan 2024 15:11:47 GMT
via
1.1 google, 1.1 varnish, 1.1 varnish
age
1730462
x-cache
HIT, MISS
content-length
93802
x-served-by
cache-iad-kjyo7100053-IAD, cache-mia-kmia1760095-MIA
x-timer
S1705072307.359195,VS0,VE50
etag
COqWkPCHv+sCEAE=
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Timing-Allow-Origin
cache-control
max-age=604800,s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
tracepoint
Fastly
Cyber-Kill-Chain-deepwatch-source-Lockheed-Martin.png
www.deepwatch.com/wp-content/uploads/
41 KB
42 KB
Image
General
Full URL
https://www.deepwatch.com/wp-content/uploads/Cyber-Kill-Chain-deepwatch-source-Lockheed-Martin.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:cb25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc8afb1d4db05c0720b7d7bae1b10b9414bb9d406dfaa8e9ba5a0c6b73f2bf30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-cache-status
MISS
last-modified
Thu, 11 Jan 2024 22:27:00 GMT
server
cloudflare
etag
"65a06b34-a59f"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
844655813e526c88-MIA
content-length
42399
D9xdCIcX4AMoL7d.jpg
pbs.twimg.com/media/
101 KB
101 KB
Image
General
Full URL
https://pbs.twimg.com/media/D9xdCIcX4AMoL7d.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mic/9B22) /
Resource Hash
e2f48c486e3daea23afd5986d0383234b2790d4d81e3839bd854528c34636148
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
0
x-cache
MISS
server-timing
x-cache;desc= MISS,x-tw-cdn;desc=VZ
content-length
103111
x-response-time
46
surrogate-key
media media/bucket/0 media/1142890696652873731
last-modified
Sun, 23 Jun 2019 20:20:30 GMT
server
ECS (mic/9B22)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
68ec253dc65c3bd3
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7469935968
x-connection-hash
3fde765368adece94fed35472cac9d9ab7e81faa5fe942f58e963350851b38a6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
stellar_cyber_xdr_kill_chain.jpg
img2.helpnetsecurity.com/posts2021/
106 KB
106 KB
Image
General
Full URL
https://img2.helpnetsecurity.com/posts2021/stellar_cyber_xdr_kill_chain.jpg
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-89.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce6d6bd8de17addfa38c230f814345e053797671bb51679d58cef09d72fe2ded

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
x-amz-version-id
wVMfQRyMOkYAbFeU21vj36G3obX4l6VM
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
last-modified
Wed, 21 Jul 2021 06:59:52 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
etag
"fad2d4d8aa6b8591ee760c1706a15d75"
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
108142
x-amz-cf-id
KQ1h17GSbXiIkEQSCBMuWciSzf7r7deTHow4NRjByGJY-C70bUpX0Q==
attack_flow.png
www.f5.com/content/dam/f5-labs-v2/article/articles/edu/20210610_mitre_attack/
118 KB
119 KB
Image
General
Full URL
https://www.f5.com/content/dam/f5-labs-v2/article/articles/edu/20210610_mitre_attack/attack_flow.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2199:d200:14:232e:8a00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c29634de93bba2349bc1de4d8b69ee64c24240b68051a9e65bae12e4d87123cf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.cybersource.com *.salesforce.com *.force.com *.salesforce-sites.com ; form-action *.cybersource.com *.salesforce.com *.force.com 'self' *.salesforce-sites.com
Strict-Transport-Security max-age=16070400;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-dispatcher
dispatcher1uswest2
date
Fri, 12 Jan 2024 15:11:47 GMT
strict-transport-security
max-age=16070400;
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' *.cybersource.com *.salesforce.com *.force.com *.salesforce-sites.com ; form-action *.cybersource.com *.salesforce.com *.force.com 'self' *.salesforce-sites.com
via
1.1 dca1-bit13011, 1.1 426461ac6e9a3bd7fa011ad672ee0062.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD79-C1
age
45847
x-vhost
publish
x-cache
Miss from cloudfront
content-length
120391
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 13 Oct 2022 17:13:22 GMT
etag
"1d647-5eaeda05ab080"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
00fzBu90PuGoU-gC6k9CWrNNyY2tJhhru0GJFnQtwpvq-XJBeifcVQ==
thumb_2.png
afuncan.com/games/tank-wars/
5 KB
6 KB
Image
General
Full URL
https://afuncan.com/games/tank-wars/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
748c54e441795663fa3c063cf7c4c6ac625aa14b827c91667c7bb26ec0632ba9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 01:53:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"15ec-5f8f1a2c24240"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZgDLquaMlxdPuGafLwrfIpiQWPJHQMoArsKCTZBOkGqFnAA7uetHVWj9B7lUu09btkx5Bg1DqO3%2Fhv3VKVxvVKluia8r1dFhOXr4%2F6UyjPO4uFKKtgYzJm0GJipSMsIzQ90i4Di%2BvzSs3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e31da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
5612
star-3.png
afuncan.com/content/themes/dark-grid/images/
796 B
1 KB
Image
General
Full URL
https://afuncan.com/content/themes/dark-grid/images/star-3.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ddcd411967e3fff2a528a1389828eec6e6a6f65dbbecac5a69c758b5951cfb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"31c-5f8baff74bf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VUyRo2mGmdqkPJaU20y3kBSo8S%2B9aG0oqzOCYntdkiGjg14LhaSO1SsxGoPKSuqthFuU%2Ban6YlG%2BrfmG9jdk5NWt3CLaHNs95NohwuzhhkoGnIbPbrods6Zi0dstOlHo7PWEVoHCSCskg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e34da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
796
thumb_2.png
afuncan.com/games/zombie-buster/
65 KB
66 KB
Image
General
Full URL
https://afuncan.com/games/zombie-buster/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdcf1cb281a8353edc08eb1d9703491a897beaa679516bbe1afb132903fedb2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:09:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"10429-5f8f1dd3b2180"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuKGdahc9YnS3udxcYBZEKqsi%2B8AY1x2IOwVl96gcSfOqSjl44mLCkGAl169QFdeoCLlrIHFwIsDhV8GQ8WD0rPbNQoUQi7LO7yhS41S07AlpTn%2FlZQIK7dimNDo7Il3Zvzyb%2FpkjTZtzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e38da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
66601
thumb_2.png
afuncan.com/games/halloween-bubble-shooter/
111 KB
112 KB
Image
General
Full URL
https://afuncan.com/games/halloween-bubble-shooter/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6007ea58ba1bde429a66d39ac2e49f5136281d8b79889da9746c4a4ffc5014b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:42:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"1bd5e-5f8f251c21040"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZXMhfUhfMzAzjg9NUvDrb8RbrDKsKx55QG%2FxP3F39liJ23qPTUymsGz0iJ89VrlyDWgcXPLUhb602EIJaHsZiXs2RjvH4rXToUU7ADpQN42LWZB3PgaX%2FssPCSerXkarCKi%2BrLzR6fKWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e3cda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
114014
star-1.png
afuncan.com/content/themes/dark-grid/images/
794 B
1 KB
Image
General
Full URL
https://afuncan.com/content/themes/dark-grid/images/star-1.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f596790b7a5324d8a4cb3ec745230bad3db55ae1f2c72ec2c0dc30e21d20080

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3461
etag
"31a-5f8baff74bf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZ0PjD2CS4%2BXbdCnsnqcd867Ujvx3NQB%2BNfndtjxFK1707JAwagRLTWF2Net8QIT8XjCp%2FVXuAhh1FM7FQstj%2BKJv%2B9Vhd3QqnoLaPOnZ%2BIG7No%2F4HPahXA6BUlmrukFVIu7pdHTCASS0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e3fda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
794
thumb_2.png
afuncan.com/games/ninja-run/
114 KB
114 KB
Image
General
Full URL
https://afuncan.com/games/ninja-run/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad288ea09018b96aed178e346a10ce208032784cf41558443f902fa5e82deee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:46:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"1c6a5-5f8f2605c7780"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAfCnucCD2OzLTKcuUbc4YdaRwiyEuwN66S15KOEFgfMmWQ2ptM7oJqQ3LMCE%2B%2F3EK2mZ3GdD2Bh5XfQtDDACiMBi5Y%2BhuN4AHEm8DfWEL8j83JPBtK8WazEFLivnDat8W4t1W5fqy8Ulg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e43da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
116389
star-4.png
afuncan.com/content/themes/dark-grid/images/
800 B
1 KB
Image
General
Full URL
https://afuncan.com/content/themes/dark-grid/images/star-4.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5ff18a969eadf48e834f25bd708cb1f065879f5c96641ad583849193e5260ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"320-5f8baff74bf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yvXOiMOjjO6tJUBolP0g3umXCrW1n7Lo9tITzJSYqgV0db4Z%2FIz8Okv3jbGrK%2BBZsfnMNNChb6OJkxW%2FXpFu9jyBZgt8tyMwwDksBjvaTtEbWg2VanuCTaih9Ml%2BvrHFwIBkx5oD0T%2Bpvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e46da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
800
thumb_2.png
afuncan.com/games/viking-escape/
67 KB
67 KB
Image
General
Full URL
https://afuncan.com/games/viking-escape/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0ce7897c1fa7da7cce03ad8eac4ff53b9260bbcf3c175d7a5b6c5a68285803f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:30:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"10a4e-5f8f227428c00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCYs85sMOoLv%2Fe8cF5xkmRaKPes%2BMwVFYGhMDY71N8f5K2I6dWTvrnTXBR%2FXG0zXiyXSxkpmcOKWR03W3LVna7U0LL6cQnUJdd%2FcO1AdVwavsVmWFSrIfQGqsCQGBEd%2FPz1wbJGv11zp8A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e47da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
68174
thumb_2.png
afuncan.com/games/ranger-vs-zombies/
85 KB
86 KB
Image
General
Full URL
https://afuncan.com/games/ranger-vs-zombies/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564d17d6617722c7a4acedfee8181170526f2fbfed95a67cf069eb0146a42c66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:38:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3462
etag
"15552-5f8f245b7c9c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=beXxCaoDkvfsRjcLtfD1xnTADLGt3KERg7VKfE9lViT44qAgzLWvcjyGVsO7AMhKCP41OBgmKTMYZ7LtF278X%2F%2FU7CDwS%2FGAofWq7V02dlrEDrxD%2BwN8iXJ%2FHJtviiln22NW09CFzUUtpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e4ada73-MIA
alt-svc
h3=":443"; ma=86400
content-length
87378
star-0.png
afuncan.com/content/themes/dark-grid/images/
760 B
1 KB
Image
General
Full URL
https://afuncan.com/content/themes/dark-grid/images/star-0.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff8e74b1f76ae1036d81ffe496cd111f25a95cd411f59c75ce3326384a5ecc4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"2f8-5f8baff74bf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1cf%2FixGy9r9XW%2F2J63yBXynE94llr%2FKXTMBR9Ev6Hng4UqpGsW0Pav9xpRlCDW5FiTAuFkvcIb9DwYLGeMTcLw8KxhLXortn8rQghAMeUHDgg0v3hEhz%2FKN%2BlfZIJoTx391Nw%2B2xxRDpNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e4cda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
760
thumb_2.png
afuncan.com/games/plumber/
98 KB
98 KB
Image
General
Full URL
https://afuncan.com/games/plumber/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68803bc62949a7a34c668f8383f4cffc22b90d38b01c6cc063069369eb45f9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:17:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"18778-5f8f1f9a992c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXqqmr9IMLCJN09JiCZVXkZL%2FbQRFok1S%2FUNmmpRl47b1bmSGJ0kUV4AAbMES6P4gqPGkuVwgT1rjNjCv4EgbHUR4uO%2BbIIYQvOhDNIIvAZvzS8UN6MMEPr1yWXh6iZYVx63JNuf0vmTbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e4fda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
100216
star-2.png
afuncan.com/content/themes/dark-grid/images/
814 B
1 KB
Image
General
Full URL
https://afuncan.com/content/themes/dark-grid/images/star-2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee943c28e4dd4d0d593c7424277632954476142ac40faa3721291d7a3591d28c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"32e-5f8baff74bf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GI538AuXlwVYMEA3iW11a5GVPF95ErFfW3d4ayJ67iid2DWdDHiK8qsrjjPRBYD0YOIQ3P%2BGXD4fS35RIwX%2Fuy1diECupyVwCnrJgVx9dE8XYo2QkejO462b9l%2FEimuQfXuCd6sjztTXyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e50da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
814
thumb_2.png
afuncan.com/games/fruitsnake/
102 KB
103 KB
Image
General
Full URL
https://afuncan.com/games/fruitsnake/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef26daccdb0a9e6c75150bbaabe440062f1ca56079d92f6627d53aaf8deece7e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:52:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"1985b-5f8f27833fb80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQNRHavblfZBdlPO9UP0eJBaooPJl%2Bh8m8kUjWxvfUOtMQKWjymES3BT%2FI56EB%2BBU0dDG9jGuu%2BmG7jOvSYzrvQV%2BHfkbVjUzQb%2FLua1igUjgNsD6PAdq3dh2lDpfMUVfAZQgF4eFD5eJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e52da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
104539
thumb_2.png
afuncan.com/games/fruit-slasher/
120 KB
121 KB
Image
General
Full URL
https://afuncan.com/games/fruit-slasher/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137b62805330088f3ecd8c292ab1e7c8b2463e7fe9476419dbcedda631fcb5f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:32:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"1e149-5f8f230bcb1c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2Bo5ZKp27ZpCVgBbatmA70UJ%2FxPhoHgt7g62zklHUrZybbmFDt42Dnp6FlmXjC%2B0x9sc6%2BkQ80NJ8qjTuT4QbcyeDUJKkocYvjE267TNZWnWxtuW3a6mQDR3ueWdTKX%2B8tCLVo0iKsJ0mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e53da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
123209
thumb_2.png
afuncan.com/games/stick-monkey/
41 KB
42 KB
Image
General
Full URL
https://afuncan.com/games/stick-monkey/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c954596bd2a354552e6bf3d6e1cc8345e271592e755e5fca7e63aceb41c6041

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:13:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"a4a8-5f8f1eaa45bc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a34UN%2FUXCZwI8Z%2BLHbdLf4UkKO2pjOzXjK8xvnMjUQQllLqUXjyuhx9jn26ia7p7SL0ghqX9HRNGM0Q7QqBasr4wkClTFpf0z6VNFs0cVnhptMmtZgAnE5xOTzahH2cQStn8zyZEgupTQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e54da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
42152
thumb_2.png
afuncan.com/games/casino-cards-memory/
81 KB
82 KB
Image
General
Full URL
https://afuncan.com/games/casino-cards-memory/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f01aed79f3948285e83e6605358684168397fe12856d9853cd45427b909a1f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:49:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1447e-5f8f26de43640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3FjVH9rV0MWc7CGw3sxgJQweJtLxy49a8ksehPvTEcUHmXWg%2BLNIgk0tZKqSGDADUCSWnZZkgJLX7rBZGq3CiOpcTG26BmVjfJ2DSOZVlC3Q8IVNVChpxAcW%2FSPF1ZeN%2BAiUTS7zRUb1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e56da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
83070
thumb_2.png
afuncan.com/games/halloween-memory/
105 KB
106 KB
Image
General
Full URL
https://afuncan.com/games/halloween-memory/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af77e624609246ca109f96195b1cdf54e01d4045b508b54866834e5ddcf95008

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:05:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1a451-5f8f1d02d74c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20%2BiIk1MtaVc5atEQf332jSgX42rtmJpSQxDsQ7y7zPgJPTgdtO0vcvHmRpAF9KxhSIpFxcZ16xZa7sB4LOF1%2Bf%2FMV4yDA435nM%2BHItEoLtQQuJ227izDSR2fZhbl9a3CJyCB%2FMrLXfh3g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e59da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
107601
thumb_2.png
afuncan.com/games/mummy-candies/
74 KB
74 KB
Image
General
Full URL
https://afuncan.com/games/mummy-candies/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb5af8a11b5388562f368b2c7752399c0caeea396be92cedc3fb5076117136b9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 01:59:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"12716-5f8f1b9871dc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fM5WRiLHvutzKZNR4CsJehF8sZNTHG6W369cgHHqXrerOZtASl2fI8WWqiWTUD9P%2B6yyJt515B6v9HraWgU1kxSmiFaNCegEiCMPO1RUpicnxmEriV0anqIMS%2FpzPE0%2Fl41QNigbELZjGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e5dda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
75542
thumb_2.png
afuncan.com/games/duck-hunter/
57 KB
57 KB
Image
General
Full URL
https://afuncan.com/games/duck-hunter/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59615b4f9f9fdc5ac838119c3172e81fd3b0ec0c5e6b694585185a6be0d084f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Sun, 09 Apr 2023 02:59:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"e3e9-5f8de70c5e980"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YPvx5YFhrpsKXnp%2BwEnX2ljKmBTfwzJxBY6Foc5P7pXp2U%2FBq0qNF%2BTHUCPCi9isSaOkxi85QXju3%2BhRLvru%2BD%2B3HGPB2fciFvIwYMkSt7yikNduIr22%2Btze8%2FmX6gO4bTdzTsWt0B%2Bdag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e61da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
58345
thumb_2.png
afuncan.com/games/mad-shark/
126 KB
126 KB
Image
General
Full URL
https://afuncan.com/games/mad-shark/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8865e9b6f009cd68d7b8c20a3b0adf115900097ae089996166335839809a23d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:47:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1f74a-5f8f33d13c340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=df6e1mqo%2BagLCv%2BN8rmpanNLxiGsxD2U9P7%2FCP6WkR3rYYypSEh6aqinFuJNsbJdNN4Md1FdkNoSd8o0j6VSyxJoUG1%2FAqDbVoMV5%2FOf7cGZtrmk5YpIwi3CYutUwRgeDWBD%2B7xGqG0WBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e62da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
128842
thumb_2.png
afuncan.com/games/great-air-battles/
89 KB
89 KB
Image
General
Full URL
https://afuncan.com/games/great-air-battles/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a834cd181b32a465a1e90945a3fa5a181f19c7cae5eb1770538d52b1ffdbd9e3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:45:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1620a-5f8f335a06a00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYBR%2BhIyuEZvSKfEr0301AiFBisKgKP%2B4VL1Fx86JZG%2Fs93X%2BqtmgwAGavY1%2FfRp1A87ULFdb7hneil9GU5nOZxBzgt0gFXljz5654ld5IDF8UWaRHrB1VTMxBgmvndXeo3XHijTImv8Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e66da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
90634
thumb_2.png
afuncan.com/games/kids-true-colors/
124 KB
124 KB
Image
General
Full URL
https://afuncan.com/games/kids-true-colors/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8284a4c4a8b4351395b4eceb067e08e855da79b6569181d29d753c70ee1df6bf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:42:43 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1efa4-5f8f32ad692c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSO7sMmL8Y4dxCDPlKhZBv%2FrHesL8aPewbc9nroZ8wTcJOIp9sEwkekrPxJ9ruS7Qk%2FDWa729uvY4ZqvAVrUknK9ZNzjmj2Fc7lqFVyUORit5k5uZUWi9eDMRa1%2F3DnVulKpheJJkB36Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e68da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
126884
thumb_2.png
afuncan.com/games/christmas-balloons/
135 KB
136 KB
Image
General
Full URL
https://afuncan.com/games/christmas-balloons/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d0cf53bb78485eb3bc9bc8d8d25a21f335b04ccd07cfb8c7396c65567ff8f8e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:40:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"21c20-5f8f321a8b840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fa6CMiw3Q7U4u58W5BJ1EzaOGM3cVczUs%2B8zLTA%2FQtgwAtj5NOW0aOBPzysEyKCTSXmzAq3F5p%2FU0rSkRWb6rSMhyZnpgC4I7rsI9oOsUm1rj5iEZgRNjQGFbK8ZWXmAjLnfOSZwrKgwAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e69da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
138272
thumb_2.png
afuncan.com/games/christmas-match3/
119 KB
119 KB
Image
General
Full URL
https://afuncan.com/games/christmas-match3/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dded15ca447bd40a8bc2abdd9baeb0c5b56af185080a911ca3fa68bec3a6ac1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:38:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"1da2c-5f8f31a44a140"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M50tF8wbJ929SZiv8LUhDkQcUXrgzaG186AelBXLORKFb%2BfjVPyP4s4Svs4LqP8kvxx1PO8HI8Tqpm0xz39cTFZTJ8mB9i%2BN7G9O56IqeahXrygRMQDb4qJMB1QDrN7OTTsQbwpNhrMFdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e6bda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
121388
thumb_2.png
afuncan.com/games/speed-racer/
130 KB
130 KB
Image
General
Full URL
https://afuncan.com/games/speed-racer/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abba82e29b6e78c6f283f71ab3a234bcb909f7fd76963eadcdb9e54a49ed7a3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:34:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"207f6-5f8f30d557900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OXpv3b%2BOIONzoD2EEIw%2BHC%2FSXrYPJkKi7fJcG0gC5QLbKLdo%2FLxzi%2F42DkNbunbacSMtM90cT5siTJi3kMkbx%2B3v%2F29CETqQgUz0Re4vcA%2BqbR693IP9D8SWY5VGJAGuBXmF%2FEp7MSQCFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e6eda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
133110
thumb_2.png
afuncan.com/games/christmas-panda-run/
84 KB
84 KB
Image
General
Full URL
https://afuncan.com/games/christmas-panda-run/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426f810b32330288c8c649a66a026cf8050ce0458449b81ea1b54066c2d75107

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:32:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"14ec6-5f8f305775000"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6t1zlkazkkClYw0t8QH9TCitX3dqWwbVId6oCUpS5PajuS%2BsJz8%2BPD%2Bp8mC0mOPpORwATrZQwn7t01LnEcBPobstLn%2B7FGZQYT%2FbFgST1jpRQ9SzAfTffvaoEA6KVOR9iDZ3PKrmP1uTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e6fda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
85702
thumb_2.png
afuncan.com/games/zombie-shooter/
114 KB
114 KB
Image
General
Full URL
https://afuncan.com/games/zombie-shooter/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82b4183ba95eae0e58d96050bfdde26fb890e80992bdaf6159c71242ab5d6f8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:29:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1c6f6-5f8f2fabcbb00"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JVwA9iWiG%2BxQy%2B83%2FU%2FJaRoyvR0lq9%2B7Fd0Xtt2J4zcDxuyHLtBQ4AraxjW88IcQvLBdqrTPzJ41iwK1JeJEEvfc6Z4sEglSjMIiYYOY7D54fUHIPo9gxig8lbGH8Xp%2FtxWQHuRAubvraw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e71da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
116470
thumb_2.png
afuncan.com/games/shoot-robbers/
84 KB
84 KB
Image
General
Full URL
https://afuncan.com/games/shoot-robbers/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e75f011e0487a6a5addd4a4beeca84080fbcc2a18ccced630ea06f0d66bfb7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:26:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"14f09-5f8f2f020aa80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PWvxu2ss2huZDwH2phTw3IB3Mw9qouv%2FOntqQsJCcPm5bBS68V8VKetrL%2F%2BrpCqacCUtv3Q%2FBmhdp6FmstZzsJ%2FNQlL8A7warBzFIkea1l6X%2FBJwpRY10aU5EQ2QizZtVh5I7K8OOEb9bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e72da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
85769
star-5.png
afuncan.com/content/themes/dark-grid/images/
750 B
1 KB
Image
General
Full URL
https://afuncan.com/content/themes/dark-grid/images/star-5.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eb844a3f703f015f2496f3b57460617fac4260402052c651022d1bc4fa0146b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
"2ee-5f8baff74bf40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BdrGs90Z99eMJe5oVS2Zcj0HIGF%2BrQJZ360wMzC4Q2zRWpbhrNSZXHkBF7yJzG5JoUbe%2FTw96%2FwZsye2zsjQUaSgSBITbtoqFnZPe7Mmz%2FcSOxpcdhZTeAIbUwNFC%2B2SNW4eQ4biDAxvBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e73da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
750
thumb_2.png
afuncan.com/games/jelly/
116 KB
116 KB
Image
General
Full URL
https://afuncan.com/games/jelly/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb665f65ed07c389f6d284996721947640d422a974ce4eed9c5a93841819e8a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:23:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5113
etag
"1d004-5f8f2e74e5d80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnv8tC2n%2BJK2Kn90LQrHjhcuZ%2FNfGiG3A48yJJCEIy9ymJZLVu3Ev1Y4xaJi9Bcl6W2SKDZWuTGx9RFqZfjkCzIy3pFG0Rg4JBnDf7NaIr38fbrbFCZjS9jmAdSfrHiJQ3S4s6y2uNTzgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e75da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
118788
thumb_2.png
afuncan.com/games/candy-super-lines/
157 KB
158 KB
Image
General
Full URL
https://afuncan.com/games/candy-super-lines/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16098ac8b6489bd5bb2c11ebd8b250055d72a18e89958963816bac00b2e83b8c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:20:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"2751c-5f8f2db441700"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdVxjA1mEmS1jlyItKWkP0G%2B6rHgQzkw3ArcC9UIKfg3bsrjtKnD6s8MboLuMd1pXzCMnFY327%2BFWh4o5UDZaOq%2BN524E0maznt%2FyI%2FEgg6NHJNcB32BhS69onGPMDVE%2BF4ufZ9rFhkdvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e7eda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
161052
thumb_2.png
afuncan.com/games/girl-dress-up/
101 KB
101 KB
Image
General
Full URL
https://afuncan.com/games/girl-dress-up/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b90e3bb0c482850ccd57215d4d6031b2ec45131a6feb8423fa0517cb3889eaba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:17:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1927d-5f8f2d1ab6cc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKVck3yVJu%2B0TqNvKAP%2FM5mJzlel2hibiQA2mqcHGNKFn0LSxR7kihGUO%2Bojt8rXgwUPzKIADpihEixL8MAQTpmh16%2Blec%2Blb7JEE%2BeP%2BXdJ9KoVcWG83rhKA87YKnPsNQvN9mzmzTug5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e80da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
103037
thumb_2.png
afuncan.com/games/traffic/
95 KB
95 KB
Image
General
Full URL
https://afuncan.com/games/traffic/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9ebdc839c81f9b23a5b0933d968f8ae93511bb8fe4c827adee62e84c633a08

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:15:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"17a08-5f8f2c8408940"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgaBdWaSqznCUU2EsXZAN6dV3BIz27v6kXx661jjQhvu7%2FQeHdZs8f8MbRj5LL4GRLAvWgAtedE04sVove%2B5s9qwUfAWR4rggURsurOZrEN%2BluDy31qmcUSAIJyFv57xY1vCMyaetzNjDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e83da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
96776
thumb_2.png
afuncan.com/games/duck-shooter/
104 KB
105 KB
Image
General
Full URL
https://afuncan.com/games/duck-shooter/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6977810078bd25d2cd28e06726aa4b946c92fd92c3416cfe2251693c75a78fe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:12:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1a1a4-5f8f2be5b93c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAUvC2VdzF8nvYHbSswA%2FQl%2BBLD7Gq66GPL0YwVjKnmvY%2FcwvBvITqs%2BBXb3kFTZYrOYf%2B2i5O0i2%2FSCOlqQAkPP94vKkgwTS2BPy2MEMh7iAhgPYqhhScp4kURgx9ZWYWK45PJvatXU%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e84da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
106916
thumb_2.png
afuncan.com/games/super-cowboy-run/
126 KB
127 KB
Image
General
Full URL
https://afuncan.com/games/super-cowboy-run/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7da6d2b3a6c4cb334831292e8d263012e6fde5342af7b4a6cc233947ba394b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:09:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"1f92b-5f8f2b58946c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q9%2FlSh%2BHHuxS7sQhgSHrYZQwOJOqJc0COYHCOfvB3bmM59ntMUApi0G1ZgrmvecREjK%2FqqjYD4Tia6VfrgK0nEa3XLF4NtXgxaREnVBM0fZs9ScuXJOtkyTNGEs80fp4o51wrG%2FhonBI3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e86da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
129323
thumb_2.png
afuncan.com/games/space-purge/
134 KB
135 KB
Image
General
Full URL
https://afuncan.com/games/space-purge/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
810d45f4b12fe22bf3c8ea323b2c50e590520b7e063c92cf683902c334bab22a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:07:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"218b7-5f8f2ac987540"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M606TOFBlSsb8Z9MjnEJsxnvLtnLeM%2B05ZNhm7aTR7scB4bZ1HDmeEdlIR2hm8xB6lQGrOnBOEEClUCI7uZzjQqWkHBE6Ed5vwQzkG4npbhVMmFMXBf5itOYfAeo0MWBMWmKZ7Ey01ijWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e88da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
137399
thumb_2.png
afuncan.com/games/crazy-runner/
60 KB
61 KB
Image
General
Full URL
https://afuncan.com/games/crazy-runner/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e48491e749f4076b329ba91a01b7abd2eee55b3a7b136ebfdefcdad44782cdeb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:05:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5113
etag
"f067-5f8f2a49bc7c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dPB3g5RCXLQvTgKlrl0yZQeBDU6cnIvpnw9xxmVWsffP5a6D2BF9gYFFC7kdWNpfE8CN%2FA0qhPvvKsA6mf0qFihKLylf6XOlsmhKsdPP5FPRiM%2F1Pgurv7ZjDa7%2F79HpjmBr6V3QqCSk3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e8bda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
61543
thumb_2.png
afuncan.com/games/fishing-frenzy/
63 KB
64 KB
Image
General
Full URL
https://afuncan.com/games/fishing-frenzy/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2782934bd555759c91a70f92ee9d3b5f210e18d53f31a2e4b2bc37ce6bd4b4a2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 03:01:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"fc30-5f8f2979d5d40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGR3fCfboTvbOYTrBuheDlPkeKdyzopQYwlSW7vGrgFyhjc9Z12aEYam1cYToTL15NReT3sTCpRt4Wkcz79p6p8FAa35ljAGwlAgBgmGJU2gUGKnCvpLoO84duogPxsJ9QGfNTi1M4C9Qw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e8cda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
64560
thumb_2.png
afuncan.com/games/tank-defender/
67 KB
67 KB
Image
General
Full URL
https://afuncan.com/games/tank-defender/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9f231ba7c8ea732cc866931449f4ea709fade9570de17bd0aa08f4a5894bd43

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:59:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"10b15-5f8f28f269dc0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER1hb%2Bbkr5x2wFHPxjUTDNJ42kL2nik3F0DGmltVATh3eXt8sopydNtel7pHGzCPM1k9oYtvPow1VTQLE2sdqgRcZJR5lzgOmj%2Bde2B51zVtJDZSzzqFS32GhlZPMUsHkkJsK2fO3RJLdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e8dda73-MIA
alt-svc
h3=":443"; ma=86400
content-length
68373
thumb_2.png
afuncan.com/games/brick-out/
80 KB
81 KB
Image
General
Full URL
https://afuncan.com/games/brick-out/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c0b65210d85ffb41bc62809f949e1884b80c10eceb48becc71cb76a25c01856

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:35:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"140fc-5f8f23a4619c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1JIV38cN3lEV7IpmON289nV7QPhp23PcmFSW52eD6E7MHSj%2FGI9JmbMqSz%2BS4IRWt34HwVMx%2FUEo6UhvC9V7IkNJV5v72wDbHG7QEfX6%2FNorFTQAY3oagcErKpiYwroN7bi3vqlAVMTK1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e90da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
82172
thumb_2.png
afuncan.com/games/gold-miner/
70 KB
71 KB
Image
General
Full URL
https://afuncan.com/games/gold-miner/thumb_2.png
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06cc39356cad09783973f5c9c42bc0f5805246739c47d48280ca4e639354059

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
cf-cache-status
HIT
last-modified
Mon, 10 Apr 2023 02:22:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1962
etag
"119d6-5f8f20b8b35c0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qV2wuol1WZ3F2uR6v69qYtCsiziNqIyViu%2BzILtn8pSSbpoQe6NcmMyU1WDdqCO1mEpZOBfStjnZwUBxPTJcRI7u0owiC0uH1N6sWBKDioQ5DdkR9D7zMN6b7v508kvNe7yrjP2b8ZgQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8446557c0e91da73-MIA
alt-svc
h3=":443"; ma=86400
content-length
72150
jquery-3.3.1.min.js
afuncan.com/content/themes/dark-grid/js/
85 KB
31 KB
Script
General
Full URL
https://afuncan.com/content/themes/dark-grid/js/jquery-3.3.1.min.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3491
etag
W/"1538f-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ftvz5PHHcErV3ndIojIAJT6egz6UzXQWNzHbyxXVbCqvwgLBrhmYsf733xJHYzSQhLdhrBPc7LcaLERXy%2FtMkvCL03OibawNZ51kSA%2FWU%2B%2FJzaA2f8oLyJlXqlQzcC9BZUFeahMlvtJVaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8446557bedf4da73-MIA
alt-svc
h3=":443"; ma=86400
bootstrap.min.js
afuncan.com/content/themes/dark-grid/js/
59 KB
16 KB
Script
General
Full URL
https://afuncan.com/content/themes/dark-grid/js/bootstrap.min.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
W/"ea8c-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80sRF68ZNs0%2B8pOD0wnV00Rwb%2F8S2V7%2BeY2%2FEPgToWj%2FIkvkxelKq1h3U9aOpulbGQLT1Xeu43RKmKqoITOVxCic0UUiqlznHEkAzKfawurYRtuV44OQdIOU%2FQxik6tKgXlbBS3yKcKdow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8446557c0e20da73-MIA
alt-svc
h3=":443"; ma=86400
jquery-comments.min.js
afuncan.com/js/
42 KB
13 KB
Script
General
Full URL
https://afuncan.com/js/jquery-comments.min.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cf9a2453a9a0c7288483d1954ff40b56d61c42fc18f2446f7dab0452f0827a8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
W/"a791-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BG6cUWDidfZNzmGKkSPiUzRy%2FyArVChmaoCpIhFRwWzu1b0zeoStLCuen%2BaAbAdRN4KxZPyk1IhO3uNxZouSNl93y09YDNRArViK0saqeMmt01wzZrYE7ng6CEl5JQBHPXqfdfb5tS4Mqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8446557c0e22da73-MIA
alt-svc
h3=":443"; ma=86400
script.js
afuncan.com/content/themes/dark-grid/js/
8 KB
3 KB
Script
General
Full URL
https://afuncan.com/content/themes/dark-grid/js/script.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b19e74321954fb4837aff610c0355c18dce18393b2a0b042cd358d4db9b895

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3491
etag
W/"2048-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlsU8WRq6I1eLzEAc7ZKd6YzVygkE03KxgvbD2w%2BAnz8oUFSBe3EpcDcx438VEhv8Su25WHRfN5kjU0Iuj0kUNEDJeR8Ali16RV%2FDfc8zo3dc3SI24g1qxw2E%2Bdo04Trfl9Mq4WsOO3GLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8446557c0e25da73-MIA
alt-svc
h3=":443"; ma=86400
custom.js
afuncan.com/content/themes/dark-grid/js/
77 B
536 B
Script
General
Full URL
https://afuncan.com/content/themes/dark-grid/js/custom.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3e66f02c6cb7bc3e1476882786e21b1cf0adb68d539d88022836668a4003719

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
W/"4d-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXUAIaVwY2o989bKTrOP5azndkArPWkbwAQLfy0sWH7KYxd2VSofYhY5w%2BHZOSALS7xpt2Tay94YF44CRG4ErvyIyfEyLiw%2BUjjLCKAbgktPbJ%2BLKzApQ6mTfulMzebt7I2t4bn8UmALvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8446557c0e29da73-MIA
alt-svc
h3=":443"; ma=86400
stats.js
afuncan.com/js/
44 KB
11 KB
Script
General
Full URL
https://afuncan.com/js/stats.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe76ece3b2947a83db374e7487cdd4d9956da8af86aaa497e88b9da8c8c4858

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Apr 2023 08:41:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3265
etag
W/"b1cb-5f8baff74bf40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r6N3apbiq7pFJ%2Bf%2BxmPpYzeulov1IX57LOYL3EstKSeddeGlXBV7m1LgcuTxkfEo%2FZgJOxm7IFGJAx21PPREg4pZSvz%2F530XnnfPEX%2B2gF0yVLeLsppVfxCYNR278zy1siiaBry7dRKySA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8446557c0e2dda73-MIA
alt-svc
h3=":443"; ma=86400
js-sdk-pro.min.js
sdk.51.la/
34 KB
13 KB
Script
General
Full URL
https://sdk.51.la/js-sdk-pro.min.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
openresty /
Resource Hash
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 15:11:48 GMT
Content-Encoding
gzip
Server
openresty
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
invoke.js
washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/
0
0
Script
General
Full URL
https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jan 2024 15:11:47 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://afuncan.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:11:27 GMT
x-content-type-options
nosniff
age
183619
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 12:11:27 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://afuncan.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 07:51:30 GMT
x-content-type-options
nosniff
age
199216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 07:51:30 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://afuncan.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:46 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1410392
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPBJM5X0yo05Vjl2fsfDCKPynDXIqYo5LiLQh%2BwF%2Bm2Py%2B3zFpH1zrMmv23L2OnZASMEruerBHPx4u5W4rHaiDMGIviX8ziDFNDYUF534yccpxeL9A882509O8sA9lFp%2BWHB8pdNYMSbMznNWZ5nalAx"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8446557c4f844c33-MIA
expires
Wed, 01 Jan 2025 15:11:46 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
402 KB
136 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9060855327800154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8f5b46d4577487fe81800cdad8b25275c95abe5b4511d0c00051e20b05dfb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
139347
x-xss-protection
0
server
cafe
etag
917760300228398271
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:47 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 83DA
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html?hello=world
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9060855327800154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2057
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:37:30 GMT
etag
9219409622527106327
expires
Fri, 26 Jan 2024 14:37:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JPJFVSE5RF&gtm=45je41a0v9108437616&_p=1705072306527&gcd=11l1l1l1l1&dma=0&cid=2143167099.1705072307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705072307&sct=1&seg=0&dl=https%3A%2F%2Fafuncan.com%2F&dt=AFunCan.com%20%7C%20Play%20HTML5%20Games&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2373
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPJFVSE5RF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://afuncan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
invoke.js
washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/
0
0
Script
General
Full URL
https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jan 2024 15:11:47 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/
0
0
Script
General
Full URL
https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jan 2024 15:11:47 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/
0
0
Script
General
Full URL
https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jan 2024 15:11:47 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame C6D5
341 KB
87 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&adk=2020088507&adf=637443794&lmt=1705072307&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fafuncan.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306923&bpp=22&bdt=651&idt=436&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3357768762848&frm=20&pv=2&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=465
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d42dff69df0d3b89c933416af32dd1193ca3dd919e2074a4799505d18ff70531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
88584
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:47 GMT
expires
Fri, 12 Jan 2024 15:11:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EC26
129 KB
43 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
361e371befe9e7611ae3ab149318dd7cae164c824846a636acf45838734caa70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44184
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:47 GMT
expires
Fri, 12 Jan 2024 15:11:47 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
invoke.js
washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/
0
0
Script
General
Full URL
https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jan 2024 15:11:47 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
invoke.js
washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/
0
0
Script
General
Full URL
https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 12 Jan 2024 15:11:47 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
statistics.php
afuncan.com/includes/
0
484 B
XHR
General
Full URL
https://afuncan.com/includes/statistics.php
Requested by
Host: afuncan.com
URL: https://afuncan.com/js/stats.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://afuncan.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cZt5YoTEFYDXtu1xgnYmWqP8JJmhvegfild5b7v2J%2BC0RXjeVU8R6dIlKyyPlDEYqsDPlNsLTimKCXotntHUlJ8ju4BkxYoZylrG%2B5J9O3gXnwOEF%2BpeouwM%2F%2BjnkV0iAYX0mWovrBgyiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
84465582eb8dda73-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 19 Nov 1981 08:52:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6/
90 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6/jquery.min.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 11:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
272079
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32222
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 11:37:08 GMT
main.js
afuncan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame A2F0
Redirect Chain
  • https://afuncan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://afuncan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
7 KB
4 KB
Script
General
Full URL
https://afuncan.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da96de009126fd5a56f345d89b80f23f18eda8a350fbb76fe930856abe101bd2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1tO3rJ0sbROtEI%2BBXZ1uoYZSBkmI539LXCV8gajI16VoHjN%2FzGc9xUKc2sIuC%2B2IERB0pl6z89zVXlLhnNIEEbP9PG9S7RUUKHhQ5anii55uREzcH1MVtjOjg0FtGDSByhjEfgsvBXO%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
844655837cb7da73-MIA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 12 Jan 2024 15:11:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b0teNeWZt67OBnQgZH2hO0Prly5tG9ntQpsSQkFCFRquwVH7hIPhLkT705SLWw%2BEPnAkeSPjf63fBHJG82vEDVYb9t5jPceR2mLfeFeBC2t3z%2BxbJZzM6Y3JnKlNEL1s4Ti%2FBqfnUh%2Fz8A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control
max-age=300, public
cf-ray
844655833c29da73-MIA
alt-svc
h3=":443"; ma=86400
844655784ce0d9c9
afuncan.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame A2F0
0
555 B
XHR
General
Full URL
https://afuncan.com/cdn-cgi/challenge-platform/h/b/jsd/r/844655784ce0d9c9
Requested by
Host: afuncan.com
URL: https://afuncan.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:a37a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 12 Jan 2024 15:11:47 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h30yaTjjtJW1fYI7F8llv%2FRQn4v5r0YalCYwH8wXa%2FYXAyxMgWESGCt%2BMhdXpX93v5MM19zndowzNtOysUiBPnSwLp33W6M%2F7RDcojdStfdqbFg%2BsOnHEgLwOE6fFxsVVzAjCI0y3YWsAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
844655849e96da73-MIA
alt-svc
h3=":443"; ma=86400
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame EC26
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 08:20:03 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame EC26
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:06:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 09:06:44 GMT
css
fonts.googleapis.com/ Frame EC26
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:25:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame EC26
2 KB
903 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame EC26
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
8674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 12:47:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame EC26
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
75667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame EC26
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
22804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:51:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame EC26
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:48 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame EC26
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 16:46:29 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/
162 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21ead2f2915567465b08675db3d84a6ba3d730d30ae07fbd1a1cd840b1fe097e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56392
x-xss-protection
0
server
cafe
etag
12537420654523086292
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:48 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 693D
130 KB
44 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d842dfde234b7ce5609585f900c8648e6bfec372828d5c93eb2b0bcb4bae44d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
45160
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:48 GMT
expires
Fri, 12 Jan 2024 15:11:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6776
87 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63c6fe9a580ad95eb9c9aa8549816bbf940a17a4bac608c1bb49a45bf7cfa001
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
29061
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:48 GMT
expires
Fri, 12 Jan 2024 15:11:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8B6D
718 B
385 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=723392857&adf=523434623&pi=t.aa~a.1182920990~rp.3&w=1200&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=1&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=4152&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=16
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a89d503c5505858f14cf25c667834b2ef5dcf6c58b97cbf56457ad1b3fe11580
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
360
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:48 GMT
expires
Fri, 12 Jan 2024 15:11:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 1B1A
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
57749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 23:09:19 GMT
etag
9219409622527106327
expires
Thu, 25 Jan 2024 23:09:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame 8892
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
57749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4173
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 23:09:19 GMT
etag
9219409622527106327
expires
Thu, 25 Jan 2024 23:09:19 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 1B1A
4 KB
671 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:27:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:48 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1B1A
205 B
296 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 12:05:34 GMT
x-content-type-options
nosniff
age
183974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Jan 2025 12:05:34 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1B1A
604 B
920 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:02:25 GMT
x-content-type-options
nosniff
age
194963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 09 Jan 2025 09:02:25 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 1B1A
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
73097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
11129212757755515379
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:53:31 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 1B1A
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
73097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9422
x-xss-protection
0
server
cafe
etag
10624764489894593518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:53:31 GMT
3132494397401179855
tpc.googlesyndication.com/simgad/ Frame EC26
2 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3132494397401179855?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27e38ae60f547b7fa51fbebcea6f4d03bad259f6887cdd8fa16056f6802d4c05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Fri, 10 Jan 2025 22:02:36 GMT
date
Thu, 11 Jan 2024 22:02:36 GMT
x-content-type-options
nosniff
age
61752
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2282
x-xss-protection
0
last-modified
Tue, 26 Dec 2023 13:12:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
pixel
googleads.g.doubleclick.net/xbbe/ Frame 6D19
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvy9QIQ8YXb8wEYwPjV2wEwAQ&v=APEucNVLJi2qP3h8L_8eHNW7Wv5Cf5px4fB79QvlQC1vpixXYtB0YEeohABWKaRDygPgHeN62YUcMgktQtwx9wwVyaIuKYU7fg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:48 GMT
expires
Fri, 12 Jan 2024 15:11:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 8892
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:56:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
22502
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:56:46 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 8892
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:07:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
11067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 12:07:21 GMT
view
ad.doubleclick.net/pcs/ Frame 8892
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvH4S2F7Zy0OGfWuG04WHONeo2et-dik5drx4c1j7E0f04wF2wXObfQGqCTyo9GfUlgiOzZkaAuAulPoRoi9BX9PB8X-Wxw0EOjAk2L0WGFMWoFp7IEz03HEWykFR252RqC-F5LDXiDImUl4T1HwqJ34bA9TdfOLu69aULhT4uKk3YzedH5OhfMkJOby5aMBm5Pr2zw3S09RG0OhKjZauZUr6koCaHW_CBoiayKTtKil3HoA2To_gJQ9q23HSb54rbJfjutKEngQ2B3CgnoeYvyg8minx0Kf5HVBf_7L3yM63fJOU_uC3602Cyy8cxJPnZvT9UHU_ak15UjKvgWauQt92bDGdyoQwvSKbrBH1TGTZHfWDwMVTK48seQKyi_rYUG3uLyTTWqLjKr6eTdu7tIZKc2bZNr6B3oHCBEMx08ZljOIngd8qlACDwVENiH0JxculY1HdEA5fcbwxUJlF4_89zhMOfYILYe6duOglbhpGDdcuL-j4XEymFjPR_RRA_Y-McWlHughsaMKDqSoY_iYVxVPfQqu9rf4uTIk7VsvI-4d2pltFl-Zwq-J_U6QlCVDXcfTw_DyB08YnSsZkbCymLiRN43xH122ywY-j6m-1EE62vLYaiCLeYNicbZa_y0WdIPErMtsF2Rbz6DrHQ0IzZdXCoL8A_ebl7mdQ7VrxB25yBcwneawHlmpS8rIk-R5Zu6fhOKmNzWXd_zfYxjrrXmIhjTQESe52lFN05MGXVV25vVQ_eOmJ8IRXc_ElDTIMr0vtmEn8QQnPrdq943dLA_RpDKzxqgVwOojuq_LZDKg3X0hU7UYeMG0e7S-_GHS3FNe7BqiuBlHrkuIrHBHbVPA4LvXyyMmmmLW1TLLSsi1jS-TudUS77Xpo3kquSvccQxnQx_IBd3VqNhK_UaSXt5EgIPAzc99NYbaOUBnSP4UbecVIsKG6F9c9AtOmvhR3dIvp2M8Kq266kAyOZgT52rWHgz3ZmsOqXBa8XpP9ZH5LdjD7cqS_vRsqHrx9ivrA1-pGy3ljadfF43QNPNSGBnx-zLcXXIfe6GIZEcIVtVGvPHHnGXkkDdw6UjBGTlGCKPeoK3_vTUuIoM1_R6Ww-tJTSWNmxENdY6_-GzNYgdgM5CZFHa_iUQqgkVvnlVTrKOtVgdUbWo1foT8JQqh_FmPczDzbWIj0PQuilWp3oFmJH121rrtnhw_aWqP9oQ9SG_CCSoRmSM-68TxpQseNxp3GlWdKcnjUObru8XHr0nCMM&sai=AMfl-YQ4kfFrpQ0ZvxvctSONgRYOE97m1lz0uIAw1_l8uvxQ9JbnJyWMa5euJnC9qNLXQAz8DZQHjOID42a2iGc9UtusIAZpAYFs3FfdlkMwGA8XFRhHlTMiHlTi9VFfWAmlauAKAs0Yzf6E9GZhLWwxdsmYXHrldP-aLTFW4Z8Ce5JfkGXiME1IpmjpnDlQTmi6qrMrHxCFJPi709co1GFCtQbIaXGx7DHsirW7ijEWkOv4iHTuYY0mhXI2I7RAS6Xg2tBPkot9SR_MIxiOL-AnA5rsiYNIfNUzVaACgCXeq2LLOEI3j62f4NJ1hixTcvOLAHWhPMKZ-jqVcFXT0VeaVqDoH6qvjKJDzGIF_qdpNQ0TDQONSq-6oLfXG4DcYsTOdd82_wrYFje017ezfpZNL6QeYQL8t7CXWPecu39nYcnV6xbF6fhShcvDK7CNP_B_RxId_L0W6HHS3U-0cHWmaioysrEeKjORk5x98J9D0utHnD8haruvtZ8gldVov6TqYuDEPzui6RZlXw&sig=Cg0ArKJSzPJTp1i3pKSIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWVzYXJzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=3&cbvp=1&cstd=0&cisv=r20240108.46683&arae=0&ftch=1&adurl=
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 15:11:48 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
cache-control
private
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:48 GMT
tfav_adl_143.js
am.adlooxtracking.com/ads/js/ Frame 8892
75 KB
26 KB
Script
General
Full URL
https://am.adlooxtracking.com/ads/js/tfav_adl_143.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c1f6db7302bc668aa45c658a2c0cb00143bb5b043da4bf693b7aafb12be7900

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1479
x-guploader-uploadid
ABPtcPrwp_qdfhjMoGZzSTpNBKI6PTdvpEGHrsf3XCpXFAHv8qnvgmUEtjRuGfLJySMHmBXUOuPgjbVzqg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 28 Nov 2023 10:27:48 GMT
server
cloudflare
etag
W/"9e5ef67e131a207592f7cd1256943c90"
vary
Accept-Encoding
x-goog-generation
1701167268902912
content-type
application/javascript
x-goog-hash
crc32c=W9PuzA==, md5=nl72fhMaIHWS980SVpQ8kA==
cache-control
public, max-age=14400
x-goog-stored-content-length
76699
cf-ray
84465588af08da53-MIA
expires
Fri, 12 Jan 2024 15:47:09 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 8892
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:01:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
195002
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:01:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8892
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
75667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8892
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
22804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:51:44 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8892
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AOvbRiGbM85CfvZ-ldeLlgL7pclYCvMdP56cwfRca1u0MqV7hxQLsZXuQs4gwYQYFdM4qkJvM0hwS3Qspb7FJRNRHoLDX22_Sduu43XSxwlVEyXbg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 8892
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:48 GMT
581822870347531583
s0.2mdn.net/simgad/ Frame 8892
43 KB
44 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/581822870347531583
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2006 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bab95499883575ae39aefc7059851c0c6e5d6186ee8ec4b21ce9bf3e7e72fd9d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Sat, 11 Jan 2025 13:13:56 GMT
date
Fri, 12 Jan 2024 13:13:56 GMT
x-content-type-options
nosniff
age
7072
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44204
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 19:23:05 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame 91EA
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:23:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EC26
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78deb67ee7e306263fcf2083777c727739a96706f2f0458fabb5cab3ef7df2e0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 6D19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7B8D6usTuUHayxnm6IEyk&google_cver=1
43 B
767 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7B8D6usTuUHayxnm6IEyk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvy9QIQ8YXb8wEYwPjV2wEwAQ&v=APEucNVLJi2qP3h8L_8eHNW7Wv5Cf5px4fB79QvlQC1vpixXYtB0YEeohABWKaRDygPgHeN62YUcMgktQtwx9wwVyaIuKYU7fg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enaEmJU3NbsQVkF1P75%2Btc0rL0qvAEe2gDlb98rKWuHW%2Bu4Ld6%2BT1TUaAVEY8ms8CalCtugnoQLj31oQWxUuj7L0uA5vqo9WxfV1LEptnx7FvWK%2FqeKPl8GC8OUm3QBlYpbyB0r3lcfgmA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8446558a29ff02e8-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK7B8D6usTuUHayxnm6IEyk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6D19
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaFWtPAYz1ZoobFexL5FVgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTONTzmPG8kSq75r7yp-ts&google_cver=1
43 B
735 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTONTzmPG8kSq75r7yp-ts&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvy9QIQ8YXb8wEYwPjV2wEwAQ&v=APEucNVLJi2qP3h8L_8eHNW7Wv5Cf5px4fB79QvlQC1vpixXYtB0YEeohABWKaRDygPgHeN62YUcMgktQtwx9wwVyaIuKYU7fg
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ECKoJDpDpPRHK%2FwcAMG4FzoxTWzM7X1ClU1YI6w%2FwHxmhXyYPTSVWaFYSrwZYn9iRouS9xkUmmpQ6RNsryyWb5XoILNdgn9pP7%2BSaxGKsHw0uAih52BOveG8LmDi7BDHPFfpQHJH%2BggQ3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8446558aeac802e8-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFTONTzmPG8kSq75r7yp-ts&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 6D19
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAScdM6aB1Tr-N0DZyUS7d8&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAScdM6aB1Tr-N0DZyUS7d8%26google_cver%3D1
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAScdM6aB1Tr-N0DZyUS7d8%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvy9QIQ8YXb8wEYwPjV2wEwAQ&v=APEucNVLJi2qP3h8L_8eHNW7Wv5Cf5px4fB79QvlQC1vpixXYtB0YEeohABWKaRDygPgHeN62YUcMgktQtwx9wwVyaIuKYU7fg
Protocol
H2
Server
68.67.178.10 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
an-x-request-uuid
ebfb4fdc-8afb-4caf-ba19-f0b3943aff07
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.68; 38.132.118.68; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
an-x-request-uuid
95cc880c-dbd5-4bc3-a121-c9f3db8073d2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEAScdM6aB1Tr-N0DZyUS7d8%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.68; 38.132.118.68; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6D19
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyNjc1MjQ3MzEzODA2NTA0OQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyNjc1MjQ3MzEzODA2NTA0OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvy9QIQ8YXb8wEYwPjV2wEwAQ&v=APEucNVLJi2qP3h8L_8eHNW7Wv5Cf5px4fB79QvlQC1vpixXYtB0YEeohABWKaRDygPgHeN62YUcMgktQtwx9wwVyaIuKYU7fg
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
an-x-request-uuid
e447f9d6-2758-42cc-aeab-3110c23927bb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjkyNjc1MjQ3MzEzODA2NTA0OQ%3D%3D
x-proxy-origin
38.132.118.68; 38.132.118.68; 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame EC26
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 05:00:04 GMT
x-content-type-options
nosniff
age
209504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 05:00:04 GMT
css
fonts.googleapis.com/ Frame 135D
2 KB
480 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:31:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 135D
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 135D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
8674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 12:47:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 135D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
75667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 135D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
22804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:51:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 135D
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:48 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 135D
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 16:46:29 GMT
truncated
/ Frame 8892
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
09c30fc5e245130df80b2425c3891343ca821721e77aa91a9a7c0ba0839eb586

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 1E92
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
194756
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 09:05:52 GMT
expires
Thu, 09 Jan 2025 09:05:52 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 91EA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:49 GMT
expires
Fri, 12 Jan 2024 15:11:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:48 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 6776
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
8674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 12:47:14 GMT
css
fonts.googleapis.com/ Frame 6776
8 KB
750 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:24:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:48 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 6776
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:04:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 09:04:04 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/ Frame 6776
378 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:50:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134337
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 21:46:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:50:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 6776
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
22804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:51:44 GMT
l
www.google.com/ads/measurement/ Frame 6776
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmtEdIq__8Fop15tu9UizRnkUdRAbj8aCqwZkIz4469rgtHCw8d1cX9NZs20my3pXBgSxQPUcts6lh8rmvA8B87ri3Ug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame 693D
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:20:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
197505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 08:20:03 GMT
67b2cf2770e31c0fa9735c0b8b540980.js
www.gstatic.com/mysidia/ Frame 693D
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/67b2cf2770e31c0fa9735c0b8b540980.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:51:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4763
x-xss-protection
0
last-modified
Fri, 05 Jan 2024 00:56:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 09 Apr 2024 08:51:54 GMT
css
fonts.googleapis.com/ Frame 693D
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200a Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 12 Jan 2024 13:25:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 12 Jan 2024 15:11:48 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 693D
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
75663
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 693D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 12:47:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
8674
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9276
x-xss-protection
0
server
cafe
etag
3558958386372919956
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 12:47:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 693D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 18:10:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
75667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Jan 2024 18:10:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 693D
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 08:51:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
22804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8492
x-xss-protection
0
server
cafe
etag
9878124937798820110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 26 Jan 2024 08:51:44 GMT
l
www.google.com/ads/measurement/ Frame 693D
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZ2sGDUt-uZvrWKvzKCB8g8C1lyN-hhDKVc9loOQdGB6DnHC0shexuJMqbbWMdh6HK8OjpgSO-twZrSXG1ZG-hJbXjkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 693D
205 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66227
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1704891455226136"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 12 Jan 2024 15:11:48 GMT
4cee352c918c506f58256258d534a665.js
www.gstatic.com/mysidia/ Frame 693D
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/4cee352c918c506f58256258d534a665.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 16:46:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15452
x-xss-protection
0
last-modified
Thu, 11 Jan 2024 04:29:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 10 Apr 2024 16:46:29 GMT
view
ad.doubleclick.net/pcs/ Frame 8892
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvH4S2F7Zy0OGfWuG04WHONeo2et-dik5drx4c1j7E0f04wF2wXObfQGqCTyo9GfUlgiOzZkaAuAulPoRoi9BX9PB8X-Wxw0EOjAk2L0WGFMWoFp7IEz03HEWykFR252RqC-F5LDXiDImUl4T1HwqJ34bA9TdfOLu69aULhT4uKk3YzedH5OhfMkJOby5aMBm5Pr2zw3S09RG0OhKjZauZUr6koCaHW_CBoiayKTtKil3HoA2To_gJQ9q23HSb54rbJfjutKEngQ2B3CgnoeYvyg8minx0Kf5HVBf_7L3yM63fJOU_uC3602Cyy8cxJPnZvT9UHU_ak15UjKvgWauQt92bDGdyoQwvSKbrBH1TGTZHfWDwMVTK48seQKyi_rYUG3uLyTTWqLjKr6eTdu7tIZKc2bZNr6B3oHCBEMx08ZljOIngd8qlACDwVENiH0JxculY1HdEA5fcbwxUJlF4_89zhMOfYILYe6duOglbhpGDdcuL-j4XEymFjPR_RRA_Y-McWlHughsaMKDqSoY_iYVxVPfQqu9rf4uTIk7VsvI-4d2pltFl-Zwq-J_U6QlCVDXcfTw_DyB08YnSsZkbCymLiRN43xH122ywY-j6m-1EE62vLYaiCLeYNicbZa_y0WdIPErMtsF2Rbz6DrHQ0IzZdXCoL8A_ebl7mdQ7VrxB25yBcwneawHlmpS8rIk-R5Zu6fhOKmNzWXd_zfYxjrrXmIhjTQESe52lFN05MGXVV25vVQ_eOmJ8IRXc_ElDTIMr0vtmEn8QQnPrdq943dLA_RpDKzxqgVwOojuq_LZDKg3X0hU7UYeMG0e7S-_GHS3FNe7BqiuBlHrkuIrHBHbVPA4LvXyyMmmmLW1TLLSsi1jS-TudUS77Xpo3kquSvccQxnQx_IBd3VqNhK_UaSXt5EgIPAzc99NYbaOUBnSP4UbecVIsKG6F9c9AtOmvhR3dIvp2M8Kq266kAyOZgT52rWHgz3ZmsOqXBa8XpP9ZH5LdjD7cqS_vRsqHrx9ivrA1-pGy3ljadfF43QNPNSGBnx-zLcXXIfe6GIZEcIVtVGvPHHnGXkkDdw6UjBGTlGCKPeoK3_vTUuIoM1_R6Ww-tJTSWNmxENdY6_-GzNYgdgM5CZFHa_iUQqgkVvnlVTrKOtVgdUbWo1foT8JQqh_FmPczDzbWIj0PQuilWp3oFmJH121rrtnhw_aWqP9oQ9SG_CCSoRmSM-68TxpQseNxp3GlWdKcnjUObru8XHr0nCMM&sai=AMfl-YQ4kfFrpQ0ZvxvctSONgRYOE97m1lz0uIAw1_l8uvxQ9JbnJyWMa5euJnC9qNLXQAz8DZQHjOID42a2iGc9UtusIAZpAYFs3FfdlkMwGA8XFRhHlTMiHlTi9VFfWAmlauAKAs0Yzf6E9GZhLWwxdsmYXHrldP-aLTFW4Z8Ce5JfkGXiME1IpmjpnDlQTmi6qrMrHxCFJPi709co1GFCtQbIaXGx7DHsirW7ijEWkOv4iHTuYY0mhXI2I7RAS6Xg2tBPkot9SR_MIxiOL-AnA5rsiYNIfNUzVaACgCXeq2LLOEI3j62f4NJ1hixTcvOLAHWhPMKZ-jqVcFXT0VeaVqDoH6qvjKJDzGIF_qdpNQ0TDQONSq-6oLfXG4DcYsTOdd82_wrYFje017ezfpZNL6QeYQL8t7CXWPecu39nYcnV6xbF6fhShcvDK7CNP_B_RxId_L0W6HHS3U-0cHWmaioysrEeKjORk5x98J9D0utHnD8haruvtZ8gldVov6TqYuDEPzui6RZlXw&sig=Cg0ArKJSzPJTp1i3pKSIEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYWVzYXJzLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=323&vt=11&dtpt=320&dett=2&cstd=0&cisv=r20240108.46683&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ic5.php
data00.adlooxtracking.com/ads/ Frame 8892
1 KB
931 B
XHR
General
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?tagid=9&client=caesars&ts=pg-487~1_vpw-487~728_vph-487~90_scw-487~1600_sch-487~1200_sco-487~1_sca-487~0_srx-487~0_sry-487~0_ev-457~sb.487~rp.487~rvp.487~rap.538~ss&att=0.0.728~90&visite_id=62770594454&seq=0&timezone=600&js=tfav_adl_143.js&date_regen=3c20610&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=2891872&id2=27011620&id3=353784392&id4=6177818&id5=183632943&id6=0&id11=classic&p_d=0.082&headless=webgl&fai=frame%20without%20title&iframe=1&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fafuncan.com%2F&ao=https%3A%2F%2Fafuncan.com&activetab=1&cf=1
Requested by
Host: am.adlooxtracking.com
URL: https://am.adlooxtracking.com/ads/js/tfav_adl_143.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
/ PHP/7.4.33
Resource Hash
68fe9ef2981a9b5c393517a3a9dd7159f94e295333dcba88c5bf49fdcfd838dd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:49 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-route
ads-prod-79c7777877-7czvm
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
application/json
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-allow-methods
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
access-control-allow-headers
Content-Type, X-Requested-With
expires
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 1E92
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
68325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:13:03 GMT
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame 4054
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
194632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 09:07:56 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7332583830759276723/ Frame 693D
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7332583830759276723/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f9eb65ab498b4f0205bb9ec91436a230b81c2e0e1333d97191c4eb82d9aca0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires
Thu, 09 Jan 2025 12:11:34 GMT
date
Wed, 10 Jan 2024 12:11:34 GMT
x-content-type-options
nosniff
age
183614
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2038
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 01:25:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
s
googleads.g.doubleclick.net/pagead/drt/ Frame CDD9
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
2911
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 14:23:17 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 265F
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
20480
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:30:28 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:30:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 693D
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19b52e02a3d575b6095116958c85b27c12c054f89832dc17961eeec56ff6f477

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 693D
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 05:00:04 GMT
x-content-type-options
nosniff
age
209505
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 05:00:04 GMT
pixel
cm.g.doubleclick.net/ Frame 265F
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF96dXXxDceIsSoV1H_fyp4&google_push=AXcoOmQKbxxgbM80cMahGcdtL9osgv-Y3VuqS616vTLDn1dqBRPt7zLH1R...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF96dXXxDceIsSoV1H_fyp4&google_push=AXcoOmQKbxxgbM80cMahGcdtL9osgv-Y3VuqS616vTLDn1dqBRPt7zLH1RkmIH81aHv0hJCLtubVK-YzEKcaSZ-tuVg7MYBkRJryZt5k9CJitojkJC32gKYqXDenNHLKPPWgQozPofEcnL87DqCqlGGjoHtH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760071-MIA
pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1705072309.274354,VS0,VE26
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEF96dXXxDceIsSoV1H_fyp4&google_push=AXcoOmQKbxxgbM80cMahGcdtL9osgv-Y3VuqS616vTLDn1dqBRPt7zLH1RkmIH81aHv0hJCLtubVK-YzEKcaSZ-tuVg7MYBkRJryZt5k9CJitojkJC32gKYqXDenNHLKPPWgQozPofEcnL87DqCqlGGjoHtH
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 265F
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEHwGIgh8RY1AX4OwnIJGBfI&google_cver=1&google_push=AXcoOmSTDTt-gW1fwqKO08ruLnKKEVy_tf_lv_nRPSYFYSBCK7I5HVWs9XLApDONC5NeMwVa3bXcJV-6UorLcVS5JnUvltDArm0iI...
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSTDTt-gW1fwqKO08ruLnKKEVy_tf_lv_nRPSYFYSBCK7I5HVWs9XLApDONC5NeMwVa3bXcJV-6UorLcVS5JnUvltDArm0iIv2aTVx3BTPl7j6QGRkW5qphS6ek2VI-...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSTDTt-gW1fwqKO08ruLnKKEVy_tf_lv_nRPSYFYSBCK7I5HVWs9XLApDONC5NeMwVa3bXcJV-6UorLcVS5JnUvltDArm0iIv2aTVx3BTPl7j6QGRkW5qphS6ek2VI-A4qNpDWnSEdm-xGHlC3aXQf3Fg&google_hm=Q0FFU0VId0dJZ2g4UlkxQVg0T3duSUpHQmZJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
via
1.1 72222d8db55e22489ba6bee2262121f2.cloudfront.net (CloudFront)
x-amz-cf-pop
MIA3-P4
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmSTDTt-gW1fwqKO08ruLnKKEVy_tf_lv_nRPSYFYSBCK7I5HVWs9XLApDONC5NeMwVa3bXcJV-6UorLcVS5JnUvltDArm0iIv2aTVx3BTPl7j6QGRkW5qphS6ek2VI-A4qNpDWnSEdm-xGHlC3aXQf3Fg&google_hm=Q0FFU0VId0dJZ2g4UlkxQVg0T3duSUpHQmZJ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
S9pbkvqduqkASs_9ldRhWjIYxJ2UR5oKGm07wUkvrbVYpVA-SGwwcg==
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 265F
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEGtvr8cBotEBDgyBRsxXib4&google_cver=1&google_push=AXcoOmST20yiBig3unl4qepnKO3d_EP_XezlIev6e6lBAOiCQDVInD6WFHOwLtz23TIHHSA7PkpqXeetAPALMgcUxnss70pRDR7Cdj--M...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VzltcF9rbmlCSWlxTDdEZXRWYWhaUQ%3D%3D&google_push=AXcoOmST20yiBig3unl4qepnKO3d_EP_XezlIev6e6lBAOiCQDVInD6WFHOwLtz23TIHHSA7PkpqXeetAPALM...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VzltcF9rbmlCSWlxTDdEZXRWYWhaUQ%3D%3D&google_push=AXcoOmST20yiBig3unl4qepnKO3d_EP_XezlIev6e6lBAOiCQDVInD6WFHOwLtz23TIHHSA7PkpqXeetAPALMgcUxnss70pRDR7Cdj--MOFpEZUirsgkclE4UsiLe9n4xRYqIsxj_K22vBOP3QzHucd6NuKj
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 15:11:49 GMT
server
nginx
accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=VzltcF9rbmlCSWlxTDdEZXRWYWhaUQ%3D%3D&google_push=AXcoOmST20yiBig3unl4qepnKO3d_EP_XezlIev6e6lBAOiCQDVInD6WFHOwLtz23TIHHSA7PkpqXeetAPALMgcUxnss70pRDR7Cdj--MOFpEZUirsgkclE4UsiLe9n4xRYqIsxj_K22vBOP3QzHucd6NuKj
content-type
text/html; charset=utf-8
cache-control
no-store
content-length
299
pixel
cm.g.doubleclick.net/ Frame 265F
Redirect Chain
  • https://beacon.walmart.com/etap.gif?tap=gAds&google_gid=CAESEAyTHlQzUeSovVH6gGEkyU4&google_cver=1&google_push=AXcoOmROz4cd__Y6fycAJ6SPtAzS-HSGr_uEwTHNesdREOhMWe4gQCkyYA20Qe7AIUWTsULUSCIU10MmKPqTMZz...
  • https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Zyk2OaKdbqbsT-K_Krkapw&tap=gAds&google_gid=CAESEAyTHlQzUeSovVH6gGEkyU4&google_cver=1&google_push=AXcoOmROz4cd__Y6fycAJ6SPtAzS-HSGr_uE...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Zyk2OaKdbqbsT-K_Krkapw&tap=gAds&google_gid=CAESEAyTHlQzUeSovVH6gGEkyU4&google_cver=1&google_push=AXcoOmROz4cd__Y6fycAJ6SPtAzS-HSGr_uEwTHNesdREOhMWe4gQCkyYA20Qe7AIUWTsULUSCIU10MmKPqTMZzT3roC7V7L0QnbQMo1kEgas5PpEc-gJYLhiIh8gFDR8cI1ia57Ulr-H9Tk1h0Oo5kRG-dnOw
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Via
HTTP/1.1 odnd
Date
Fri, 12 Jan 2024 15:11:49 GMT
Last-Modified
Wed, 06 Dec 2023 07:21:35 GMT
Content-Type
text/plain; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=walmart&google_hm=Zyk2OaKdbqbsT-K_Krkapw&tap=gAds&google_gid=CAESEAyTHlQzUeSovVH6gGEkyU4&google_cver=1&google_push=AXcoOmROz4cd__Y6fycAJ6SPtAzS-HSGr_uEwTHNesdREOhMWe4gQCkyYA20Qe7AIUWTsULUSCIU10MmKPqTMZzT3roC7V7L0QnbQMo1kEgas5PpEc-gJYLhiIh8gFDR8cI1ia57Ulr-H9Tk1h0Oo5kRG-dnOw
Cache-Control
no-store, no-cache, must-revalidate
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
0
X-Tb
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 265F
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEByXQbyPiFIC-_Co5iVKaPQ&google_cver=1&google_push=AXcoOmQvWUiql7UNHpagxc4bs-iW62O5SPAj8_3dQfrKWvFjp9f8KxAX842taLMiS936_A5LIrLCTDJpj7u_K46k9O1-trBGW...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876077944077&us_privacy=1---
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876077944077&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=876077944077&us_privacy=1---
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 265F
43 B
363 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQGSxkrcm581YVpL_aePIrAUpuqjvsoccm4JRvyEGtW9Hz5XMe7sYu5F2-AzZ0ruOlXKV284DQSpc7E_YRoSmqNVKYWvRgnct0FemNGKs3_NVMmF8PmhtLUpFieqtPTJkt56HGNqYUWGRTBZzrUITJ08A&google_gid=CAESEJs2kaLNM1r2UhJ1xcq8gmQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:48 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
260008
expires
Fri, 12 Jan 2024 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 265F
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESENohC6eVxsepDLXl6TkBuQg&c_param1=AXcoOmQrJs-jNLEXNd8E8GRk-aTGlwocY8ruPjcnjutgjvr0DMNq3VyDucXLnQ33l-aV8bcwLx6rA4zb7Bh_TWVCIJH6YIfoFuTkg9Rhj2rVxaKsP7R...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQrJs-jNLEXNd8E8GRk-aTGlwocY8ruPjcnjutgjvr0DMNq3VyDucXLnQ33l-aV8bcwLx6rA4zb7Bh_TWVCIJH6YIfoFuTkg9Rhj2rVxaKsP7R14hQF9L8ANobcDASkp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQrJs-jNLEXNd8E8GRk-aTGlwocY8ruPjcnjutgjvr0DMNq3VyDucXLnQ33l-aV8bcwLx6rA4zb7Bh_TWVCIJH6YIfoFuTkg9Rhj2rVxaKsP7R14hQF9L8ANobcDASkp5jG0G6WpehUvZWgh8OKa3VPdQ
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmQrJs-jNLEXNd8E8GRk-aTGlwocY8ruPjcnjutgjvr0DMNq3VyDucXLnQ33l-aV8bcwLx6rA4zb7Bh_TWVCIJH6YIfoFuTkg9Rhj2rVxaKsP7R14hQF9L8ANobcDASkp5jG0G6WpehUvZWgh8OKa3VPdQ
date
Fri, 12 Jan 2024 15:11:49 GMT
server
nginx/1.23.2
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 265F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LKAmGZJtZltNkbcHknxB7lSwQOMknJK8vXyO0qfhrNrRL6TImNLXAJ8zA8kQv8fsCJfozj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
/
www.googleadservices.com/pagead/ar-adview/ Frame EC26
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CjJsss1ahZbL_HfOOur8PhLGJkAOH36mDdbvLhoWoErCQHxABILLCpCVgyYaAgNyjxBCgAf3z2N0oyAEBqAMByAPLBKoEvQFP0KCN8d4UOjLOQbuPlIwUMhYaRMtkhz3S6am2DwseYnQF9uB...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2206f81fcb9198330000000000000000%22,%222%22:%220x245faec13be4433a0000000000000000%22,%223%22:%220x102646...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2206f81fcb9198330000000000000000%22,%222%22:%220x245faec13be4433a0000000000000000%22,%223%22:%220x10264687308894ff0000000000000000%22,%224%22:%220xb9cc1fec7735c2b20000000000000000%22,%225%22:%220xc2c119d4d10f633c0000000000000000%22},%22debug_key%22:%2218443523003357781447%22,%22debug_reporting%22:true,%22destination%22:%22https://overwolf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210933910013%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221123693984398318881%22}&andc=true
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2206f81fcb9198330000000000000000","2":"0x245faec13be4433a0000000000000000","3":"0x10264687308894ff0000000000000000","4":"0xb9cc1fec7735c2b20000000000000000","5":"0xc2c119d4d10f633c0000000000000000"},"debug_key":"18443523003357781447","debug_reporting":true,"destination":"https://overwolf.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10933910013"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"1123693984398318881"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 15:11:49 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2206f81fcb9198330000000000000000","2":"0x245faec13be4433a0000000000000000","3":"0x10264687308894ff0000000000000000","4":"0xb9cc1fec7735c2b20000000000000000","5":"0xc2c119d4d10f633c0000000000000000"},"debug_key":"18443523003357781447","debug_reporting":true,"destination":"https://overwolf.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10933910013"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"1123693984398318881"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame CDD9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:49 GMT
expires
Fri, 12 Jan 2024 15:11:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:49 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame 236F
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1133902977&adf=2479251205&pi=t.aa~a.1043414356~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705072307&rafmt=1&to=qs&pwprc=8417967905&format=1200x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072306945&bpp=2&bdt=673&idt=453&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=70&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=456
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
194633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 09:07:56 GMT
collect
collect-v6.51.la/v6/
0
511 B
XHR
General
Full URL
https://collect-v6.51.la/v6/collect?dt=4
Requested by
Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.86.226 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://afuncan.com
Date
Fri, 12 Jan 2024 15:11:50 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
csi
csi.gstatic.com/ Frame 6776
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lras11wr&c=1860761481926&slotId=930380740963&qqid=CPKHhaqR2IMDFa-O7gEdIS0AgA&fb=outstream-lima&sei=44752538%2C44807614%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6776
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:41:38 GMT
x-content-type-options
nosniff
age
243011
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 19:41:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6776
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 08:15:11 GMT
x-content-type-options
nosniff
age
197798
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 09 Jan 2025 08:15:11 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6776
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CeVShtFahZfLdFK-dur8PodqAgAjAnfHqdPqUhpe_Es_igtr6QRABILLCpCVgyYaAgNyjxBCgAfzytK8pyAEFqAMByAObBKoE6QFP0AkSrn04zM75ima7mJIMb_jzOX3HirXgHCbyKhd2nmX_LSlF55LW1mDc0VGbaEzg2zNOsOokJfa9ck5xjNSu9yyn4eZZSuSthWCaPT4I_kmYY1hokmzW_CfRQhBmNtUL7qy6d-mUOTkJREMvr_bZbMxsZXA4nATUKpD-zP7JxHe7hJvJ9bovbDW6MVOnnmg4WyPRY4IATF02YH1HHA1-XLkqzTXdrwvQ3dsu9vLC0cYsGtBZn_bf6CyN2J0TBHNjGpohW1VX0JUybvz3dhcljuXgIhotm9QlqKIqe5O7M4STHqj_mHnkAsAE3aqBnsgE4AQDiAW8tJzcTZAGAaAGToAH_KqFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj6wYKqkdiDA4AKAZgLAcgLAYAMAaoNAlVTsBPz0pkWyBPs1ojkA9gTCogUA9gUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1705072309277&ai=CeVShtFahZfLdFK-dur8PodqAgAjAnfHqdPqUhpe_Es_igtr6QRABILLCpCVgyYaAgNyjxBCgAfzytK8pyAEFqAMByAObBKoE6QFP0AkSrn04zM75ima7mJIMb_jzOX3HirXgHCbyKhd2nmX_LSlF55LW1mDc0VGbaEzg2zNOsOokJfa9ck5xjNSu9yyn4eZZSuSthWCaPT4I_kmYY1hokmzW_CfRQhBmNtUL7qy6d-mUOTkJREMvr_bZbMxsZXA4nATUKpD-zP7JxHe7hJvJ9bovbDW6MVOnnmg4WyPRY4IATF02YH1HHA1-XLkqzTXdrwvQ3dsu9vLC0cYsGtBZn_bf6CyN2J0TBHNjGpohW1VX0JUybvz3dhcljuXgIhotm9QlqKIqe5O7M4STHqj_mHnkAsAE3aqBnsgE4AQDiAW8tJzcTZAGAaAGToAH_KqFjwSoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj6wYKqkdiDA4AKAZgLAcgLAYAMAaoNAlVTsBPz0pkWyBPs1ojkA9gTCogUA9gUAdAVAfgWAYAXAegXBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6776
0
225 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lras11y6&c=1860761481926&slotId=930380740963&qqid=CPKHhaqR2IMDFa-O7gEdIS0AgA&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.t9&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 6776
32 KB
18 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-APRfwTi3rhLAzWu4u4It9bbqnDpAIThVtQA4Cg60D-v6EfjbvLL-8td2cbZAI3-gilnvPvF3p5WUGgFLiLD6F096u7cQ&cry=1&dbm_d=AKAmf-CY7IGCYCQ_XpxRiJDzC3_0I1t_bDGPjccRsFj1ToqcICyutQb-bESh8MOGKIHQbIV-SDCXglzyOn1pZ9RMk2ijr2ELbxXV6qPvZc1EXZAa03gNBbl5sGWStbZVbqWv8D9miWJOu4-jos2G7gOkbdQMaxnTiQ3Kuo_L8e_oILzg4g6nL1PCQhTK_8bKy71D8SbVn9glgifE3lwHm4bnh09sAOwyltScb6te_cqh_LK74MFQQ4eOu8kVQ_Y1q3jQNT8zpBGjRUvfhSqtjSgyiKyBwViKNR-WZOjXJl7qrZ3oSHFgkzB71aRtGzvsjHO1AIGOUoFYzyEWJ64jXvc9Q754okruspJKndZ975bTpXVeV492lG64ft1VXtx29XeiSUJE6adjcrJZGkveXj_zO3sXn_on0GrVt0tEK0J15BXPuFywQiprfMBOU4Bd3sB31Hm-WgB0zVZGHyIAgvUN49gnann2EDML2jH9YBw366EilIo4gG4wlV9D0R77miNnBU0HzJY2mRi5Wc2_gCNYoSzSj_n6tCd1eYDwpJr4RqE3mPpSc2KmaJ7NNvdbCw_tMleNUbQAVF7Fp1y4GLBuWIA_vrAbyKoGrO4BGEyED3TfuTP3gVEvnNN2H6L-DQaIUgfniD0YT6V8Uw3QOz4yEHXbH47F1nxo5DJYgCw_uQA42y_5pwmvhfsQ2JzX8lDEqW4YVNSRt9Kctt-yoNccBzfnr5g_IL2YlqBuBSxZDQs6QgrWt-A2zxWLvVnpfL8rIwqiZwnNwg3SY_0m6_aLOOLnk72bd3TzQUrYy8kWHBOzf6o4d7FUq3-KjHTpMnfQuFs55ngT5BknrU56c0CB3rOsSTnP2Q4DjkpeAl8uysn-gfOLShcCp0n1MZj8Tr-3l7aXfX1jsu8nb1-PckE1b82nnwc0o07j6ABOdFftUvEowUtGLTGwlfRZ1uDVXCZLvT-7DoYaAvr7IkAwQdbcTHkKCHdyTZ0MpjBwa4yRK99D56Q1jWVCsr6v1mp8IKrBTpWi0cxjGYjs8_dwT9jw3HcdaGm28qBbfqAiFcjywEb0YWGG2_Ifz0vIfrKQ1vgf8-BR0EBpDeBvUg9UFadIT7WxvbxMbRjzcnQXBgSPpy46aApiPeV2dgxhtmML4VKciYwi-D6dqneCdiRhoweF-9KExcOiNaD_uEfCVPnS_q60iAgTdVz38cNuXF8LYP_hj6R0fMEjUBXtkjZLEbCe_y3tSz4EE6G6wf2UJftGcLBibD3GekEAypCdM1ezAQLbVw69KlBu7_aJFgjitB751u0UMzjXiL7RCAacUK7ietGxv_ZMITcV6sllt093F8JL5VNj_Amo5YmwrTfyageWSl-uM-ByMkd_aNOiUibTArvARViSiziOFmHPLEKrL58fyq-kYnmL_f-1wmB9WIyxoyCJ0M5ryKy3ac2ZzmTglGRCWNAUdbyn9beELvd6342EHe34TEyEyezD_uckIVKn70cY7-ZWtFiYsvGBVWMaB4FeeBuhhPsx0KsfB3-rPOGYNa5cQD_nbHKDu-6Sk9TsXTXDTeamQZbpvZGli57XeIX_-KQoyf3D_oWaPWQ5Dy02QXeRpaPSBht3qpSHMJ6Gl8IvzflOotFW38iPyS2N3_ImOWO3jfp--FKcxMjzE_kOqwYcVmUtJ8Ck1h_PNelr8HeOFlgzJ3w6zy-_QXw26-WXXkRlyBMzAK-739W_q6IEoOLIM9F2UXRtGLhUgkpXvcz-YZpuB7xPAs0SoiWq94hTL2vufZnWc1y-Nk6kSNXtxK63zFYPM2IQDFTPwn-zjX3xxmUSHPo0nrpXxvAwlCSpvFKF7KqnIUd-4XCrl_qEe-y-94Bfhaa-wKYOZv8VB1n2-nywEu8fPclRqn_ekcaymmnlgX8UyOcksHdqCoxEatiuMf7hNV_aCBX4ogU4dzbZRK-STnpsWME2fMhXeYktyNhqA0juqDXwYTD-UytXptp2HGjp8guIbqOw2K-zcmFk0Rw7LdySQ0A4edqIJU_hEWGleOZ_3qLofjNbmQPmRJnqPHoACA8fznNV0ceouV70amXAbIG1s7aVT2qAeSHwH1gIrc8kkHI_LpfqBqx32fl1jAiEfN_xay88gBM2Xrwsws8loGtYcmIrTXQcjf-E8zOZ0ailNZBpNVER6O2mD20OwzxmmnA6FGl6L_T89gtLnoFKlIvqzGXIzV3MDke4yoy-bdd1LevczURiWXJmPMQy_sC8jqevvi9LMO-JH9_sORHyVBOFHkzfrdiLueu2OCbBBpuBUHo0-v364WNNifvuta_HeLN7mlUlX3EnSiPhxQI_vss0rovFffvy85e8uw7JhuVGFid6pjGKtxq83UHuFsligWESLEcD5gS2RTlWscDX6b24mHmH_f_wlnGSuHrlrmHRzF3DeUEEq6DDqFXe_DxOyl8Z6uXrVuMxufOLF0VPrfqI1BHJGfRY5KagiH1vWzVOaray5VuVsUWmhJpL5jfNLaDdUXyGPeiCgBUFkQPz2rs1ORruS6Gm5z2UfqoLZP6h99apL3NYQKXW7tzDLN-4cG0VTrKLDmr7den_aQ2-HIF-OMJU26E2edVSUcCT9fv5nVRPG-lH3tvqsvfTzkyB2w43FVg7n8-dXZeAeKuKitLrlsYnfpWsenyYk8ZNMvxcDnT4uU7PrGSEfLec22H8FJa9B0SbOM6M9ZBK_p4Am7KIxdvdo7wE2BEP6jyoAtPqL8NshoCQbKYAebNaDBiOOtOJo5lNYovqMxlL9ScT2WvivCx0vir0bJoKMPP_oBwwj6Rt2Vug4wh23wv98ttrPPuyE4Eg6sUao_sHO2mJw4YvCuM0GcpHrdOmPg-XQUVUYqZ9k33TwfHz_e8kBGWcokl545RXz6Q6fHrmmfVKg8LOCvucRO-nwet860G-qGOX5zl5OFGuPSEJUl6paXLRHH4Sgi4_YhjvJJpZGXzsLjKvXIB8_K-btF5UfVe49tWMyTbppgcV0mTdMftAKu4EiQzsgJc1bdQHt7xklzUYNJSewdmjmsYkvW5WhVshPEO4BR1EdkNENURtf_fyPkW4iTJBqB1ClbZG4kB3zeo4npOmPJueiv5N9QozoNjwzs6mWZPLVX-goCoqEUAoqwy4vXIOigFA74vHC0gOmpXs00ADLI-xg5aGDsXMJh8cTgJQXJ8z8BvNgylo_cANw2gsdLYHx_5Jc9x5NcWGDEJXrNYNPyknz_ZSCrcjMxtuWYOzwMunMk1iJxR7B-T0z76Tj3NUokFLibtsfnK1R20bxN2in2MtmOvXo3Vi8T9uT5EahruEyQ-0ig4lh79vHTWUVCGC-T2WBg0LudO1U2voL8x1H-zlWAjXxxAwV6oQizK5uZeFPlM1whc65j08lOXvo3Nqv31Od4pSvvuRIc2YExdRoqC6h_MJZh-6O3SPx_ZhkTes2OxddCnpHAjLiguSNn2Y6yjPmG8j8HieeB8U4HBwsgdTXD6yrmpKiHb5Y-Y&cid=CAQSPAAvHhf_0EnBryJJsRhEojkshtQGYyMg3C7P1dZLyoL4mSeH98YJVT427b1e2QTxvAFz6bNMUkHsqqs-fRgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f155.1e100.net
Software
cafe /
Resource Hash
704d27d78c4657fe2053eaa20f486875e07f48f48e0a3701084cd45231ef50c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17727
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 96CD
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
20481
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 09:30:28 GMT
etag
48472445140208031
expires
Sat, 13 Jan 2024 09:30:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6776
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75693156a2b6bef8f7cc4225f70b6d447e0669c0d82384828a93e9d9bf7076f4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2206f81fcb9198330000000000000000%22,%222%22:%220x245faec13be4433a0000000000000000%22,%223%22:%220x10264687308894ff0000000000000000%22,%224%22:%220xb9cc1fec7735c2b20000000000000000%22,%225%22:%220xc2c119d4d10f633c0000000000000000%22},%22debug_key%22:%2218443523003357781447%22,%22debug_reporting%22:true,%22destination%22:%22https://overwolf.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210933910013%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221123693984398318881%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 15:11:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E92
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B8ioKs1ahZYLOG9PIjvQPq8GyqA0AAAAAOAHgBAI&bg=!OjmlOXbNAAaumcC-jpk7ADQBe5WfOB22MZlFoZZ_NUruIbeyib49BcUk5QB0bcmb178KKp0bHA-FUSmfsCsDpHvlZsREAgAAAbxSAAAABGgBBwoAN-S0rexv16mHKWKGCdPTpJTTlSFaqWo0xdVVCLm8p7m_9_DpGTO5xkeLz_uuatXPR806Ll45JUiZArrhsKfjv22WUzn5JppF4FhnMiQRJ1WOMiEvCWJlNpWip6mivqt4YBTUK5E-rf1BeTd4jV9hSbxrOugbhUbjwu93NLz-aFgxCHe9YTA9AsZH4LWAPlpg0Q-Om9yuU0t4U2bkIXD_sQF7KpRnOQQEBtHLnL9uf8fyLZwmOZjA8W0wIqsoozWxecqq2mzbxSVUJb2IIpP_6mrmGYatU6ueA8MxOl2mLDjAUzpm1qbk6BFBY3XQrPbguyW4XWQWjcLnkzFcQ672cFq6ZqOTKw_-FOwZ0RPDJdg0AWE-t5jRrfQVGmmPpgfsHqj9h8UkVkEbdahciAizvYnLYmFLDaQLzlH6DlDEDtIAOgV57Zom2gUk91x28Yfn2h8HKYYBCu1vSGCgATEIPo4Pu_ctPdIXnfWgh89T8I2Xl7z-edBHjV7TcExsP7-ktNXKScSk_JuYUxItGbpt2TGvvrKnsjt4wb_NE2f2Mwk-7u8QLRA5mbDQd112Rh9nTGpzp_VFM7t8ENF4UQD546ZAXRzL2GAqVg_uuyrfGD-LWvXL4lvL4j601R2icEXvPSiKCpH5ooRVyll70g4r76l34zdQK3bgt1GGJGzdf1liqepfyUegZRDFlqofifXPVARiGjdwyyQfSnn2XCUemKzIwLOPGqrHK7ROGKtdWKkaOrQkgQu-Q8_lP-WjSV5Du4xzt2pMwRY3wPXxUJAZtZJik9wSOgLvCtRxaOIZqmuizB5janfuX21g4Qn1HxzrWakZouarw0uA3rELbGrWHB8rJmMih7UgFH3r1pbu0NtdmbKcyJclA0x3Q3pkGrx4W9TMMdFVlmcS4wH9QiTnAeQyXZKy2kjVx6IMtQ21-R7ceb15zOjGar9u1MbDCmnXY4qVdA8rT6_8aSMqDhHfr0wUx52TjYS7dl-8WZm_CYN2JvttRA
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 96CD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKHXIQckclBGpLwYfN8qXJc&google_cver=1&google_push=AXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKHXIQckclBGpLwYfN8qXJc&google_cver=1&google_push=AXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5B...
43 B
420 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKHXIQckclBGpLwYfN8qXJc&google_cver=1&google_push=AXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8446558fdd6a3717-MIA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
135
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKHXIQckclBGpLwYfN8qXJc&google_cver=1&google_push=AXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmSFh-WwH1hmZOuY8ddmU_-mnRhQbrBUROvus2YtrKRVN-tD5xP_iZ0Hmb27fCz0VW9T-9lTWjna_SyVo_KPP9P-7F3-T5BSI2DH6M26kAm5cHKOILlMAPE-APxWHm7OldL6S0ejTmI2nls-4QrZYtR-OQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
8446558f1cca3717-MIA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 96CD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFGV3RRQU4yYUR2NFFBTQ==&google_gid=CAESEHzmOqLixT9gLR8Jija-kjg&google_cver=1&google_push=AXcoOmRK1kA0A5JDm4D1wkibsVt5ys3RgX...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFGV3RRQU4yYUR2NFFBTQ==&google_gid=CAESEHzmOqLixT9gLR8Jija-kjg&google_cver=1&google_push=AXcoOmRK1kA0A5JDm4D1wkibsVt5ys3RgXxDHqmKKQUNcr8usNswf3FSG2EI2-T-5G_tIGwHxRStrQEhwhHADujDPAxtLqJR3yB5-mCKiosovLjDVnr7dnHwzGtxivxoFPZiyvr4gGz5-BCVDZGV4LwvAtje
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-mia-kmia1760071-MIA
pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
via
1.1 varnish
server
Varnish
x-timer
S1705072310.539474,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WmFGV3RRQU4yYUR2NFFBTQ==&google_gid=CAESEHzmOqLixT9gLR8Jija-kjg&google_cver=1&google_push=AXcoOmRK1kA0A5JDm4D1wkibsVt5ys3RgXxDHqmKKQUNcr8usNswf3FSG2EI2-T-5G_tIGwHxRStrQEhwhHADujDPAxtLqJR3yB5-mCKiosovLjDVnr7dnHwzGtxivxoFPZiyvr4gGz5-BCVDZGV4LwvAtje
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 96CD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOd_cGcIWdxgPnfree-OzxY&google_cver=1&google_push=AXcoOmTfSuY5D_iqOIoMgsSYQ00-5_yd_SL0UiURBSsto8scigJCJrQNkFmDFkOvmgbui5xvv94Ysokt17a8AiNTDc...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEOd_cGcIWdxgPnfree-OzxY&google_cver=1&google_push=AXcoOmTfSuY5D_iqOIoMgsSYQ00-5_yd_SL0UiURBSsto8scigJCJrQNkFmDFkOvmgbui5xvv94Ysokt17a8AiNTDc...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWY2ZTc0N2EtNjU3Ny00MTNjLTkzNTYtMTVlZjcyMTVkMWRj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ef6e747a-6577-413c-9356-15ef7215d1dc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWY2ZTc0N2EtNjU3Ny00MTNjLTkzNTYtMTVlZjcyMTVkMWRj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ef6e747a-6577-413c-9356-15ef7215d1dc
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZWY2ZTc0N2EtNjU3Ny00MTNjLTkzNTYtMTVlZjcyMTVkMWRj&google_push&gdpr=0&gdpr_consent=&ttd_tdid=ef6e747a-6577-413c-9356-15ef7215d1dc
date
Fri, 12 Jan 2024 15:11:49 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 96CD
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEBXO1ShFlZHd6yj2Uw0u6IA&google_cver=1&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEBXO1ShFlZHd6yj2Uw0u6IA&google_cver=1&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=7b385344-a35d-4f90-82c8-db0333f5a652&gdpr=&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=7b385344-a35d-4f90-82c8-db0333f5a652&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=95b28aff-0d1f-4e8e-b542-831754e1a9bd&ssp=google&expires=30&user_group=5&bsw_param=7b385344-a35d-4f90-82c8-db0333f5a652
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-29P0Of3CIEW45vBL8msUow_mMIwHzRaWbpkFj5mh-q...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-29P0Of3CIEW45vBL8msUow_mMIwHzRaWbpkFj5mh-qVo2Bhwg7R-olHti4bWKVSKCA&google_hm=ezhTRKNdT5CCyNsDM_WmUg==
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmQXSVk8_7NC_6Fkxqu_a3MLeKgoEd0zzIoG9BMd_T3iZfxh66CfXepzF2-HPKgaf5X7_d64JeyLHCXifa3UNOs-29P0Of3CIEW45vBL8msUow_mMIwHzRaWbpkFj5mh-qVo2Bhwg7R-olHti4bWKVSKCA&google_hm=ezhTRKNdT5CCyNsDM_WmUg==
Date
Fri, 12 Jan 2024 15:11:50 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 96CD
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIKTBH4xkNWrpAM65mws-Q0&google_cver=1&google_push=AXcoOmRhKXw-EFEBCI3b3hpvKDRSrIhVP1Pjs09eIFx2b-oixdqQpN0Bv7Voy0E5euQNuCTZXV5BrPjRc-z5Dg4xWVuh_QO...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhKXw-EFEBCI3b3hpvKDRSrIhVP1Pjs09eIFx2b-oixdqQpN0Bv7Voy0E5euQNuCTZXV5BrPjRc-z5Dg4xWVuh_QOv4tIQUYSp3qSD0H4kzXr6MSUT3cGVr3BF_xnOr...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhKXw-EFEBCI3b3hpvKDRSrIhVP1Pjs09eIFx2b-oixdqQpN0Bv7Voy0E5euQNuCTZXV5BrPjRc-z5Dg4xWVuh_QOv4tIQUYSp3qSD0H4kzXr6MSUT3cGVr3BF_xnOraXRTXl-YznjkLgrv0BAauGQ&google_hm=eS00ajloZTBGRTJwRTJxbVp6aS5IdW5pQ0h6VDluX05ESn5B
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 12 Jan 2024 15:11:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmRhKXw-EFEBCI3b3hpvKDRSrIhVP1Pjs09eIFx2b-oixdqQpN0Bv7Voy0E5euQNuCTZXV5BrPjRc-z5Dg4xWVuh_QOv4tIQUYSp3qSD0H4kzXr6MSUT3cGVr3BF_xnOraXRTXl-YznjkLgrv0BAauGQ&google_hm=eS00ajloZTBGRTJwRTJxbVp6aS5IdW5pQ0h6VDluX05ESn5B
content-length
0
asr
aid.send.microad.jp/g/ Frame 96CD
43 B
464 B
Image
General
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEK71jbq6jA25UrGj69fAoto&google_cver=1&google_push=AXcoOmQz6XGcXyXsy-shqf1gEAg9ff4LCG3bms8JOL78gqTXAYYWfjOQQKDNV5W8368djzugFM_J59fXB5TFg1q9WhCxrO1DyTt-7KKyGkuo0YnKhrBoXRsEzfD793ko1076HAGW42WHgJ3n60uvf1utNKWFQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 15:11:50 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 96CD
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEACrHrATgM_8jxUTOZghE6E&google_cver=1&google_push=AXcoOmRedHWDS5bkE_Kw5fILonDXFYXJfBkHcbI2egru-IOfX5lAlFfh2wnKP5LoUw...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRedHWDS5bkE_Kw5fILonDXFYXJfBkHcbI2egru-IOfX5lAlFfh2wnKP5LoUwXs5j59QsEkb5MxS0bnRpverHU9Pd5aJAFAXFl3cGYJiWlgyT...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRedHWDS5bkE_Kw5fILonDXFYXJfBkHcbI2egru-IOfX5lAlFfh2wnKP5LoUwXs5j59QsEkb5MxS0bnRpverHU9Pd5aJAFAXFl3cGYJiWlgyTkoL4KOKm1Fa3Sshvrpi3mug-6ReizGvbQZ7ind78T6Ag&google_hm=U4KYHhlFRkKx2jEs-koss0Q
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmRedHWDS5bkE_Kw5fILonDXFYXJfBkHcbI2egru-IOfX5lAlFfh2wnKP5LoUwXs5j59QsEkb5MxS0bnRpverHU9Pd5aJAFAXFl3cGYJiWlgyTkoL4KOKm1Fa3Sshvrpi3mug-6ReizGvbQZ7ind78T6Ag&google_hm=U4KYHhlFRkKx2jEs-koss0Q
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 96CD
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUuxaFteE8MK4ecXXyr1TWBkbQerDXYDZ7mKU8uN80Zqo_78nE3aaNod6Ynx4SCy_rdO5Rdg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
googleads.g.doubleclick.net/pagead/ Frame 6776
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CS-1rtFahZfLdFK-dur8PodqAgAjAnfHqdPqUhpe_Es_igtr6QRABILLCpCVgyYaAgNyjxBCgAfzytK8pyAEFqAMBqgTmAU_QCRKufTjMzvmKZruYkgxv-PM5fceKteAcJvIqF3aeZf8tKUXnktbWYNzRUZtoTODbM06w6iQl9r1yTnGM1K73LKfh5llK5K2FYJo9Pgj-SZhjWGiSbNb8J9FCEGY21QvurLp36ZQ5OQlEQy-v9tlszGxlcDicBNQqkP7M_snEd7uEm8n1ui9sNboxU6eeaDhbI9FjggBMXTZgfUccDX5cuSrNNYWuubrV8c7EYDdueWO0b2orN9hZ7aJfUxuDlUw8kKVSfE9zNuRmexvdOAuWbnL7HZx4WAqEut3xNPSdzjRo9Oz2wATdqoGeyATgBAOIBby0nNxNkgUGCAMQBRgBkgUGCBsQBRgBkgULCCIQAxgDSK3OmAKSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB_yqhY8EqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwoQrOUNGIefkoIC0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOlj6wYKqkdiDA4AKAcgLAdoMEAoKEJCv2a7dheCUORICAQOwE_PSmRbIE-zWiOQD2BMKiBQD2BQB0BUBgBcBshccChoIABIUcHViLTkwNjA4NTUzMjc4MDAxNTQYAOgXBQ&sigh=SCMY5obfS8s&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_0EnBryJJsRhEojkshtQGYyMg3C7P1dZLyoL4mSeH98YJVT427b1e2QTxvAFz6bNMUkHsqqs-fRgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=2007931976&pi=t.aa~a.4043412503~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1956&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=3172&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=12
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 693D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cp52ItFahZeqcFMbHkPIP78mj8AqssqyTda_CuejhEZnQ17WcNhABILLCpCVgyYaAgNyjxBCgAaXavooDyAEBqAMByAPLBKoExQFP0H4tX6f9zxQeLSSRSuRsqa22O8AvLzYsWq0Rdot8iof...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc25f35ae23c572bc0000000000000000%22,%222%22:%220x9c5078d6db8677e40000000000000000%22,%223%22:%220xcd1470...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc25f35ae23c572bc0000000000000000%22,%222%22:%220x9c5078d6db8677e40000000000000000%22,%223%22:%220xcd14704688b08a4e0000000000000000%22,%224%22:%220xedacc8d24171ad1a0000000000000000%22,%225%22:%220xa6cff1d7135dbcfd0000000000000000%22},%22debug_key%22:%226277504843992472831%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226581919244049926881%22}&andc=true
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc25f35ae23c572bc0000000000000000","2":"0x9c5078d6db8677e40000000000000000","3":"0xcd14704688b08a4e0000000000000000","4":"0xedacc8d24171ad1a0000000000000000","5":"0xa6cff1d7135dbcfd0000000000000000"},"debug_key":"6277504843992472831","debug_reporting":true,"destination":"https://free-pdf-pro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827305253"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"6581919244049926881"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 12 Jan 2024 15:11:49 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc25f35ae23c572bc0000000000000000","2":"0x9c5078d6db8677e40000000000000000","3":"0xcd14704688b08a4e0000000000000000","4":"0xedacc8d24171ad1a0000000000000000","5":"0xa6cff1d7135dbcfd0000000000000000"},"debug_key":"6277504843992472831","debug_reporting":true,"destination":"https://free-pdf-pro.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["827305253"],"22":["true"],"4":["01-12"],"6":["true"]},"priority":"500","source_event_id":"6581919244049926881"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
csi
csi.gstatic.com/ Frame 6776
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lras11yq&c=1860761481926&slotId=930380740963&qqid=CPKHhaqR2IMDFa-O7gEdIS0AgA&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 6776
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Tue, 09 Jan 2024 19:40:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 08 Jan 2025 19:40:17 GMT
file.mp4
r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6776
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
  • https://r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0
Fetch
General
Full URL
https://r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0784086A9F6D2AB102658515097997A152E510E2.4C5FF4AA41EBCE8967F7535722A2D69776CF487D/key/cms1/cms_redirect/yes/mh/2X/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4flrner/ms/onc/mt/1705071074/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
HTTP/1.1
Server
2607:f8b0:4000:48::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date
Fri, 12 Jan 2024 15:11:49 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8238425
Last-Modified
Thu, 04 Jan 2024 15:59:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Fri, 12 Jan 2024 15:11:49 GMT

Redirect headers

date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
647
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0784086A9F6D2AB102658515097997A152E510E2.4C5FF4AA41EBCE8967F7535722A2D69776CF487D/key/cms1/cms_redirect/yes/mh/2X/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4flrner/ms/onc/mt/1705071074/mv/u/mvi/3/pl/48/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
pagead2.googlesyndication.com/bg/ Frame A671
51 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/DVIFsDrJQ2KCdn08kgozSZwsnEs3maKbf_4WD5VqFaw.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9060855327800154&output=html&h=280&adk=1425358192&adf=3609411903&pi=t.aa~a.4043410597~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705072308&rafmt=1&to=qs&pwprc=8417967905&format=1110x280&url=https%3A%2F%2Fafuncan.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705072308228&bpp=1&bdt=1957&idt=-M&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=3357768762848&frm=20&pv=1&ga_vid=2143167099.1705072307&ga_sid=1705072307&ga_hid=2011447802&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079980%2C31080261%2C31080266%2C42531706%2C44809003&oid=2&pvsid=2201128007616636&tmod=317994177&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Wed, 10 Jan 2024 09:07:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
194633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19609
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Jan 2025 09:07:56 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 855F
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
184637
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Jan 2024 11:54:32 GMT
expires
Thu, 09 Jan 2025 11:54:32 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc25f35ae23c572bc0000000000000000%22,%222%22:%220x9c5078d6db8677e40000000000000000%22,%223%22:%220xcd14704688b08a4e0000000000000000%22,%224%22:%220xedacc8d24171ad1a0000000000000000%22,%225%22:%220xa6cff1d7135dbcfd0000000000000000%22},%22debug_key%22:%226277504843992472831%22,%22debug_reporting%22:true,%22destination%22:%22https://free-pdf-pro.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22827305253%22],%2222%22:[%22true%22],%224%22:[%2201-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226581919244049926881%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 12 Jan 2024 15:11:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 855F
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
68326
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:13:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 855F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B6PjMtVahZYroHbGdoPwP3_Se6A0AAAAAOAHgBAI&bg=!sLOls_zNAAaumcC-jpk7ADQBe5WfOLWsamZL1aNKIm-z6aB_1ajwc7nIfPZVMEpkwp9VK5EBW0lzXaqPx6YBhz3-5kElAgAAAGFSAAAABGgBB5kCvIDoUudgIl4EkgVRtoFisX-aSd5ZNvuyAHI6xgYqmc0rzaF2PWj0NgxirIB-WHUkhJkn4vH-IO3L9I--rWgHdMNZJGCdVrvH7cMg3DTRjkEbFHan-N9f8eA2OeJpB9uDWudibLVZdzHsGVVw237pCod7zByRg60Y5x_F9kMo0fUMhw-4udqJ8gTtJ_0BTnZle9vpagOQIiE-X-Sc8mxahomvg2Ennu8oArU3eikv0RznpaHc6e9XyGuB6syK9QCIRuXvubwF3jsQHWYllcoc7cPWC0AJcRJuy-MhhukJGLBSmWIfSY1ZZYincAGHDe8S14WRb2y_0ntvSCw-bmv73Apsj9MY_HNEp4O74QSwnVRPKbewJcOxaFSo_M6OKm_TssAAY0xsDkn7UMrmiLAnlNyu98S5dLIolnet9vjF-jWyqSmT5DEiq0utuTRI_FyyPrJSI1FePTtKqj3vXltOl9ApMjI6Zx14dmG2wn9LoZEE6dsgz5VML5TEGIG9XKi32dw2ucng25UKCX7vdGfvnUD_tWUf6jCUnpS96S8ceUxIALfnos5k4vPx-hJXBCX1hqKqP5-Q9eelAqMtmhoJMUm1X-K8mlSHoJJzIj16iL1qsykQ5faZC9AG7lalVOT1sndzyJCDjXItyIE5vyqR7zB3lDI_1kswAfiP3votn8zWVZGle-uTlCxaMCGBhuDqgAGgTF-vSJUa4BAEwJeGZdlOxpXpJ4uqvljmSIJq1_dAR53DB0JeLsnddLm3RA2Dp8YeDy35plFUdGCSCRzmwf_uXFFGqx-QB144Nb7mrnEA_F8s7vBNcET8k1txDec2JfJ5pu_ag4tL6lvkOviB-MYAN9_27BuEtYPgrx-0M9nt41MOOlf6eUDcqrTDjSWR3v4T8KxZmSZ_LWKSEfEAFUSNLW6YgIA1Fs2gN7c
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
file.mp4
r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 6776
193 KB
0
Media
General
Full URL
https://r3---sn-q4flrner.c.2mdn.net/videoplayback/id/06ea49deb5bd90ff/itag/22/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3848832003/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0784086A9F6D2AB102658515097997A152E510E2.4C5FF4AA41EBCE8967F7535722A2D69776CF487D/key/cms1/cms_redirect/yes/mh/2X/mip/2001:550:1d05:1::5/mm/42/mn/sn-q4flrner/ms/onc/mt/1705071074/mv/u/mvi/3/pl/48/file/file.mp4
Requested by
Host: afuncan.com
URL: https://afuncan.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:48::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Range
bytes=0-

Response headers

expires
Fri, 12 Jan 2024 15:11:50 GMT
date
Fri, 12 Jan 2024 15:11:50 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-8238424/8238425
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8238425
last-modified
Thu, 04 Jan 2024 15:59:10 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
activeview
pagead2.googlesyndication.com/pcs/ Frame 8892
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHaldlcfU7Qc3zJmjDeRju9fM0VnFEc0mQJtY722zSO-IZ0dJnqctVAa-l8Ml_KfEexWxBSaP0xmBCs_68Yxr4qG1nC5vFnXmDPdZAaoBj1HAf1RzNBWTFrFcIhsVkMv0_KQNBGOsgBMGNorFvLdWTfz5Q&sai=AMfl-YR094tNw_iPujhCKjBmjGpVHV6jQEOFXtdXFZp91zumm3RIJo3H4QeCcGRSXRUu1Vfr_YDW8BqJSO-10qV-dncZoVmTMUQgT8ic8v9UI3-AaPnc8jtDrZcjtNyYtz1oO7FGVxH5wRbOszLVHQDXsQ&sig=Cg0ArKJSzBDqly0EfXftEAE&cid=CAQSTwAvHhf_6tY7-MVV8NdibosbeMDvE8uAYucLsTDOXu3LzBTRMmhFlPAfJz_OOx09H3Ui_gPlbZYke9xNAvQLPdwWeGuqH_XdfMCNr3U7ZMkYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=830,1000,1000,1000,1000&tos=830,170,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2020088501&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705072308346&rpt=810&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EC26
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQuMcHKnzAq7kU1gIBi9dZT9OrddjjOzBusx3E1btIjh-hB5BxT-BO22lU_rR2vt5dJpc6ADPhTrNSd3YH6rhqZT8NJ1HL4B-B87J5ITbsLg0VSH3DdOW2kFy5563cpi9R1ckmJCqJ3kRb8Ja3VVO_QGgk&sai=AMfl-YRSXHeeUC5i9Nj7cuNb6JxIc-MbZn1UvPR8ZOSLGv4VIE4lg2CoEmk0vxOzyPGaQgQU1hyEpsPUTgBXX7nvr0KiL3hEPmC67uzleWRkktujmsiSKARKSnXkuFgo0gDYQ2JJoVO5JH_Fyi4F8kdpEg&sig=Cg0ArKJSzISp1fXZ5wjAEAE&cid=CAQSTwAvHhf_5pWG9WOU3IKXE8djO6AfE2w_AG6a5YP92OVzML-tRX6KJ0UpFrQm20R9ljv62F1GMkntv1BukwJ7b7uRiB6EM9FmiQ3N1e8BOeQYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1133902977&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705072307402&rpt=1809&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=44809771
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 6776
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lras125t&c=1860761481926&slotId=930380740963&qqid=CPKHhaqR2IMDFa-O7gEdIS0AgA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=1997&mt=video%2Fmp4&vs=1280x720&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=22&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.10j~vil.1l9&ua_e=1&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240103_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400e:c03::78 The Dalles, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
98886840c7511038270d6334a19aff4ed3fb0e5b05ca59b6c830306a9eec0279
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12145
x-xss-protection
0
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-JPJFVSE5RF&gtm=45je41a0v9108437616&_p=1705072306527&gcd=11l1l1l1l1&dma=0&cid=2143167099.1705072307&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705072307&sct=1&seg=0&dl=https%3A%2F%2Fafuncan.com%2F&dt=AFunCan.com%20%7C%20Play%20HTML5%20Games&en=scroll&epn.percent_scrolled=90&_et=5&tfd=7381
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JPJFVSE5RF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 12 Jan 2024 15:11:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://afuncan.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 12 Jan 2024 15:11:52 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 00A2
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
68535
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 11 Jan 2024 20:09:37 GMT
expires
Fri, 10 Jan 2025 20:09:37 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2475
829 B
561 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3938f6c1b399691771048d5fa7620d2c90ddb01e5d32749268d829f55f942b18
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RkIV4zWQWN8jSxa__0meNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://afuncan.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-RkIV4zWQWN8jSxa__0meNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 12 Jan 2024 15:11:52 GMT
expires
Fri, 12 Jan 2024 15:11:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
pagead2.googlesyndication.com/bg/ Frame 00A2
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Thu, 11 Jan 2024 20:13:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
68329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15229
x-xss-protection
0
last-modified
Wed, 03 Jan 2024 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 10 Jan 2025 20:13:03 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2475
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=2201128007616636&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 00A2
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?_dp_hw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date
Fri, 12 Jan 2024 15:11:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=2201128007616636&bg=!w8ClwI_NAAaumcC-jpk7ADQBe5WfOPr4F9ej5YheTILsVn8wFTwIFSQf1GjTXSxZglZue2XDKtw0xakLJAWC0Z4PgEZkAgAAAFVSAAAABGgBBwoAJHCXAnX2MoVZMs4loXgirsRf4WH0dASC-ECkdNyk2B7mt-molpkCnLQzHTlE6XfrQisO_qjqiolqyi80yVUONKUGS73flHQ09qZLA3ujIDz-YLBaFJElbP_toa14n-Loq6vNyHAsQgefgVE59pVdE-WPtzXjK1jlrqifQaVy0EpBv3oePxqlrKYi6t7MwtLV2czpkhfgNmbEs0k1KUF43kUEvUV2vkzpxVCLYk-N-fDOGybNQbVj37A5W5d3KvCRvzYCICHxUk4ZowvZrYaGTtroUq6G1vOY5KGHClD74liQOaHQ-f0gsqVCpiSp61WSICwEKkuUt5IQy3AV0O-hA9SmpBRmrPV5quiN5jWwrmPwk0Qtw6nYYQ9efHdhS3uGqpKPOzZIXHlcJaBVlpZWM2GfF3S0rF8oqH38a7r4FfqRUl40arbAR6mDbOxDZDwaDVwCXnoCQ9AZxURWxVrKzX7klPZTxq5g1gpiLuWFjIvRgaMIXqYdL1BXwAcAWCPpzE0ei4FJDuhAyZIfc_aWY7cJerUctGJO5LXFi8OjN6id4fXQC7MDoaSYoY1Jt-1V8GeDsn2LAXuNPFIMegz-wrtHt6DZ9UR21BD2zH0oiBIRwcJ2RFi4Zs-XuO5FYXafSz48BTsW-US6wp4FlOQXBdLOzMvIWC5SYvJrYBYi9qABd_SXu02uYQ0DYy6AzQeRdg10mwzzDCdm_MSLNDtEJj37ZlRY_XmsE9EqwaIBbab-jJo4wUeLOnNvxyBlA3DCyRfcFNipiDAFBQ6nJshjm_82N2t9NeI4XMYPjcolwkU_odOh4urrZJnKHGjAHREuKHnGmL5dJBv5RbM64EX1eT_0ne1p4PszhDxsr98OJf2CbBwwaOlpeifoVsxm4bi2lV6re_yV6Q1FwgOHQ4nIta5Dzqwz8_HGZ2ZJXLVpbY3D8F7I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://afuncan.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
assets.securitytrails.com
URL
https://assets.securitytrails.com/cdn-cgi/image/width=450,quality=100,format=auto/blog/mitre-attack-framework/mitre-attack-vs-cyber-kill.jpg
Domain
anomali.cdn.rackfoundry.net
URL
https://anomali.cdn.rackfoundry.net/images/uploads/research/enterprise-matrix.png

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| gtag object| dataLayer object| LA object| atOptions object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| bootstrap object| $jscomp function| open_fullscreen boolean| can_resize function| resize_game_iframe function| load_leaderboard function| show_leaderboard object| ua_parser function| send_stats_data function| UAParser number| width number| height function| doMyStuff function| check object| script number| timer object| google_llp object| googletag number| laWaitTime object| GoogleGcLKhOms object| google_image_requests

52 Cookies

Domain/Path Name / Value
afuncan.com/ Name: PHPSESSID
Value: 938sgdg475r3obf0g7f3jj6i9r
.blog.isc2.org/ Name: ARRAffinitySameSite
Value: 1c61dd21b93c0eec2fed941a00511e48099051295e210a3e6710ab9040572a17
.afuncan.com/ Name: _ga
Value: GA1.1.2143167099.1705072307
.afuncan.com/ Name: _ga_JPJFVSE5RF
Value: GS1.1.1705072307.1.0.1705072307.0.0.0
.securitytrails.com/ Name: __cf_bm
Value: gec6ZdxmSBnz9HKHG4ocEk1FK1wExMvtwX3734mHaqs-1705072307-1-AbYB4Bxk1LR9hFlMHt9tiS6O9X0nix7jzsR/TzGowJ/ZQWE7LXPsu+O34nfNyJTol31iEuACr4b+IRmF0N6f6kY=
.info.varonis.com/ Name: __cf_bm
Value: dsDwRaBSftUo3ipWr3MMOgZ.rVjuEqZHfp_LOo279a4-1705072307-1-AeEEwk58oV17ywJ+h4VGBNozV2EcoD4Z5M5vCQUTpTuCbWWyfFmGNz/SyP8SXfgQhxIyj4harlnmlMc3eBNOKvg=
.info.varonis.com/ Name: __cfruid
Value: edabe72549c68c2873d1f22ffbe8945eb8598dd0-1705072307
.varonis.com/ Name: visid_incap_2074238
Value: UqbP1InQQR2bBrFyv0cYkrFWoWUAAAAAQUIPAAAAAAA6F4h1oYS+Ph7zNBhEkWcu
.varonis.com/ Name: nlbi_2074238
Value: zx3hKfnzQEQoCJGUV8um7wAAAADXVzDPKk25PbCrGPKGpSem
.varonis.com/ Name: incap_ses_1599_2074238
Value: j2UmehNgPFMJwsvOUcowFrJWoWUAAAAAP5UNT902hg1aIBnEcz2EnA==
.www.exabeam.com/ Name: __cf_bm
Value: UWXSvLcBLyvj.Tdt0iGSfeOk7XdhJCa_M2CNC9x4BTg-1705072307-1-AeAT7/2zFsQdgUzyj6bTnnA5NEBFOTodwwyIHwei0EeZklJiIO2zFbJ5JOD1HsFEqFEmyB6MK6CaF3qjQewZz1o=
www.isc2.org/ Name: bid_islptxjukqclyhbq884idzqzaqo3rhv7
Value: feff6ebe-7efe-4972-a3a5-2dc88609fa29
.mdpi.com/ Name: __cf_bm
Value: fGgkO47vz.k2YqVE03eHha.G9z_VB2hQ1R9znQ33.zo-1705072307-1-AUeZAA4sHFX/ul938BAGgx0q7Hmhh2gt6ZYwed0rGkKXGvzEOtoGdpin+p8XGd4Spk0mIt58VR7ux9HdhSrrIpU=
.mdpi.com/ Name: __cfruid
Value: 9a5391c5c66583b33a9c972233ff8ad437bb60e8-1705072307
www.f5.com/ Name: AWSALBCORS
Value: F4Oh7j1snst8UU6P6wuE7ebgPH9gb+0gxTN3z4C1bi5TQpzo9qXs6pQUquBTh758FKye7QRHE3TckwzKzK/z0WvbMizHcNBk4l3wmsk66jJ9wUdgsVRYa7KU7nPy
.afuncan.com/ Name: cf_clearance
Value: jzBHt3s6GKersSDTKPDhGFsLgunCE0loffah31gLkh8-1705072307-0-2-187fa091.9c1e1379.bd291a73-0.2.1705072307
.afuncan.com/ Name: __gads
Value: ID=e78cc91873968ff7:T=1705072307:RT=1705072307:S=ALNI_MblSLywRb26DZMGDlWUUCYdMeS3wA
.afuncan.com/ Name: __gpi
Value: UID=00000db6a116f348:T=1705072307:RT=1705072307:S=ALNI_MYOZ8oAni89CtyA0gcbl_txB1WFzQ
.casalemedia.com/ Name: CMID
Value: ZaFWtPAYz1ZoobFexL5FVgAA
.casalemedia.com/ Name: CMPS
Value: 1572
.casalemedia.com/ Name: CMPRO
Value: 1572
.doubleclick.net/ Name: IDE
Value: AHWqTUn6dVvhL5bYhf0gUDpWygCtD1bTCkuKI5T_SPy-0wkt5T6DvNt3uLvyzr6EXp0
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2In3@sEtI!@wnfH8K6pQK`!5=E<*L5?%K96)#y32GHUsYj).ecf9!=4y]v39AE!ok!X@/%nugO%v4VB%nn[#)x`kB
.adnxs.com/ Name: XANDR_PANID
Value: l57G0bg_HsCeV9nCXxgx8TfNETJpb48-XjkqxYWX4sDEpDlsbaOm8bXuGYvqIilN-HXLrGbqOUe-7jXn2bkAQhPM6vNB4WHnLtRQPAIJqj4.
.adnxs.com/ Name: uuid2
Value: 2926752473138065049
.doubleclick.net/ Name: DSID
Value: NO_DATA
afuncan.com/ Name: __vtins__JeU8LzNK5S5H4Mzc
Value: %7B%22sid%22%3A%20%222607c38f-2e26-5909-985b-6e470f88fcea%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201705074109254%2C%20%22ct%22%3A%201705072309254%7D
afuncan.com/ Name: __51uvsct__JeU8LzNK5S5H4Mzc
Value: 1
afuncan.com/ Name: __51vcke__JeU8LzNK5S5H4Mzc
Value: 7fb2766a-7851-59e8-9758-f0f930bf17a8
afuncan.com/ Name: __51vuft__JeU8LzNK5S5H4Mzc
Value: 1705072309260
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZaFWtQAN2aDv4QAM
.agkn.com/ Name: ab
Value: 0001%3Ai4p%2BWeHRV4xkc8BFRQk4VvEYNtQTjhjn
.agkn.com/ Name: u
Value: C|0CEAtNBM1LTQTNQAAAAAAAQ13AQCAAQpAAAAAAA
.acuityplatform.com/ Name: auid
Value: 876077944077
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRj9HKya8mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUY/RysmvI90aGlyZFBhcnR5VXNlcklkWkNBRVNFQnlYUWJ5UGlGSUMtX0NvNWlWS2FQUfv7hnZlcnNpb27C+w=="
.doubleclick.net/ Name: APC
Value: AfxxVi5Rh9h9AvgyABLEjb_THX5JEgi2OxxrhvDGLvEjfQTaAlY_nQ
.uuidksinc.net/ Name: jcsuuid
Value: ZC1P6LFQ3j0PUd3Zd5ES
.ctnsnet.com/ Name: cid_5382981e19454642b1da312cfa4a2cb3
Value: 1
.ctnsnet.com/ Name: gid_CAESEACrHrATgM_8jxUTOZghE6E
Value: 1
.adsrvr.org/ Name: TDID
Value: ef6e747a-6577-413c-9356-15ef7215d1dc
.yahoo.com/ Name: A3
Value: d=AQABBLVWoWUCEPTfsTceOJnCNfM3PFcO0j4FEgEBAQGoomWrZQAAAAAA_eMAAA&S=AQAAAhmE9YDSNLiKTyfeIScjwck
.bidswitch.net/ Name: tuuid
Value: 7b385344-a35d-4f90-82c8-db0333f5a652
.bidswitch.net/ Name: c
Value: 1705072309
.bidswitch.net/ Name: tuuid_lu
Value: 1705072309
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIjq2T1triyTwQBRgFIAEoAjILCIbIwoLx4sk8EAU4AQ..
.c.appier.net/ Name: _auid
Value: W9mp_kniBIiqL7DetVahZQ
.c.appier.net/ Name: _gu
Value: CAESEGtvr8cBotEBDgyBRsxXib4
.googleadservices.com/ Name: ar_debug
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aAntPKqO2c8U2OqnuurSRk157NCa7KM2ycM5jDoGQo4CafTigLP7onccQctk8HP1sR9eGYKNwnUUUVv7JUaSYJx8cXuv
.creative-serving.com/ Name: tuuid
Value: 95b28aff-0d1f-4e8e-b542-831754e1a9bd
.creative-serving.com/ Name: c
Value: 1705072310
.creative-serving.com/ Name: tuuid_lu
Value: 1705072310

21 Console Messages

Source Level URL
Text
javascript warning URL: https://afuncan.com/(Line 79)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://afuncan.com/(Line 79)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://anomali.cdn.rackfoundry.net/images/uploads/research/enterprise-matrix.png
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://afuncan.com/(Line 88)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://afuncan.com/(Line 88)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://assets.securitytrails.com/cdn-cgi/image/width=450,quality=100,format=auto/blog/mitre-attack-framework/mitre-attack-vs-cyber-kill.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://afuncan.com/(Line 459)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://afuncan.com/(Line 459)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://afuncan.com/(Line 468)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://afuncan.com/(Line 468)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://afuncan.com/(Line 752)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://afuncan.com/(Line 752)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://washingoccasionally.com/e583a5e1619406c516e455d245e6bc2e/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript warning URL: https://afuncan.com/(Line 761)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://afuncan.com/(Line 761)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://washingoccasionally.com/57ee57c2e047d2075f8b6b3808a144ff/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://defencelogic.io/wp-content/uploads/2022/02/mitre-attack-concept.png
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.c.appier.net
a.tribalfusion.com
ad.doubleclick.net
ads.creative-serving.com
afuncan.com
aid.send.microad.jp
ajax.googleapis.com
am.adlooxtracking.com
anomali.cdn.rackfoundry.net
assets.securitytrails.com
beacon.walmart.com
best10.club
bid.g.doubleclick.net
blog.isc2.org
blogs.infoblox.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
collect-v6.51.la
cs4e.pages.labranet.jamk.fi
csi.gstatic.com
cybotsai.com
d.agkn.com
data00.adlooxtracking.com
defencelogic.io
dis.criteo.com
dsum-sec.casalemedia.com
dw1.s81c.com
eu-images.contentstack.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
images.contentstack.io
images.squarespace-cdn.com
imasdk.googleapis.com
img2.helpnetsecurity.com
info.varonis.com
ius.ctnsnet.com
match.adsrvr.org
nucleon-security.com
pagead2.googlesyndication.com
pbs.twimg.com
pr-bh.ybp.yahoo.com
psanaram.com
r3---sn-q4flrner.c.2mdn.net
rhebo.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sdk.51.la
securityintelligence.com
sp-ao.shortpixel.ai
static.wixstatic.com
sync-tm.everesttech.net
techtalk.comodo.com
tpc.googlesyndication.com
ums.acuityplatform.com
washingoccasionally.com
www.crowdstrike.com
www.deepwatch.com
www.exabeam.com
www.f5.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.isc2.org
www.mdpi.com
www.sentinelone.com
www.trellix.com
x.bidswitch.net
anomali.cdn.rackfoundry.net
assets.securitytrails.com
104.18.25.151
104.26.2.18
107.162.133.105
13.225.63.89
141.193.213.20
142.250.65.194
142.250.65.198
142.251.163.155
142.251.35.162
151.101.192.238
151.101.2.137
151.101.66.137
151.101.66.49
166.62.10.47
172.105.199.172
172.64.151.101
185.98.54.153
192.243.59.13
195.148.26.185
20.118.40.0
20.230.171.39
202.233.84.1
203.107.86.226
23.32.146.239
2600:141b:1c00:22::1730:e070
2600:1f18:4e9:5a02:6d4b:af39:209d:2bd2
2600:9000:211c:0:1e:5c56:d400:93a1
2600:9000:2199:d200:14:232e:8a00:93a1
2600:9000:2342:a200:19:fc2c:a140:93a1
2606:2800:220:1410:489:141e:20bb:12f6
2606:4700:10::6814:cb25
2606:4700:10::6816:4092
2606:4700:20::ac43:4401
2606:4700:3030::ac43:a37a
2606:4700:3032::6815:3874
2606:4700:3036::6815:ae0
2606:4700::6811:180e
2606:4700::6812:18f1
2606:4700::6812:19ad
2606:4700::6812:9a09
2607:f8b0:4000:48::8
2607:f8b0:4006:807::2016
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::200a
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81f::2008
2607:f8b0:4006:81f::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2006
2607:f8b0:400e:c03::78
2610:1c8:1b::1
2a00:1169:103:7df0::
2a02:6ea0:c454::1
2a04:4e42:1f::765
3.33.220.150
35.186.193.173
35.211.178.172
35.241.31.249
45.60.150.169
52.205.240.92
54.36.91.62
68.67.178.10
69.90.254.78
74.119.119.150
04982d17373c15f5c7986bedd43b76affe5260617240767b718e0cbeadab106c
07fcbc456912a6c1f72a9c4ad8dfc05c61a470e3c608195406d74a2c9a5422a7
09c30fc5e245130df80b2425c3891343ca821721e77aa91a9a7c0ba0839eb586
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c1f6db7302bc668aa45c658a2c0cb00143bb5b043da4bf693b7aafb12be7900
0d5205b03ac9436282767d3c920a33499c2c9c4b3799a29b7ffe160f956a15ac
0f9eb65ab498b4f0205bb9ec91436a230b81c2e0e1333d97191c4eb82d9aca0f
137b62805330088f3ecd8c292ab1e7c8b2463e7fe9476419dbcedda631fcb5f2
16098ac8b6489bd5bb2c11ebd8b250055d72a18e89958963816bac00b2e83b8c
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19499108d4d60cd434550b6c359f73a2331e3296841fcb52128fd671d5888eb4
19b52e02a3d575b6095116958c85b27c12c054f89832dc17961eeec56ff6f477
19dbb559923101aa3522a0548a34fedb82f04b1981060923a35a569574022389
1ad288ea09018b96aed178e346a10ce208032784cf41558443f902fa5e82deee
1bac8012a904441a367d9e4935675e599a35e1fa017917da7a16552bd2fabc72
1c0b65210d85ffb41bc62809f949e1884b80c10eceb48becc71cb76a25c01856
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21ead2f2915567465b08675db3d84a6ba3d730d30ae07fbd1a1cd840b1fe097e
232066e3f6f1351afdaee1acb70c409766641fd5669e0b55ce7c77fac0a857ef
239587a291217700a3da18ef931f522711c9524cce329495063a2c23afc336c6
252dd69991f1b3a6a341690a8aadd352464f9fabc46322db3f51f1973ebd2058
2782934bd555759c91a70f92ee9d3b5f210e18d53f31a2e4b2bc37ce6bd4b4a2
27e38ae60f547b7fa51fbebcea6f4d03bad259f6887cdd8fa16056f6802d4c05
28545b9903d0dc5ca1807906813c37bd4f10564265a6aaf03e1e82fc5b370a26
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
361e371befe9e7611ae3ab149318dd7cae164c824846a636acf45838734caa70
3938f6c1b399691771048d5fa7620d2c90ddb01e5d32749268d829f55f942b18
39b19e74321954fb4837aff610c0355c18dce18393b2a0b042cd358d4db9b895
39ce4f58e2f0f4e7c490b390f75540063a704ffb0488947754ab9f4d022e8df5
3c954596bd2a354552e6bf3d6e1cc8345e271592e755e5fca7e63aceb41c6041
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426f810b32330288c8c649a66a026cf8050ce0458449b81ea1b54066c2d75107
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4421789f5871002698f84c2873e40ca98797ed85c785413e0bc525703a623602
451b84fb5b869f5aed8cda2f9a92a68217963fb8e7215ebd167007f6a944d1e8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6116aac7c38f800dcd312ad141d7324bd66ab03906bcb4db7275bc40b3522f
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e22765d12aa4d167d6283b7c09c77efc17484f62aed6b97e57bfd9be96e5c3a
4f596790b7a5324d8a4cb3ec745230bad3db55ae1f2c72ec2c0dc30e21d20080
4fe76ece3b2947a83db374e7487cdd4d9956da8af86aaa497e88b9da8c8c4858
508fa8c7a48d197b073702b38cd3b7b075b846dcac74fba54140e842ff3c0246
559ed27b48f52ad1c65466a95a120b8264f7dea4a23d31f2ebb3b5beca3321f6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564d17d6617722c7a4acedfee8181170526f2fbfed95a67cf069eb0146a42c66
58f01aed79f3948285e83e6605358684168397fe12856d9853cd45427b909a1f
59615b4f9f9fdc5ac838119c3172e81fd3b0ec0c5e6b694585185a6be0d084f8
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efb971a1819b18f35f86d02976adc87e4d0136c6487326e554b9d409dabc70b
6007ea58ba1bde429a66d39ac2e49f5136281d8b79889da9746c4a4ffc5014b2
60a835088a0aba897aa0176be33a61ba84d04f1efb5fafa3fa6f8b3e6055d4fb
61017f866ecf87672d8b331517d012553204ef7105784e8a0033119374b50b56
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6386b0efc8c35b4a0c0bb5ecf673ccc4750380669d77d16ecfbecc03ea0b207d
63bebcc290548f2787451225dbbb18821a960500580bda3e4bd9e46c38fbf4dd
63c6fe9a580ad95eb9c9aa8549816bbf940a17a4bac608c1bb49a45bf7cfa001
64e75f011e0487a6a5addd4a4beeca84080fbcc2a18ccced630ea06f0d66bfb7
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67855c0d2a4268115d80070d95185987c364e6ed8447358fb39780d0313c0ace
68fe9ef2981a9b5c393517a3a9dd7159f94e295333dcba88c5bf49fdcfd838dd
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6a0d25e9ff989e534ee1318bc659ccf509c63f1df89aff9d50351fe3623c8bef
6a814007a4f63905bc0a163bffdb39469a153fcc6097497faaf51cb007d108f6
6cf9a2453a9a0c7288483d1954ff40b56d61c42fc18f2446f7dab0452f0827a8
6dded15ca447bd40a8bc2abdd9baeb0c5b56af185080a911ca3fa68bec3a6ac1
704d27d78c4657fe2053eaa20f486875e07f48f48e0a3701084cd45231ef50c9
748c54e441795663fa3c063cf7c4c6ac625aa14b827c91667c7bb26ec0632ba9
75693156a2b6bef8f7cc4225f70b6d447e0669c0d82384828a93e9d9bf7076f4
77a32d0b8153be4e58858681694d2a298b0523c865b68b8c2b1795eaf23b004b
78822d2329ca9112116e119272ec28031355719ba2be1881885dd963ac3101f5
78deb67ee7e306263fcf2083777c727739a96706f2f0458fabb5cab3ef7df2e0
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7d0cf53bb78485eb3bc9bc8d8d25a21f335b04ccd07cfb8c7396c65567ff8f8e
7e9ebdc839c81f9b23a5b0933d968f8ae93511bb8fe4c827adee62e84c633a08
80aa1939fa8cbb3dd8f0880ebe4f07039923e7355890fca13f2e362fa42e5ee4
810d45f4b12fe22bf3c8ea323b2c50e590520b7e063c92cf683902c334bab22a
8284a4c4a8b4351395b4eceb067e08e855da79b6569181d29d753c70ee1df6bf
8865e9b6f009cd68d7b8c20a3b0adf115900097ae089996166335839809a23d3
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94dd8bfb4b63f48c489e8a309074263694c46325693c05853820a1342c35b20c
972f7a26f860f2f122dcf2a4c5cae616df3a4a83e0c8318a1afb824c766fb651
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
98886840c7511038270d6334a19aff4ed3fb0e5b05ca59b6c830306a9eec0279
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d5ccef11c5234683e4bfe39d86b125b5bf31e76b9f83dbcde8213a41e9d77a3
9e1d6f4f85ec3b7244eaf9e663f5f130136aa895805bc1f4aaf76eb16fff928f
9eb844a3f703f015f2496f3b57460617fac4260402052c651022d1bc4fa0146b
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a5ff18a969eadf48e834f25bd708cb1f065879f5c96641ad583849193e5260ed
a7da6d2b3a6c4cb334831292e8d263012e6fde5342af7b4a6cc233947ba394b2
a834cd181b32a465a1e90945a3fa5a181f19c7cae5eb1770538d52b1ffdbd9e3
a89d503c5505858f14cf25c667834b2ef5dcf6c58b97cbf56457ad1b3fe11580
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
abba82e29b6e78c6f283f71ab3a234bcb909f7fd76963eadcdb9e54a49ed7a3d
af77e624609246ca109f96195b1cdf54e01d4045b508b54866834e5ddcf95008
b06cc39356cad09783973f5c9c42bc0f5805246739c47d48280ca4e639354059
b0ce7897c1fa7da7cce03ad8eac4ff53b9260bbcf3c175d7a5b6c5a68285803f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b5a5c3e842600ffe7dc179a696d1198375717533b93905e38e43529667344064
b90e3bb0c482850ccd57215d4d6031b2ec45131a6feb8423fa0517cb3889eaba
bab95499883575ae39aefc7059851c0c6e5d6186ee8ec4b21ce9bf3e7e72fd9d
bb5af8a11b5388562f368b2c7752399c0caeea396be92cedc3fb5076117136b9
bdb665f65ed07c389f6d284996721947640d422a974ce4eed9c5a93841819e8a
c29634de93bba2349bc1de4d8b69ee64c24240b68051a9e65bae12e4d87123cf
c3e66f02c6cb7bc3e1476882786e21b1cf0adb68d539d88022836668a4003719
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c54ff899b5b9f90bd2ecc4dd87d877e87562f8c739ba2c167ccb61f02096abfa
c68803bc62949a7a34c668f8383f4cffc22b90d38b01c6cc063069369eb45f9e
cdcf1cb281a8353edc08eb1d9703491a897beaa679516bbe1afb132903fedb2f
ce6d6bd8de17addfa38c230f814345e053797671bb51679d58cef09d72fe2ded
d42dff69df0d3b89c933416af32dd1193ca3dd919e2074a4799505d18ff70531
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d6724c36d9e0023ef184cd7d1aba93c0d5906029d5e999b1d23ddf77597012e8
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d82b4183ba95eae0e58d96050bfdde26fb890e80992bdaf6159c71242ab5d6f8
d842dfde234b7ce5609585f900c8648e6bfec372828d5c93eb2b0bcb4bae44d0
d98cebba6e6f64ced2df10ebf5f6fa5061e6e66e691b36003e71ba30685c3cf8
d9f231ba7c8ea732cc866931449f4ea709fade9570de17bd0aa08f4a5894bd43
da96de009126fd5a56f345d89b80f23f18eda8a350fbb76fe930856abe101bd2
e0ddcd411967e3fff2a528a1389828eec6e6a6f65dbbecac5a69c758b5951cfb
e2f48c486e3daea23afd5986d0383234b2790d4d81e3839bd854528c34636148
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407b45003d474ddf1a33b5d73c71c7217ba5761f713ba22dae37e237cf6de22
e48491e749f4076b329ba91a01b7abd2eee55b3a7b136ebfdefcdad44782cdeb
e49ca84eab8f21230dbdb4ff73088a2893dcb5ae15aa326d3299aaeaedef60f9
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5db11b0a3c65e542fe47648b89a8e32f9f6137c5114a25fe9c203e4bf66e3cb
e6b20a1535a6d3ca3d7a611ae199a6f4b464e0b67b450379ed43a7ef3e66957c
e7bcb17abc554766500b3ef0a8dc4ef35ba471aa72d27938923decfd24f4df55
e8f5b46d4577487fe81800cdad8b25275c95abe5b4511d0c00051e20b05dfb30
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eaced04974b5d5df070a8d3aa808505e4aa3e3ab032c96e8a9b37a5a69e795be
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ee943c28e4dd4d0d593c7424277632954476142ac40faa3721291d7a3591d28c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef26daccdb0a9e6c75150bbaabe440062f1ca56079d92f6627d53aaf8deece7e
ef441ee5fe05afbf37cb08967afead776802277a9553890f54cfded072a551ef
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6977810078bd25d2cd28e06726aa4b946c92fd92c3416cfe2251693c75a78fe
fc8afb1d4db05c0720b7d7bae1b10b9414bb9d406dfaa8e9ba5a0c6b73f2bf30
ff8e74b1f76ae1036d81ffe496cd111f25a95cd411f59c75ce3326384a5ecc4b