urlscan.io logo urlscan.io
SecurityTrails logo

ca.duboku.fun Open in urlscan Pro
172.67.73.67  Public Scan

Go To Rescan Add Verdict Report
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Submission: On August 17 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 2 countries across 11 domains to perform 122 HTTP transactions. The main IP is 172.67.73.67, located in United States and belongs to CLOUDFLARENET, US. The main domain is ca.duboku.fun.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 18th 2023. Valid for: a year.
This is the only time ca.duboku.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
31 172.67.73.67 13335 (CLOUDFLAR...)
14 142.250.176.194 15169 (GOOGLE)
1 104.23.128.74 13335 (CLOUDFLAR...)
8 104.23.140.14 13335 (CLOUDFLAR...)
2 142.250.80.42 15169 (GOOGLE)
9 142.250.65.163 15169 (GOOGLE)
1 142.251.41.2 15169 (GOOGLE)
3 10 142.251.35.162 15169 (GOOGLE)
1 142.251.40.166 15169 (GOOGLE)
3 142.251.40.234 15169 (GOOGLE)
2 28 142.250.65.225 15169 (GOOGLE)
4 142.250.81.226 15169 (GOOGLE)
6 142.250.80.66 15169 (GOOGLE)
1 2 142.251.40.196 ()
1 142.250.80.67 15169 (GOOGLE)
122 16
31    172.67.73.67 (United States)

ASN13335 (CLOUDFLARENET, US)
ca.duboku.fun
14    142.250.176.194 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
pagead2.googlesyndication.com
1    104.23.128.74 (None, )

ASN13335 (CLOUDFLARENET, US)
pub.gboku.com
8    104.23.140.14 (None, )

ASN13335 (CLOUDFLARENET, US)
re.duboku.net
2    142.250.80.42 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f10.1e100.net
imasdk.googleapis.com
9    142.250.65.163 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s71-in-f3.1e100.net
www.gstatic.com
1    142.251.41.2 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net
partner.googleadservices.com
10    142.251.35.162 (Marriottsville, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.251.40.166 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net
s0.2mdn.net
3    142.251.40.234 (Newark, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f10.1e100.net
fonts.googleapis.com
28    142.250.65.225 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f1.1e100.net
tpc.googlesyndication.com
4    142.250.81.226 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net
www.googletagservices.com
6    142.250.80.66 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f2.1e100.net
www.googleadservices.com
2    142.251.40.196 (None, )

ASN- ()
www.google.com
1    142.250.80.67 (Staten Island, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s35-in-f3.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
42 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
663 KB
31 duboku.fun
ca.duboku.fun
291 KB
10 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
164 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
105 KB
8 duboku.net
re.duboku.net — Cisco Umbrella Rank: 535096
276 KB
7 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
www.googleadservices.com — Cisco Umbrella Rank: 157
603 B
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 600
fonts.googleapis.com — Cisco Umbrella Rank: 73
353 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
226 KB
2 google.com
www.google.com
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
17 KB
1 gboku.com
pub.gboku.com — Cisco Umbrella Rank: 472506
69 KB
122 11
Domain Requested by
31 ca.duboku.fun ca.duboku.fun
28 tpc.googlesyndication.com 2 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 pagead2.googlesyndication.com ca.duboku.fun
pagead2.googlesyndication.com
imasdk.googleapis.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
10 googleads.g.doubleclick.net 3 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
9 www.gstatic.com ca.duboku.fun
www.gstatic.com
googleads.g.doubleclick.net
8 re.duboku.net ca.duboku.fun
6 www.googleadservices.com ca.duboku.fun
4 www.googletagservices.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google.com 1 redirects tpc.googlesyndication.com
2 imasdk.googleapis.com ca.duboku.fun
imasdk.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 s0.2mdn.net imasdk.googleapis.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 pub.gboku.com ca.duboku.fun
122 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-06-18 -
2024-06-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://ca.duboku.fun/vodplay/3833-1-14.html
Frame ID: 6778FCA29C03E298BAF5C21E88463F9B
Requests: 37 HTTP requests in this frame

Frame: https://ca.duboku.fun/static/player/vidjs.html
Frame ID: 3A2F351E6D1D6C9C1BECF032B01B511A
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Frame ID: 9FEA8370B1222E55D27ED80A70BC6D36
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Frame ID: C10CE387B50ABD0BC565BFDBB92DE42B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&adk=1812271804&adf=3025194257&lmt=1692321858&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658105&bpp=1&bdt=504&idt=382&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C320x250&nras=1&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=405
Frame ID: B883B62AEA9BC78DE4666004D34E9845
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 5EFEFC9EB111AF449456C2786384617F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CE6DD05777E0BA7455DFCE580F85283D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 17610A09DA3D9BEC7926439DB5D31BBD
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Frame ID: 04548538AA3E8ED677ADFECEE91235C6
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: BCEFD463AE5489F9FC19F01128DF1C09
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 32263542160193B0D6D6793A55340709
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 6443AA495A69AAF103A7CDC8C1DB27BB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: FA5BD186E3F813C966F49D0981B28E5C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: ECC01868B328F97C261D8C2AD592C813
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 505DB6EE4E9B61206A5848D599BA78F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6FDC8724B4296BE3127F8A5038974791
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9F96EFF87A8648A414BA07347663974D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

破毒强人_第14集线上看_独播库

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

90 %
HTTPS

0 %
IPv6

11
Domains

15
Subdomains

16
IPs

2
Countries

2171 kB
Transfer

5978 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDryZbdVBCACBiACDIIaY_7PwG7pEY HTTP 301
  • https://tpc.googlesyndication.com/simgad/11606774252631717604
Request Chain 97
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDryZbdVBCACBiACDIIaY_7PwG7pEY HTTP 301
  • https://tpc.googlesyndication.com/simgad/11606774252631717604
Request Chain 106
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cny-S0mXeZPnyIvL4xtYP67-9gAS3iZiea_GikL_sDmQQASDQ5qJ-YP2gmYHoA6ABsLqh1wPIAQmpAuOktpn4S7I-qAMByAPLBKoE1gFP0G-UhGG9wLWSpIVVv4njcq77JdNYiPMNBgaSmCWWN8u0MJ6aEGaEjDpbOAhqxU66byVTgILEUf3IXRk7QpX1LdqhfvJMJCLH_r6WhdeX3X-fzZyxbWchgcaqpyKLaCupjE7Z0FUamEKjZ5Md4XYyXoeb-39t1LZGhz02k71ZfaV-6xLmYF40rXbL0rRUjPPUjlH_Eq_HU1uUisGc3aaGIlob_OmM2bs6Tu2HpKg6elSYpn_fPAjWCP6Je0TT2tpgFzKGKUGNuIdfK6bQ916QU34nSKIPwATpmea83QOSBQQIBBgBkgUECAUYBKAGLoAH_-HQYqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBC5iwfSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJPGh0dHBzOi8vY2Eua2F5YWsuY29tL3NlbWkvZ2RudGV4dC9mbGlnaHRfZ2VuZXJhbC9hbnkvZW4uaHRtbIAKAcgLAdoMEQoLEJDL06rTrL_W-wESAgED2BMMiBQB0BUBgBcBshccChoIABIUcHViLTI3ODY5NTk1NzU0OTc5NjcYAA&sigh=Ypisc2w7hbc&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWIwT_puvzY0xqHQwSVMb5EFv2OnyWhhgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee765acc7570000000000000000%22},%22debug_key%22:%2214260323162406083870%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211312769335918935089%22}&andc=true
Request Chain 107
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CXyc00mXeZN-MHOfqvPIPuKq9gAWmxr_ybMeG0ajdDdrZHhABINDmon5g_aCZgegDoAGxhcazAcgBCagDAcgDywSqBOMBT9Bh3lSHioc28d36c8CuMICiQeq-NZNda4WXmH7c_hjDDcfS1vANDyi_SeQQqKGKPB6JTKUzB6Na9Ztw6yuuxgMQfj3JGgXyyZYch6yHb54oKwXfkXXvyPwHJ59V-ciGiKvhbHHEtQnRDsR7Z9-XsGzSe4aJnpqIbD0JgMxrRR_kpseIW4fOiWt4Ska07wVT5txSl96OWmf1vPmQOIygPtCDCNoVLsPIOgOSEFX7F9jKTuZrotTD1c6N7gDXdztOXcypxKt8SYp4BJOR8ktnVWIMTEaFF9DlNkb5yHZ8p8qPr_LABPrywe_JA5IFBAgEGAGSBQQIBRgEoAYugAe3-rnMAqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENTMEdIIFAiAYRABGB8yAooCOgKAQEi9_cE6mgkYaHR0cDovL3d3dy5nZW1ob29yYXkuY29tgAoByAsB2gwQCgoQ4LuE88Gl9_lFEgIBA9gTDYgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yNzg2OTU5NTc1NDk3OTY3GAA&sigh=etRgBmGrYJ8&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWqC3xZRRnBEk8a241X19DnODU9uNhNBgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa9000e213f90b0410000000000000000%22,%222%22:%220x5ef0fb0d2a46ec540000000000000000%22,%225%22:%220x9257f92a09ea4f4f0000000000000000%22},%22debug_key%22:%2216982814689456338696%22,%22debug_reporting%22:true,%22destination%22:%22https://gemhooray.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22376537777%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211856178954425909361%22}&andc=true
Request Chain 111
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 116
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CNfp30mXeZLT0G-L6vPIPxdu_iAS3iZiea_GikL_sDu-kmtaDKhABINDmon5g_aCZgegDoAGwuqHXA8gBCakC46S2mfhLsj6oAwHIA8sEqgTSAU_QvZa8mwYn09hfpNDfQB1YWI5-Mi3ohJ-AeCJ6px3BtjxPMtAAEiKl19y1c3ML79Secu901dosV9ySgoocLSKx-RocBpyU5Wb-ExECBQN8lVA5vGCoS_KDr89VrFOoDRW8ne3pZ_vPaLJggA5b127vNNX8HPL-wyacK3-PGcrPlYvUcnmfbly1IUZ4Tk15YGhwWEyksDG0XosHYcD2UjebOJ603Fx9OlXL9vixEKWTUvvnxV29IvewjGtiX7GuQijecxG5pibxL8Zbgtf4O3XxtMAE6ZnmvN0DkgUECAQYAZIFBAgFGASgBi6AB__h0GKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQtZ8J0ggUCIBhEAEYHzICigI6AoBASL39wTqaCTxodHRwczovL2NhLmtheWFrLmNvbS9zZW1pL2dkbnRleHQvZmxpZ2h0X2dlbmVyYWwvYW55L2VuLmh0bWyACgHICwHaDBEKCxCwjI6-gcuwt9sBEgIBA9gTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yNzg2OTU5NTc1NDk3OTY3GAA&sigh=akDsIi-uT0E&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWP3kEeNHzBY4KxKecFF6U0Xlx72E98hgB&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee765acc7570000000000000000%22},%22debug_key%22:%226802747801846605405%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218353431485161628257%22}&andc=true

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3833-1-14.html
ca.duboku.fun/vodplay/ 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d3f8369e95ce4f9e3baa3b2d3d5059827508149b80883f47e03cba67b02c1b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f83f3fd3d2054a9-YYZ
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 17 Aug 2023 18:24:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8K7lcD6tKQolzGSJtgdZNXSZZQW4aL46zrxTsq2AYEDMyZxcDvlL3XUcSDnGH4jQMW%2BKc5eO1hdcXT6Maqil74JWgb%2FEmYT8risKFaBqBZFYA9Vzg8tbvhe4eoXBzk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
mytheme-font.css
ca.duboku.fun/template/mytheme/statics/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-font.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2016 03:08:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
22601
etag
W/"581aaa16-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VCpw40RCuMzTCN7EawIlElHqHLch9n5CstFEoxQjDgoDmjAeU43nM1hRvET4JV0wynWzMF9kzCE2ZhzGZDT7sAbI3Cft7IACNZsLpXv7zZ07EZwl1CG0ojnbwvbQOwY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2dd554a9-YYZ
expires
Fri, 18 Aug 2023 00:07:36 GMT
mytheme-ui.css
ca.duboku.fun/template/mytheme/statics/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-ui.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b533bd4844e7fdbc43308a3b215a0be38e021bf319993deae78ca1db193efc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Mar 2020 15:19:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
22601
etag
W/"5e738d9a-8a13"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sfe2Zhx%2FRXQFg5rVjqELEWYNXjD%2BNpdL88rlIrThSvzXxgzYcLW9UxqqTI%2BhQMcf2JE%2BSAweFNQMZM3B%2BRbxpcNDYNyX13xm3VkGRjn8%2FdbJdSj8Sfy75RW61LlRosw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2dd654a9-YYZ
expires
Fri, 18 Aug 2023 00:07:36 GMT
mytheme-site.css
ca.duboku.fun/template/mytheme/statics/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-site.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
549b89b0439836d0eae0a21fd06eeafdcb305baaa7b3150ab8c9e5a2754d7689

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 20 Apr 2020 08:11:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16711
etag
W/"5e9d5916-275f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzpZjbUMb7ZEw9reyGfMzbbrYvlt%2FlizOl8j%2F6QBCFyxPzpAlQmbevszrL7vizr9vDUW2SfCewClY09CEnxzztOLgCXdiG%2Ftkvfck1amcgyXmLh3u%2Fek8mbENkG5og8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2dda54a9-YYZ
expires
Fri, 18 Aug 2023 01:45:46 GMT
mytheme-color.css
ca.duboku.fun/template/mytheme/statics/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-color.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b84a040fd55faaaf47283f1829aa8a90442bf0c1a30b9ff06f8cbee5636942eb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Mar 2020 15:16:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16711
etag
W/"5e738ce4-15bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjBQMPjWRa6IpYCQoRM5shCB0RFjKeHofTZ9R589JePMHeT7NNB1H%2FckcMyX1O%2FrKTxvc7UBRKWGBsCixW2TV5eMGfm5kv7mnR277HmRYJMtAUtCtydhN3Q3BxGLd9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2ddc54a9-YYZ
expires
Fri, 18 Aug 2023 01:45:46 GMT
mytheme-color1.css
ca.duboku.fun/template/mytheme/statics/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-color1.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43bff9d0f3f151303c9255bc38f0b4e107785ceb09adef04c2b61430bdf64a62

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Mar 2020 15:57:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9681
etag
W/"5e739678-15b3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jfGcDVQETgNEDAVdZHYy05O3xx4mICcJhWF3XwfKfsTEqw7BhRSJ16p5hGokqvxk0iFdEpN3XElSHXHK5%2BJSy02EsgVUTpzdDgTsDBq1LRaCHvm77iIFgqIPfgfJUNk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2ddd54a9-YYZ
expires
Fri, 18 Aug 2023 03:42:55 GMT
mytheme-color2.css
ca.duboku.fun/template/mytheme/statics/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-color2.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e287d2012e677798fae823bd1d481cd935ffb35314d21bbe560b77925fa16433

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Mar 2020 15:57:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16375
etag
W/"5e73967e-15a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmehOBWPqfos65GhfzrknqZoCpocpwnktxFXqUz9lxcd8MoXo9i0ix905uFIAe%2FVI%2BtYKf%2FYtXPee%2BynoV19LqPKcLKASgJvyQxWOnYn33Q4x%2FPL8z29ljeysOUC5hs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2de354a9-YYZ
expires
Fri, 18 Aug 2023 01:51:22 GMT
mytheme-color3.css
ca.duboku.fun/template/mytheme/statics/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-color3.css?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8144b8309e781eac9363366e1a92f63aaf0728db8cd6cc19ce58347eedf6a896

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Mar 2020 15:57:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16375
etag
W/"5e739684-159f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afIycBl0JvTdHwpDRCvdHF269Mc1kZJ98RtnOm9AkJ%2F1bf%2BfG0Mcz6vNqVADibGExJMz02BvmBNBoNn40qObN9fZgJ2m%2FJ0a5HyT%2B7CJu%2FlFPjA4qTKFpYsVJl4TDGk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fe2de754a9-YYZ
expires
Fri, 18 Aug 2023 01:51:22 GMT
jquery.min.js
ca.duboku.fun/template/mytheme/statics/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/jquery.min.js?v=3.3.1
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Aug 2018 10:24:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16719
etag
W/"5b62dbd6-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2MA2X7Yw8kX85JY4ipO2tN3QDT%2BXXb69uEqJyolHGHJBd6l3XphpNzI8Tl9q6xLvotJGWAvFPcM%2FoKTEKbGQJm15X67op2X5ThyufNKcM7FaT%2B%2BXDA3xEcsXtTmSRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3fe2ded54a9-YYZ
expires
Fri, 18 Aug 2023 01:45:38 GMT
layer.js
ca.duboku.fun/template/mytheme/statics/js/layer/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/layer/layer.js?v3.1.1
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2017 03:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16727
etag
W/"5a261924-5664"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h06WY3rcG7VXIHMaaBHPlDeH3yhFYZlk0vAVJJjE8UPjYZWM3oxV7Uk0OCPmNM3pQsVJGtTbe9kDkM79HxrQ190SjVBVpTft5atsqHpmomirTMD3PBfdXE032jG6hP4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3fe2df154a9-YYZ
expires
Fri, 18 Aug 2023 01:45:30 GMT
mytheme-site.js
ca.duboku.fun/template/mytheme/statics/js/ 		126 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/mytheme-site.js?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1996dbe087689523dd4e8eceb547ab151db5ff6eb1103e29a14d1c40ed0e1fb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 24 Feb 2019 11:20:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16719
etag
W/"5c727dfa-1f8cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2FGIDpvEYaTlUzhjLTOaL8lIqhdTDGth0RhSTIjuWy4%2Fk4SVyBhFD9Dq00pLNDNo8%2BEMfghpBji1l8w9T7mLIOURjMVH3xgCn8bfIKmtVHzToifoQO4Z8Q1jN%2BjzTuw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3fe2df854a9-YYZ
expires
Fri, 18 Aug 2023 01:45:38 GMT
mytheme-ui.js
ca.duboku.fun/template/mytheme/statics/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/mytheme-ui.js?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6edee228a171f50403c61b8eee642112f529b5d974d56fdff8504ac747bc1bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 19 Mar 2020 17:50:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
13977
etag
W/"5e73b0fe-54f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xx4j0msgMcllArB4ZGgaSPveo45aygtJX1LwEZjGJiCCUdFs0nVcSGiv0uCYj9fbBV%2Fa0Gg%2FDRqkGTC8NtvOju3zn%2F3FMoVDXEcwhvHLXKJMpwJBw85p6spPrcaz9Co%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3fe4e0954a9-YYZ
expires
Fri, 18 Aug 2023 02:31:20 GMT
mytheme-cms.js
ca.duboku.fun/template/mytheme/statics/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/mytheme-cms.js?v=2.8
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74ca965386669eb824dcdb9b1fe2f35b776f099e63034533734818b33f11bd59

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 04 Dec 2019 03:11:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16727
etag
W/"5de723fc-21c2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zj1ibtBkWrPt84SVjPaKJOhOGudKtbplV4pCNFdGzW8gJSBE3QqFc9ktAl84K7XEiEXVxVyM9X0%2FrnOtGNs3RheFZ%2FFCRy2tR9jNlun3sdHC%2FY7Be1LPttwDnygrx2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3fe4e0a54a9-YYZ
expires
Fri, 18 Aug 2023 01:45:30 GMT
home.js
ca.duboku.fun/static/js/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/static/js/home.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82f91ebbb2e7e2ead5095d7bf5e5eb93bd6bcfa874d77b7c90bb0b308972b4ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 25 Jun 2021 06:18:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646543
etag
W/"60d57524-994c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uVjaczXWVhihvgjPMSy04SN3EevyhUz9Q9FFbbOE5DiayFl1OTWgYY9MeaMA6E6VmPQiJL2Qr2yxuR5aNkxPEcGzJCfb%2FyIJYhp21EdMcQQly4Lx1mlGUqdhJkxxyPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7f83f3fe4e0b54a9-YYZ
expires
Tue, 18 Jul 2023 15:15:14 GMT
logo.png
ca.duboku.fun/template/mytheme/statics/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.duboku.fun/template/mytheme/statics/img/logo.png
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db1ecdf518d348d3297d823e85fe0d000f2cc511452462ea9b3fd2dbdef68011

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Apr 2020 18:48:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646349
etag
"5e9c9d1a-6c51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysVoGtPS0BxF5qsvgnJ4MrmsuAL99007%2B8KM%2F%2FYrp7bjdRMRYBY5W1aPomY235pINYPOPMUCmS8UzQLmbI5sQhPIgMl27iC1318JyMCocZXiHi4ysokXsp4fF4c%2B0BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7f83f3ff3ed054a9-YYZ
content-length
27729
expires
Thu, 17 Aug 2023 03:18:28 GMT
logo_min.png
ca.duboku.fun/template/mytheme/statics/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.duboku.fun/template/mytheme/statics/img/logo_min.png
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dceb0f50b1b7871d8fdc6e8523bee6ad2801cbc44ae4ac79d2a2fe3c5f0657f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Apr 2020 18:48:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646544
etag
"5e9c9d14-660d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fW846wX4HibX3z4bEkLQ0KmUpBMMauRtLntVagcb%2BhPQ87xGwIYmAHs%2BSI0Md3QJhEz2ay%2Fqff0EhwIMFeADhcoTr%2B6FOIcEYZGsPpeMGqSnehNQRaPPEUaC0%2BzDIpU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7f83f3ff3ed154a9-YYZ
content-length
26125
expires
Thu, 17 Aug 2023 03:15:13 GMT
jquery.autocomplete.js
ca.duboku.fun/template/mytheme/statics/js/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/jquery.autocomplete.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40605dd8d4eff802b59bfc8204dc50055c753bb83c733c8c96241bf9836264bc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Jun 2019 10:01:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646543
etag
W/"5d0b5982-6288"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13j6gsVDv048djLQCgi574ssRWDdcMdI0SGwyC7gjOhPHAM0zUgUaA5hWGrQzc4%2BGM552CD%2B%2FzKWiynM1ijRnIelD%2FCfHTQUC8S8Hsf%2FheU3bdy1Zjg11GD%2F9h87ocM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7f83f3feae6654a9-YYZ
expires
Tue, 18 Jul 2023 15:15:14 GMT
playerconfig.js
ca.duboku.fun/static/js/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/static/js/playerconfig.js?t=20230818
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14b4828061e353138de2af3acdc08a862b1394a2a6bc8adb82b29e932167e903

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 13:41:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8656
etag
W/"64244000-5f7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LV%2FfhB9YHqwgyXLeg%2Brvy19M8NG3aWPvZ0in%2BwUG6lNO3EfUmv6ZgXvoTc%2FgV2ExJjCbqfssOgqel1bta3BKRKVOCsWGefbJf5coAnkQ%2FeM6pBo0JhwjSfbnhqlzmO8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3fede9754a9-YYZ
expires
Fri, 18 Aug 2023 04:00:01 GMT
player.js
ca.duboku.fun/static/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/static/js/player.js?t=a20230818
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1d7cd932a611d1f694e2fac6208ca97dda05ed4d96bfcb2f176caaf37de541

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 14:06:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
8656
etag
W/"60dc7a62-212c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w1fesB%2B0kyGwAaVpaLcMOoM8sZnA%2FRSVGOoqXCTFhe2HraW7o%2FcenYCgF7AfZYQxDTOhUNx413SynUvSqgqIHFSEQxlhFlKRo2yuE9%2Fm8kWXRW9PZlt0ljMTew%2FijWY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f3ff3ece54a9-YYZ
expires
Fri, 18 Aug 2023 04:00:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
c231ceb10792f2142568bd5e2ce8c6f38cb0233ce224deb1f5c3cac13443556c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50701
x-xss-protection
0
server
cafe
etag
15593896327045197580
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:17 GMT
layer.css
ca.duboku.fun/template/mytheme/statics/js/layer/theme/default/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/js/layer/theme/default/layer.css?v=3.1.1
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/template/mytheme/statics/js/layer/layer.js?v3.1.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 05 Dec 2017 03:57:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
16711
etag
W/"5a261924-381f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dginx%2FMxbRIEJXWFQfeesSu2ckTMLMhzednLWweVkCnw7iacW8BNvR3XZDTwL3bD42RXDV8hNYn%2BpdHYBf7m0KISFLTNGgG7GEMQ5WRnFVoeo9hboP1wfybVna0Lg5g%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f3fede9954a9-YYZ
expires
Fri, 18 Aug 2023 01:45:46 GMT
fontawesome-webfont.woff2
ca.duboku.fun/template/mytheme/statics/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/template/mytheme/statics/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/template/mytheme/statics/css/mytheme-font.css?v=2.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://ca.duboku.fun/template/mytheme/statics/css/mytheme-font.css?v=2.8
Origin
https://ca.duboku.fun
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Nov 2016 03:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3751
etag
"581aaa14-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaC6U%2BYbEXrqYh9jyS5CSY6njXNWwpV%2FbNnQyTGD4R%2B40uYnpAyNWqET8SJRyOVjwFEREu11CQj2P4fFaAJV7DUgyqNY1G21jeauMQk9fbxLWoUqUyP9NW4rH0kCA%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f83f3ff3ecd54a9-YYZ
content-length
77160
vidjs.js
ca.duboku.fun/static/player/ 		320 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/static/player/vidjs.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/js/player.js?t=a20230818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c05831e90fd03f90fcf378965750f808d1adf4b2b915902975fcaf95b11dfc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 03 Sep 2022 03:38:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646530
etag
W/"6312cc30-140"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gp2q8D9DZ7%2B5KLCDgb%2BDXwH1ySSwJOzKnlws3UJIRkwJDgsZ03mN5jgu9faSlffLnYR9RLxMGjf4UdxLMKItCNyxNK%2BSmSWF7l9HGpSlnBXbl5GefKVp%2BfIteUs9ylg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
7f83f3ffaf1b54a9-YYZ
expires
Tue, 18 Jul 2023 15:15:27 GMT
vidjs.html
ca.duboku.fun/static/player/ Frame 3A2F 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/static/player/vidjs.html
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/js/player.js?t=a20230818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6c1fff28dfbebb7d3152fc1ce418bf1441b971ad0e39e17b454cdbf9cc3c274

Request headers

Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f83f3ffef5654a9-YYZ
content-encoding
br
content-type
text/html
date
Thu, 17 Aug 2023 18:24:17 GMT
last-modified
Sat, 03 Sep 2022 15:32:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iXPVNi2IvE9pqvEu07RlJbjM1qFS0ISJngJOz8y7zS7nAp7%2BPFhTCsWyj%2BNA4LgxL45gDNuT9m5SVuk5iCtLqPFTLFgtQ5I%2Bo1j8dX80UfeX9WFBErjdEIdDvEOqUCc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
3833-1-14.html
ca.duboku.fun/vodplay/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/vodplay/3833-1-14.html
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/js/player.js?t=a20230818
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26d3f8369e95ce4f9e3baa3b2d3d5059827508149b80883f47e03cba67b02c1b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qezGRYAcMbo65X3jN0TTA%2FN64erTQlnVr%2Fz4mn3572uvDzwBDfoJgZ7hW6kzaG0KNUAI1ZLJI0Eb4TghkmtVJsaZwK4%2FbZ4%2FnJDlVvPMfUQU21SwKFxzEtfs%2FxieouM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cf-ray
7f83f3ffef5854a9-YYZ
d31516e51.png
ca.duboku.fun/template/mytheme/statics/image/20200420/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.duboku.fun/template/mytheme/statics/image/20200420/d31516e51.png
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edf7bb11dc8ffe0683d2c1a0949ae4b2b191a7ba8b4f088feeb4691a98ac7491

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:17 GMT
cf-cache-status
HIT
last-modified
Sun, 19 Apr 2020 17:58:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646543
etag
"5e9c9132-10cc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3r%2BcfyeiYE6WR9vorSAVPobmjQjY8nDBLzPXeN%2BgYL%2B%2BqSPriOQnU6dy%2FgFuOzQbXXcIzYje63jwBrxbSEakW3Bmrj4roYsP2YDBOrNR3PubPFtqkQaCzIczJqHtL%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7f83f3ffef5954a9-YYZ
content-length
4300
expires
Thu, 17 Aug 2023 03:15:14 GMT
3833-1-14.html
ca.duboku.fun/vodplay/ 		27 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/vodplay/3833-1-14.html?_=1692296657704
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/template/mytheme/statics/js/jquery.min.js?v=3.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaf7629e8504db73df0546fcf6b8b264bbcea226d442664e64088275f471a6f8

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgWP5devSft3rRLHiepdPyJgGO87A6smF%2BU31MCqWy8MIlR%2FJkrX8GnIuRkCV%2Fj53FsCF3AP6yOFnlt2p2YEAm%2FRdFYHCaAae0wdoJnRCgcf86hcgGW0H116jvOeh5A%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
7f83f4000f6954a9-YYZ
hits
ca.duboku.fun/index.php/ajax/ 		101 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/index.php/ajax/hits?mid=1&id=3833&type=update
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/template/mytheme/statics/js/jquery.min.js?v=3.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014757a21ecb01600032d707bff4195746e0605b02841853adc32ed08dce7191

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyPPIonrAJShnxE9pPqr%2BeD3m%2BhsMydwYu4px67MrRNgLgiCp7oDTkDMoCIMtTy2gfZwzgxuh0mXLAeJokte2mzB2ZgDIBnycjsoeE6zxOCqajyKKWIqLkoC5cOtHUw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
7f83f4009fe554a9-YYZ
/
ca.duboku.fun/index.php/user/ajax_ulog/ 		85 B
692 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/index.php/user/ajax_ulog/?ac=set&mid=1&id=3833&sid=1&nid=14&type=4
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/template/mytheme/statics/js/jquery.min.js?v=3.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36db3ed626f3f449e9b3aa7f8713194a7a1d0929fb09b7a9f31288e03a3c8b23

Request headers

Accept
*/*
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X9mda%2BmPOWsRsXSIz15ABm%2FipLq8ldVfrYlbnaWbtTNBHYJA3FO7X1kqpQmRVhp5kG4EdeHkBFdjzUu8idxff9DA%2FY5QqWkL4mtrRnWggSZvQNCRASPRdoC%2BIIDy8Ck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
7f83f4009fe654a9-YYZ
ajax.html
ca.duboku.fun/index.php/comment/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ca.duboku.fun/index.php/comment/ajax.html?rid=3833&mid=1&page=1
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/template/mytheme/statics/js/jquery.min.js?v=3.3.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
603124d76c57e82194d81453b4af02b9b1139579954feaaf5693fa9878da67a4

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
X-Requested-With
XMLHttpRequest
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HbG0Uy9aBDtWqOn2IoaqKLUegDh%2BBY4KXcD%2Bj9%2BxJgL%2FTNXLIPqSr0c2xmTRx4TYXDQOxw6wOl5Bt%2BUhkutw0Y9xFYiSE7ru5B1mxv%2FfaRpH5hAE6necgWjqExfnsOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cf-ray
7f83f400afea54a9-YYZ
316bb204ca91270e20a422a87593d548.jpg
pub.gboku.com/upload/vod/20230724-1/ 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub.gboku.com/upload/vod/20230724-1/316bb204ca91270e20a422a87593d548.jpg
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.128.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a38459eb9a4104e9333d4aed4be978b0eb0f88ce9b0c2a72b70b223d238dec5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Mon, 24 Jul 2023 02:22:26 GMT
server
cloudflare
age
2131244
etag
"64bde062-11466"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7f83f400fa2c39f2-YYZ
content-length
70758
expires
Wed, 23 Aug 2023 02:23:34 GMT
videojs97.min.css
re.duboku.net/player/css/ Frame 3A2F 		69 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/css/videojs97.min.css?v=1.6
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb096c11250ce855ef29dd50530f7e65bc822115ca1045fc72245f7a0775768

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 17:41:43 GMT
server
cloudflare
age
14174
etag
W/"63124057-11323"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f4010ee136ca-YYZ
expires
Fri, 18 Aug 2023 02:28:04 GMT
ima97.min.css
re.duboku.net/player/css/ Frame 3A2F 		2 KB
970 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/css/ima97.min.css?v=1.6
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40874a0edec70983650bd3d6a30f2edfaf6760050fe372e02707bf308f4998a0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 17:41:43 GMT
server
cloudflare
age
14220
etag
W/"63124057-9f6"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
cf-ray
7f83f4010ee236ca-YYZ
expires
Fri, 18 Aug 2023 02:27:18 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3A2F 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
sffe /
Resource Hash
a5e2f3ea6e601012859abbc5da7eef35d1cf45011a0275cd9a86dbd0f7fd4101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121804
x-xss-protection
0
expires
Thu, 17 Aug 2023 18:24:18 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 3A2F 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 18:24:18 GMT
video97.min.js
re.duboku.net/player/js/ Frame 3A2F 		563 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/js/video97.min.js?t=1.6
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abeed4f18f48c235ffd15e3864555d3a1bb1d6b02820680f892b9eb28d1ab508

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 17:38:15 GMT
server
cloudflare
age
14243
etag
W/"63123f87-8cbc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f4010ee336ca-YYZ
expires
Fri, 18 Aug 2023 02:26:55 GMT
videojs97.ima.min.js
re.duboku.net/player/js/ Frame 3A2F 		35 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/js/videojs97.ima.min.js?t=1.6
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c781a6236759c22ccd00bd5e306f492e21d5bbea582af19c60d39ce02adb1f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 17:38:15 GMT
server
cloudflare
age
14243
etag
W/"63123f87-8d08"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f4010ee436ca-YYZ
expires
Fri, 18 Aug 2023 02:26:55 GMT
nuevo97.min.js
re.duboku.net/player/js/ Frame 3A2F 		85 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/js/nuevo97.min.js?t=1.6
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321d5c0f55a59b25d40fbe7ea8de81fc31f92fcf24cec532c61c918dd5000333

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Mar 2023 10:56:53 GMT
server
cloudflare
age
14243
etag
W/"641c3075-152f3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f4010ee536ca-YYZ
expires
Fri, 18 Aug 2023 02:26:55 GMT
videojs97-contrib-ads.min.js
re.duboku.net/player/js/ Frame 3A2F 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/js/videojs97-contrib-ads.min.js?t=1.6
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24c967ea717f65a7aee6d6fc34a6db4b9667555d2e4b4193f5d6d09ba236cf72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2022 17:38:15 GMT
server
cloudflare
age
14174
etag
W/"63123f87-6913"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f4010eea36ca-YYZ
expires
Fri, 18 Aug 2023 02:28:04 GMT
videojs-chromecast.min.js
re.duboku.net/player/js/ Frame 3A2F 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/js/videojs-chromecast.min.js?t=1.7
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e636340d9b2c10a637ca93abcc873f941873b6fbbb7cd58a2dcab35fcdd134f4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 03 Sep 2022 15:12:37 GMT
server
cloudflare
age
14243
etag
W/"63136ee5-13879"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f4010ee936ca-YYZ
expires
Fri, 18 Aug 2023 02:26:55 GMT
videojs.airplay.js
re.duboku.net/player/js/ Frame 3A2F 		1 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://re.duboku.net/player/js/videojs.airplay.js?t=1.7
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.23.140.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
646d519a1538bb789e788da3fffeaa245f152a7145fb8ba7872a51350f66bbc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sat, 03 Sep 2022 15:12:36 GMT
server
cloudflare
age
14243
etag
W/"63136ee4-5ca"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
7f83f4010ee736ca-YYZ
expires
Fri, 18 Aug 2023 02:26:55 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ff737a870860fedda898f0c1d515a3ba93523652b3a9c8d08694ba9f7fba5f16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128190
x-xss-protection
0
server
cafe
etag
4084682342549532221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:18 GMT
index.html
ca.duboku.fun/index.php/verify/ 		460 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.duboku.fun/index.php/verify/index.html
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0cc6c3fe373a9b90932405482f42d62aab06bf4097b26df6a5a6fed435c3c8d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 18:24:18 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1moK%2FmsLv4AIcR%2B9BGUs2AdQa%2BlspYKLwyeOZTjTiJ2V70TSPjRbPH%2Fk%2FT3lxKgoSQKqvMiyfJufZEYmsZkwOjToy7f1Z4VDLGlpmbdH0NiP%2FM3TB1Oe0u%2BlJUws1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
cache-control
no-store, no-cache, must-revalidate
cf-ray
7f83f401788e54a9-YYZ
content-length
460
expires
Thu, 19 Nov 1981 08:52:00 GMT
duface.png
ca.duboku.fun/static/images/home/ 		736 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ca.duboku.fun/static/images/home/duface.png
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.73.67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8930ffac3125a8d57171ff27d8a099677a445c2ac1cac20aae6b0f9af40e8f1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/vodplay/3833-1-14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
cf-cache-status
HIT
last-modified
Mon, 08 Jul 2019 02:09:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2646515
etag
"5d22a5ec-2e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jdnih9v6E1dtTLOF5sQjGTObW5w98GLA9Qg46B42HOoJ9fQeO7pZaJfWXd8%2Bj5j40KQMQ0rHZ%2FXI5%2F6USTUNhccincrwTZPaBfbZv7C3Gk7rP2SunlM9tXcVczmC2s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
7f83f401789054a9-YYZ
content-length
736
expires
Thu, 17 Aug 2023 03:15:43 GMT
truncated
/ Frame 3A2F 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 3A2F 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Thu, 17 Aug 2023 18:24:18 GMT
cast_sender.js
www.gstatic.com/eureka/clank/116/ Frame 3A2F 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/116/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 21:24:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
75587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15373
x-xss-protection
0
last-modified
Mon, 12 Jun 2023 15:06:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 17 Aug 2023 21:24:31 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
603 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ca.duboku.fun&callback=_gfp_s_&client=ca-pub-2786959575497967
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.2 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s40-in-f2.1e100.net
Software
cafe /
Resource Hash
a503c0e0aa8d4a5226049e214c46eab2ee80db8acc6b4e473e82639d3b5aa7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
252
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9FEA 		116 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
6034db0e895ecced885626e9d32fb9b2a11e69a965d247961e01c3ccf82b2457
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39636
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:24:19 GMT
expires
Thu, 17 Aug 2023 18:24:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 3A2F 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
277e9dbd87bfec35e78ac1f49b3bcbca6f4631affeeb20a9015e079a54f2b1a4

Request headers

Referer
Origin
https://ca.duboku.fun
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
font/woff;charset=utf-8
ads
googleads.g.doubleclick.net/pagead/ Frame C10C 		119 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
6a92493988a99f4376ae7c53b4674f663bdb7b02be597181a343617d45ae9213
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
39354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:24:19 GMT
expires
Thu, 17 Aug 2023 18:24:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B883 		321 KB
77 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&adk=1812271804&adf=3025194257&lmt=1692321858&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658105&bpp=1&bdt=504&idt=382&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280%2C320x250&nras=1&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=405
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
5b62a89d9e05a2862d827098a3f11cd27cda71e5e4bc62ba050982fc1cb4b651
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
78351
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:24:19 GMT
expires
Thu, 17 Aug 2023 18:24:19 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
f6650d61-fbca-4556-89ef-c92c0cc3b562
https://ca.duboku.fun/ Frame 3A2F 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ca.duboku.fun/f6650d61-fbca-4556-89ef-c92c0cc3b562
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
5497
Content-Type
application/javascript
5eec376e-b793-45b1-8c1c-1bd998b05dce
https://ca.duboku.fun/ Frame 3A2F 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ca.duboku.fun/5eec376e-b793-45b1-8c1c-1bd998b05dce
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
79884
Content-Type
application/javascript
ec7b71c4-c54c-4320-a930-68cdee5e08f5
https://ca.duboku.fun/ Frame 3A2F 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ca.duboku.fun/ec7b71c4-c54c-4320-a930-68cdee5e08f5
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
79884
Content-Type
application/javascript
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 5EFE 		718 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.42 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f10.1e100.net
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
199154
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 11:05:04 GMT
expires
Wed, 14 Aug 2024 11:05:04 GMT
last-modified
Tue, 08 Aug 2023 13:51:58 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3A2F 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.166 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 18:24:21 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE6D 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:41:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2570
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 17 Aug 2023 18:41:28 GMT
9620f3a7-9d42-49a6-88fb-10896c9f57bd
https://ca.duboku.fun/ Frame 3A2F 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ca.duboku.fun/9620f3a7-9d42-49a6-88fb-10896c9f57bd
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
5497
Content-Type
application/javascript
59bb9510-7b03-4f24-8b79-d0ef9369f842
https://ca.duboku.fun/ Frame 3A2F 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ca.duboku.fun/59bb9510-7b03-4f24-8b79-d0ef9369f842
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
79884
Content-Type
application/javascript
94e60606-b4c0-4431-8d69-bdcc2e1629ea
https://ca.duboku.fun/ Frame 3A2F 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ca.duboku.fun/94e60606-b4c0-4431-8d69-bdcc2e1629ea
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/static/player/vidjs.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
79884
Content-Type
application/javascript
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ 		154 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
b5dca5deeac9e17f64e96a94428a05698ba34b07f4da557a1ca8dfb47078c5e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53696
x-xss-protection
0
server
cafe
etag
15224640145286349186
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:19 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 1761 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:46:04 GMT
etag
13776922816869014096
expires
Thu, 31 Aug 2023 14:46:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/ Frame 0454 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
13095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 14:46:04 GMT
etag
13776922816869014096
expires
Thu, 31 Aug 2023 14:46:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 1761 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 17:28:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 18:24:19 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1761 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 20:32:34 GMT
x-content-type-options
nosniff
age
78705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 Aug 2024 20:32:34 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1761 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:06:58 GMT
x-content-type-options
nosniff
age
163041
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 14 Aug 2024 21:06:58 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 1761 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6470
x-xss-protection
0
server
cafe
etag
4595109392211754618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:10 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/ Frame 1761 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:15:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72549
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:15:10 GMT
css
fonts.googleapis.com/ Frame 0454 		4 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 16:48:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 18:24:19 GMT
3120884312967279737
tpc.googlesyndication.com/gpa_images/simgad/ Frame 0454 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/3120884312967279737
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
ac3d12cf57ea2686e3eca97d9593912bfedf8d829a275f78e5b955c589578c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 06:46:49 GMT
x-content-type-options
nosniff
age
41850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50173
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 05:45:05 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 06:46:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 0454 		2 KB
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 0454 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
72572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 0454 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 0454 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0454 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:19 GMT
e822d7071992e030a786d1a51b1f59a7.js
www.gstatic.com/mysidia/ Frame 0454 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14926
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 00:01:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:35:31 GMT
10640373187157658489
tpc.googlesyndication.com/gpa_images/simgad/ Frame 0454 		98 KB
98 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/10640373187157658489
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
72cd5c8fd76fa24fcf7da1858140f05e086d3a37a5a901b4fc0fd7ff362cf101
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 09:54:38 GMT
x-content-type-options
nosniff
age
30581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
99988
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 22:58:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 09:54:38 GMT
3787735846428411080
tpc.googlesyndication.com/gpa_images/simgad/ Frame 0454 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/3787735846428411080
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
ac3d12cf57ea2686e3eca97d9593912bfedf8d829a275f78e5b955c589578c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:13:08 GMT
x-content-type-options
nosniff
age
25871
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50173
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 23:07:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 11:13:08 GMT
11606774252631717604
tpc.googlesyndication.com/simgad/ Frame 0454
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDryZbdVBCACBiACDIIaY_7PwG7pEY
  • https://tpc.googlesyndication.com/simgad/11606774252631717604
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11606774252631717604
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 03:41:58 GMT
x-content-type-options
nosniff
age
484941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 11:07:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Aug 2024 03:41:58 GMT

Redirect headers

date
Thu, 17 Aug 2023 17:11:37 GMT
x-content-type-options
nosniff
server
cafe
age
4362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11606774252631717604
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 17:11:37 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7320169010167946244/ Frame 9FEA 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7320169010167946244/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
98eb6f66143933b8bebd91e1f44a0184d937f8ace95f14d369d2a3de692dd644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 10:22:50 GMT
x-content-type-options
nosniff
age
547289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21405
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 09:11:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Aug 2024 10:22:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 9FEA 		2 KB
926 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame 9FEA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
72572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 9FEA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame 9FEA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9FEA 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:19 GMT
e822d7071992e030a786d1a51b1f59a7.js
www.gstatic.com/mysidia/ Frame 9FEA 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14926
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 00:01:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:35:31 GMT
truncated
/ Frame 9FEA 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9FEA 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BCEF 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame BCEF 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
72572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:47 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3226 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 17:31:03 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BCEF 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame BCEF 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BCEF 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:19 GMT
e822d7071992e030a786d1a51b1f59a7.js
www.gstatic.com/mysidia/ Frame BCEF 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14926
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 00:01:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:35:31 GMT
truncated
/ Frame 0454 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aceb0e972d13b4e0c116d8b84f25e502168e1d181163cd5c0bc059c61de36f78

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame C10C 		4 KB
728 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.234 Newark, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f10.1e100.net
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 17 Aug 2023 16:25:27 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 17 Aug 2023 18:24:19 GMT
11606774252631717604
tpc.googlesyndication.com/simgad/ Frame C10C
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDryZbdVBCACBiACDIIaY_7PwG7pEY
  • https://tpc.googlesyndication.com/simgad/11606774252631717604
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11606774252631717604
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Sat, 12 Aug 2023 03:41:58 GMT
x-content-type-options
nosniff
age
484941
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8502
x-xss-protection
0
last-modified
Tue, 09 Apr 2019 11:07:25 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Aug 2024 03:41:58 GMT

Redirect headers

date
Thu, 17 Aug 2023 17:11:37 GMT
x-content-type-options
nosniff
server
cafe
age
4362
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/11606774252631717604
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 16 Sep 2023 17:11:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame C10C 		2 KB
927 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
72563
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/ Frame C10C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
72572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame C10C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/ Frame C10C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230815/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:14:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
72578
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 30 Aug 2023 22:14:41 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C10C 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.226 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f2.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 18:24:19 GMT
e822d7071992e030a786d1a51b1f59a7.js
www.gstatic.com/mysidia/ Frame C10C 		35 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s71-in-f3.1e100.net
Software
sffe /
Resource Hash
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:35:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
150528
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14926
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 00:01:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:35:31 GMT
truncated
/ Frame 9FEA 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b75193accdb69ada5ec88ff975c96aade1c3577724d71c1af2311f50bca3537a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame C10C 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
www.googleadservices.com/pagead/ar-adview/ Frame 0454
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Cny-S0mXeZPnyIvL4xtYP67-9gAS3iZiea_GikL_sDmQQASDQ5qJ-YP2gmYHoA6ABsLqh1wPIAQmpAuOktpn4S7I-qAMByAPLBKoE1gFP0G-UhGG9wLWSpIVVv4njcq77JdNYiPMNBgaSmCW...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee765acc7570000000000000000%22},%22debug_key%22:%2214260323162406083870%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211312769335918935089%22}&andc=true
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H3
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x74f44d27a1a99ae0000000000000000","2":"0x6a68ce86aab15ee40000000000000000","5":"0x127ffee765acc7570000000000000000"},"debug_key":"14260323162406083870","debug_reporting":true,"destination":"https://kayak.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"11312769335918935089"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 18:24:21 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 17 Aug 2023 18:24:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x74f44d27a1a99ae0000000000000000","2":"0x6a68ce86aab15ee40000000000000000","5":"0x127ffee765acc7570000000000000000"},"debug_key":"14260323162406083870","debug_reporting":true,"destination":"https://kayak.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"11312769335918935089"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 9FEA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CXyc00mXeZN-MHOfqvPIPuKq9gAWmxr_ybMeG0ajdDdrZHhABINDmon5g_aCZgegDoAGxhcazAcgBCagDAcgDywSqBOMBT9Bh3lSHioc28d36c8CuMICiQeq-NZNda4WXmH7c_hjDDcfS1vA...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa9000e213f90b0410000000000000000%22,%222%22:%220x5ef0fb0d2a46ec540000000000000000%22,%225%22:%220x9257f9...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa9000e213f90b0410000000000000000%22,%222%22:%220x5ef0fb0d2a46ec540000000000000000%22,%225%22:%220x9257f92a09ea4f4f0000000000000000%22},%22debug_key%22:%2216982814689456338696%22,%22debug_reporting%22:true,%22destination%22:%22https://gemhooray.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22376537777%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211856178954425909361%22}&andc=true
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H3
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xa9000e213f90b0410000000000000000","2":"0x5ef0fb0d2a46ec540000000000000000","5":"0x9257f92a09ea4f4f0000000000000000"},"debug_key":"16982814689456338696","debug_reporting":true,"destination":"https://gemhooray.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["376537777"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"11856178954425909361"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 18:24:21 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 17 Aug 2023 18:24:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xa9000e213f90b0410000000000000000","2":"0x5ef0fb0d2a46ec540000000000000000","5":"0x9257f92a09ea4f4f0000000000000000"},"debug_key":"16982814689456338696","debug_reporting":true,"destination":"https://gemhooray.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["376537777"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"11856178954425909361"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
pagead2.googlesyndication.com/bg/ Frame 6443 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
162410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14741
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:30 GMT
aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
pagead2.googlesyndication.com/bg/ Frame FA5B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=280&slotname=2512760966&adk=701820642&adf=1715028348&pi=t.ma~as.2512760966&w=1000&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=1000x280&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658099&bpp=4&bdt=498&idt=185&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&correlator=4296962658469&frm=20&pv=2&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=130&ady=745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=g3CpGV9kYk&p=https%3A//ca.duboku.fun&dtd=218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
162410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14741
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee765acc7570000000000000000%22},%22debug_key%22:%2214260323162406083870%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211312769335918935089%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 18:24:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3226
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.35.162 Marriottsville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s78-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:24:23 GMT
expires
Thu, 17 Aug 2023 18:24:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:24:23 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
pagead2.googlesyndication.com/bg/ Frame ECC0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
162410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14741
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xa9000e213f90b0410000000000000000%22,%222%22:%220x5ef0fb0d2a46ec540000000000000000%22,%225%22:%220x9257f92a09ea4f4f0000000000000000%22},%22debug_key%22:%2216982814689456338696%22,%22debug_reporting%22:true,%22destination%22:%22https://gemhooray.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22376537777%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211856178954425909361%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 18:24:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C10C 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8c64f51ec0e80f8265a6d2f8dc5ae1306f21177d10b178a2ef916f766ec7a73

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C10C 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.67 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f3.1e100.net
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 10 Aug 2023 19:57:03 GMT
x-content-type-options
nosniff
age
599237
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Aug 2024 19:57:03 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame C10C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CNfp30mXeZLT0G-L6vPIPxdu_iAS3iZiea_GikL_sDu-kmtaDKhABINDmon5g_aCZgegDoAGwuqHXA8gBCakC46S2mfhLsj6oAwHIA8sEqgTSAU_QvZa8mwYn09hfpNDfQB1YWI5-Mi3ohJ-...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee765acc7570000000000000000%22},%22debug_key%22:%226802747801846605405%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218353431485161628257%22}&andc=true
Requested by
Host: ca.duboku.fun
URL: https://ca.duboku.fun/vodplay/3833-1-14.html
Protocol
H3
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:21 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x74f44d27a1a99ae0000000000000000","2":"0x6a68ce86aab15ee40000000000000000","5":"0x127ffee765acc7570000000000000000"},"debug_key":"6802747801846605405","debug_reporting":true,"destination":"https://kayak.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"18353431485161628257"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 17 Aug 2023 18:24:21 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 17 Aug 2023 18:24:20 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x74f44d27a1a99ae0000000000000000","2":"0x6a68ce86aab15ee40000000000000000","5":"0x127ffee765acc7570000000000000000"},"debug_key":"6802747801846605405","debug_reporting":true,"destination":"https://kayak.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["988306736"],"4":["08-17"],"6":["true"]},"priority":"500","source_event_id":"18353431485161628257"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
pagead2.googlesyndication.com/bg/ Frame 505D 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2786959575497967&output=html&h=250&slotname=2512760966&adk=3567936233&adf=1960069833&pi=t.ma~as.2512760966&w=320&fwrn=4&fwrnh=100&lmt=1692321858&rafmt=1&format=320x250&url=https%3A%2F%2Fca.duboku.fun%2Fvodplay%2F3833-1-14.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692296658103&bpp=1&bdt=502&idt=283&shv=r20230816&mjsv=m202308100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1000x280&correlator=4296962658469&frm=20&pv=1&ga_vid=234700493.1692296658&ga_sid=1692296658&ga_hid=1935725943&ga_fc=0&u_tz=-420&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1160&ady=110&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31076838%2C31077148%2C44795911%2C44799571%2C44769661&oid=2&pvsid=3846571395995103&tmod=1812810772&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=IRiu6czSYB&p=https%3A//ca.duboku.fun&dtd=293
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
162410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14741
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:30 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x74f44d27a1a99ae0000000000000000%22,%222%22:%220x6a68ce86aab15ee40000000000000000%22,%225%22:%220x127ffee765acc7570000000000000000%22},%22debug_key%22:%226802747801846605405%22,%22debug_reporting%22:true,%22destination%22:%22https://kayak.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22988306736%22],%224%22:[%2208-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218353431485161628257%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.66 Staten Island, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s35-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Thu, 17 Aug 2023 18:24:21 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 0454 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssrWgQbgNyxMBrcKzA21xIg_ZhqeLUy46UBNVEJTUHlzbyLY70cx_tiuqIyjSs6VqTUADeYqvGI1jnibI261aZSRMCdH-C72G5C-BGVK3CXMqZe34ypwQ5NsoYYQLKu76RVzUbyD3iDUw&sai=AMfl-YR5C0ZhBIPi9nwC7Bkt8UeUtPo-k7tTNd6tTyDmtF3OUfNbMw68E0aCMH1qCYYJnjKa7YvXzKbBqzhi&sig=Cg0ArKJSzOszeqelq8jsEAE&cid=CAQSGwBpAlJWIwT_puvzY0xqHQwSVMb5EFv2OnyWhhgB&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=239,851,1004,1004,1004&tos=239,612,153,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692296659505&rpt=513&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 18:24:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9FEA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaFs5w6wr6NzFkIyjuSmCqgzx1b_c8STXJ9tI_mZQ6fHiw2N-zfQymF6hFZ0uLvtcpZ3cnX06i0_Z-BjXHJU406CrGBU50mdwr5_XlgYVtacEkSp31-kAPsA9yfJWo9LjE7AbmqL0kgA&sai=AMfl-YSnV9qd020WeqlF96HDj3MSDlW91GreObfw1V9YNvhELdwuoFhmMWMOtKSsebEt6RlOeScwfis72rQ9&sig=Cg0ArKJSzBeJBWFiNuUjEAE&cid=CAQSGwBpAlJWqC3xZRRnBEk8a241X19DnODU9uNhNBgB&id=lidar2&mcvt=1000&p=0,0,280,1000&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=701820642&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692296658320&rpt=1740&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 18:24:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C10C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLbaMczsSVDrNHz4mxa9NYb0HbU9JGvNmTg6nyt_v_a0z6GgXMEljXhKUi_t-RAEwg64sZUHbDh1WZNl7f11hJuCZpGbyeShdb-j8XplXRrLvK5z39DI0n42gQ8iu_lXPMjGX7mgenHw&sai=AMfl-YTelPNXgMq6hhNPgQ7dx_x91aaSITmj6CU1RXJpMllEf1eCjXFxC412xMqT6G46EKCK67OSbLv-Hfxt&sig=Cg0ArKJSzG0S1LTo1T4cEAE&cid=CAQSGwBpAlJWP3kEeNHzBY4KxKecFF6U0Xlx72E98hgB&id=lidar2&mcvt=1001&p=0,0,250,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3567936233&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692296658398&rpt=2200&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 18:24:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
15096c69edb831a5f0da9691298edd68d13d579dc9210412d3fadfc77a2f34c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11668
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ca.duboku.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 18:24:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 18:24:23 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6FDC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
42132
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 06:42:11 GMT
expires
Fri, 16 Aug 2024 06:42:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9F96 		831 B
990 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.196 -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
90126d0382731496382b5627706543bff0bbb44b92a1024647a7f713e9c6524a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Px1dJiDU5lqlbGCoZ_6oOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ca.duboku.fun/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-Px1dJiDU5lqlbGCoZ_6oOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 18:24:23 GMT
expires
Thu, 17 Aug 2023 18:24:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
pagead2.googlesyndication.com/bg/ Frame 6FDC 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:17:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
162413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14741
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:17:30 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9F96 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=3846571395995103&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6FDC 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/generate_204?wdsGgw

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| documentPictureInPicture object| maccms object| myui function| $ function| jQuery object| layer function| QRCode function| Headroom function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded object| MyTheme object| Myui string| base64EncodeChars object| base64DecodeChars function| base64encode function| base64decode function| utf16to8 function| utf8to16 object| MAC undefined| history_get undefined| json object| player_data object| MacPlayerConfig function| killErrors object| MacPlayer object| adsbygoogle object| $scrollTopLink object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| $type number| google_global_correlator function| google_sa_impl boolean| _gfp_p_ object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| closure_lm_42500

6 Cookies

Domain/Path Name / Value
ca.duboku.fun/ Name: history
Value: %5B%7B%22name%22%3A%22%E7%A0%B4%E6%AF%92%E5%BC%BA%E4%BA%BA%22%2C%22pic%22%3A%22https%3A%2F%2Fpub.gboku.com%2Fupload%2Fvod%2F20230724-1%2F316bb204ca91270e20a422a87593d548.jpg%22%2C%22link%22%3A%22%2Fvodplay%2F3833-1-14.html%22%2C%22part%22%3A%22%E7%AC%AC14%E9%9B%86%22%7D%5D
ca.duboku.fun/ Name: PHPSESSID
Value: 10rgshtc0ilksg3reena9bqhd0
.duboku.fun/ Name: __gads
Value: ID=4b67ff5bd1ef4e54-2247fba6a4e30049:T=1692296659:RT=1692296659:S=ALNI_MaoJ7bHRpuHlY33JA8XoxXsJvwSsg
.duboku.fun/ Name: __gpi
Value: UID=00000d8becc34fe9:T=1692296659:RT=1692296659:S=ALNI_MbjWMInYjhilvmFpDuSOqhzxryGvw
.doubleclick.net/ Name: IDE
Value: AHWqTUkCDqlKG5cGLkxTY-P6ro3KJZXm2l6qMTMIBNgAKKqjp0nTwGCuEGS8c3nb1LQ
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ca.duboku.fun
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pub.gboku.com
re.duboku.net
s0.2mdn.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
tpc.googlesyndication.com
104.23.128.74
104.23.140.14
142.250.176.194
142.250.65.163
142.250.65.225
142.250.80.42
142.250.80.66
142.250.80.67
142.250.81.226
142.251.35.162
142.251.40.166
142.251.40.196
142.251.40.234
142.251.41.2
172.67.73.67
014757a21ecb01600032d707bff4195746e0605b02841853adc32ed08dce7191
0a38459eb9a4104e9333d4aed4be978b0eb0f88ce9b0c2a72b70b223d238dec5
12b533bd4844e7fdbc43308a3b215a0be38e021bf319993deae78ca1db193efc
14b4828061e353138de2af3acdc08a862b1394a2a6bc8adb82b29e932167e903
15096c69edb831a5f0da9691298edd68d13d579dc9210412d3fadfc77a2f34c6
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16c05831e90fd03f90fcf378965750f808d1adf4b2b915902975fcaf95b11dfc
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ce6649d82d2db0f8e4823f701ddfcfd9c7f107cb446c907e46ec7e57171a2a3
24c967ea717f65a7aee6d6fc34a6db4b9667555d2e4b4193f5d6d09ba236cf72
26d3f8369e95ce4f9e3baa3b2d3d5059827508149b80883f47e03cba67b02c1b
277e9dbd87bfec35e78ac1f49b3bcbca6f4631affeeb20a9015e079a54f2b1a4
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
321d5c0f55a59b25d40fbe7ea8de81fc31f92fcf24cec532c61c918dd5000333
36db3ed626f3f449e9b3aa7f8713194a7a1d0929fb09b7a9f31288e03a3c8b23
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
40605dd8d4eff802b59bfc8204dc50055c753bb83c733c8c96241bf9836264bc
40874a0edec70983650bd3d6a30f2edfaf6760050fe372e02707bf308f4998a0
43bff9d0f3f151303c9255bc38f0b4e107785ceb09adef04c2b61430bdf64a62
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
4bb096c11250ce855ef29dd50530f7e65bc822115ca1045fc72245f7a0775768
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
549b89b0439836d0eae0a21fd06eeafdcb305baaa7b3150ab8c9e5a2754d7689
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b62a89d9e05a2862d827098a3f11cd27cda71e5e4bc62ba050982fc1cb4b651
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
603124d76c57e82194d81453b4af02b9b1139579954feaaf5693fa9878da67a4
6034db0e895ecced885626e9d32fb9b2a11e69a965d247961e01c3ccf82b2457
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
646d519a1538bb789e788da3fffeaa245f152a7145fb8ba7872a51350f66bbc2
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
6a92493988a99f4376ae7c53b4674f663bdb7b02be597181a343617d45ae9213
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72cd5c8fd76fa24fcf7da1858140f05e086d3a37a5a901b4fc0fd7ff362cf101
74ca965386669eb824dcdb9b1fe2f35b776f099e63034533734818b33f11bd59
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8144b8309e781eac9363366e1a92f63aaf0728db8cd6cc19ce58347eedf6a896
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
82f91ebbb2e7e2ead5095d7bf5e5eb93bd6bcfa874d77b7c90bb0b308972b4ce
8930ffac3125a8d57171ff27d8a099677a445c2ac1cac20aae6b0f9af40e8f1d
8c781a6236759c22ccd00bd5e306f492e21d5bbea582af19c60d39ce02adb1f7
90126d0382731496382b5627706543bff0bbb44b92a1024647a7f713e9c6524a
98eb6f66143933b8bebd91e1f44a0184d937f8ace95f14d369d2a3de692dd644
9cdf2602ac04f7e2bed582d4299c73d464fc4ab069e3ad5a20ee2b6635a015b8
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a503c0e0aa8d4a5226049e214c46eab2ee80db8acc6b4e473e82639d3b5aa7e2
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a5e2f3ea6e601012859abbc5da7eef35d1cf45011a0275cd9a86dbd0f7fd4101
a8c64f51ec0e80f8265a6d2f8dc5ae1306f21177d10b178a2ef916f766ec7a73
abeed4f18f48c235ffd15e3864555d3a1bb1d6b02820680f892b9eb28d1ab508
ac3d12cf57ea2686e3eca97d9593912bfedf8d829a275f78e5b955c589578c20
aceb0e972d13b4e0c116d8b84f25e502168e1d181163cd5c0bc059c61de36f78
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b5dca5deeac9e17f64e96a94428a05698ba34b07f4da557a1ca8dfb47078c5e4
b75193accdb69ada5ec88ff975c96aade1c3577724d71c1af2311f50bca3537a
b84a040fd55faaaf47283f1829aa8a90442bf0c1a30b9ff06f8cbee5636942eb
bc1d7cd932a611d1f694e2fac6208ca97dda05ed4d96bfcb2f176caaf37de541
c0cc6c3fe373a9b90932405482f42d62aab06bf4097b26df6a5a6fed435c3c8d
c231ceb10792f2142568bd5e2ce8c6f38cb0233ce224deb1f5c3cac13443556c
c6c1fff28dfbebb7d3152fc1ce418bf1441b971ad0e39e17b454cdbf9cc3c274
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e7ee5623989e625837cbdbda8c519ddd48b302add2d30e7b3fee46b6b96fc6
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db1ecdf518d348d3297d823e85fe0d000f2cc511452462ea9b3fd2dbdef68011
dceb0f50b1b7871d8fdc6e8523bee6ad2801cbc44ae4ac79d2a2fe3c5f0657f7
e1996dbe087689523dd4e8eceb547ab151db5ff6eb1103e29a14d1c40ed0e1fb
e287d2012e677798fae823bd1d481cd935ffb35314d21bbe560b77925fa16433
e3144d018a6a24f733c6fc2a2ee603fb583f0030585e9d4b71bec471b78e31fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e443793c22c99a71ea0ca1ae621676267abbbc301e98d78122bdedcbf6ac893a
e636340d9b2c10a637ca93abcc873f941873b6fbbb7cd58a2dcab35fcdd134f4
eaf7629e8504db73df0546fcf6b8b264bbcea226d442664e64088275f471a6f8
edf7bb11dc8ffe0683d2c1a0949ae4b2b191a7ba8b4f088feeb4691a98ac7491
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f452bb384d5ee8f10ca8fb77c6c1bb014aa2409c1259e11183e6a4f29154ad2a
f6edee228a171f50403c61b8eee642112f529b5d974d56fdff8504ac747bc1bb
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
ff737a870860fedda898f0c1d515a3ba93523652b3a9c8d08694ba9f7fba5f16