h5.fundrew.com Open in urlscan Pro
2606:4700:3032::ac43:c671 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://h5.fundrew.com/
Submission: On March 22 via api (March 22nd 2024, 12:00:55 pm UTC) from US — Scanned from US

Summary HTTP 116 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 10 domains to perform 116 HTTP transactions. The main IP is 2606:4700:3032::ac43:c671, located in United States and belongs to CLOUDFLARENET, US. The main domain is h5.fundrew.com.
TLS certificate: Issued by GTS CA 1P5 on March 14th 2024. Valid for: 3 months.

This is the only time h5.fundrew.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	2606:4700:303... 2606:4700:3032::ac43:c671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2607:f8b0:400... 2607:f8b0:4006:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81e::2008	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c0b::9a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::178	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:4092	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:820::2004	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
3	35.241.31.249 35.241.31.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2800:3f0:4001... 2800:3f0:4001:810::2003	15169 (GOOGLE) (GOOGLE)
116	18

32 2606:4700:3032::ac43:c671 (United States)

ASN13335 (CLOUDFLARENET, US)

h5.fundrew.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80f::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c0b::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:4092 (United States)

ASN13335 (CLOUDFLARENET, US)

j.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2607:f8b0:4006:80e::2001 (United States)

ASN15169 (GOOGLE, US)

e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.241.31.249 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2800:3f0:4001:810::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	fundrew.com h5.fundrew.com	3 MB
26	googlesyndication.com e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 143 tpc.googlesyndication.com — Cisco Umbrella Rank: 204	211 KB
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 724 analytics.google.com — Cisco Umbrella Rank: 258 www.google.com — Cisco Umbrella Rank: 5	72 KB
10	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 328	207 KB
9	gstatic.com fonts.gstatic.com csi.gstatic.com www.gstatic.com	95 KB
9	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 275 stats.g.doubleclick.net — Cisco Umbrella Rank: 195	262 KB
8	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 21029 j.adlooxtracking.com — Cisco Umbrella Rank: 20265 data00.adlooxtracking.com — Cisco Umbrella Rank: 15314	83 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	278 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	2 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	253 B
116	10

	Domain	Requested by
32	h5.fundrew.com	h5.fundrew.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com h5.fundrew.com e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com h5.fundrew.com
8	securepubads.g.doubleclick.net	h5.fundrew.com securepubads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	analytics.google.com	www.googletagmanager.com
4	www.googletagmanager.com	h5.fundrew.com www.googletagmanager.com
3	www.gstatic.com	h5.fundrew.com e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
3	data00.adlooxtracking.com	j.adlooxtracking.com
3	j.adlooxtracking.com	p.adlooxtracking.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	p.adlooxtracking.com	h5.fundrew.com p.adlooxtracking.com
1	csi.gstatic.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	www.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
116	19

This site contains no links.

Subject Issuer	Validity	Valid
fundrew.com GTS CA 1P5	`2024-03-14` - `2024-06-12`	3 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2024-03-08` - `2024-06-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
adlooxtracking.com GTS CA 1P5	`2024-01-25` - `2024-04-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.adlooxtracking.com R3	`2024-02-26` - `2024-05-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://h5.fundrew.com/
Frame ID: 86F35EFA7ABE7336CAEE87B7A534479D
Requests: 71 HTTP requests in this frame

Frame: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E41C1DE4DE39BA78A194F34AF8A0C44F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EDC8B74AFDB7DEA66B8A147976B10F34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CEE0A6845A66E688ACFE1C463234294F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032403142137000/amp4ads-v0.mjs
Frame ID: 98248363548407CC538A411C8245A63F
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032403142137000/amp4ads-v0.mjs
Frame ID: 374A9E1ACD424C58D6EC50979350E1EC
Requests: 15 HTTP requests in this frame

Frame: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 112F2704C995CBBB816FC1603A37E817
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: 4A29E3E7834F50BE08B97F53DF41F69E
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js
Frame ID: 69798CA92E09C5D1D35422A1C4387FB9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FectGame - The best casual game center which you don't need to download any app!

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

116
Requests

100 %
HTTPS

88 %
IPv6

10
Domains

19
Subdomains

18
IPs

2
Countries

4087 kB
Transfer

6742 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

116 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
h5.fundrew.com/ 25 KB
6 KB 155ms
44ms Document
text/html 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdb8e30e7c4d660a9e95b53ce676447bf33feb6bd96362056bde5279359ec6c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 86255
alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 868605f04d55b3dd-MIA
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 22 Mar 2024 12:00:46 GMT
last-modified: Thu, 21 Mar 2024 07:07:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mojjAtCYhXQ8kNp58asbqtyQiw020yDn7MI%2Foy2t3mmpEkqGC0N08fY404JHzhMpC7PSx%2Boe3WUTs8fxWbaa%2FdL61fvAH86W2yTG1EryuTfBLoBhuISMpLatlUFCpzFVoK8yZtdcXskHLdyljg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.css
h5.fundrew.com/fectgame/css/ 18 KB
4 KB 51ms
48ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/css/main.css
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7cc72e26e482f77be53f9df0db51e9a6d1f3b708c6c198ee9e8ddd2bd00347e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
cf-polished: origSize=18482
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 27 Feb 2024 03:40:34 GMT
server: cloudflare
etag: W/"65dd59b2-4832"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLP0jfErnlJmhqzQrKL6F2ZpRbaDCL80ULwih0MGrKdQxWYO639pV6MIV1G0Huejs%2FE79HQp%2BfbKgNtFBU3LWPkt0yEov19dr29I9w1IVBT8oQlRVgzzGGZwzflgPvVb4nbXJ%2FqBXN1HKUMqaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f0adb4b3dd-MIA
expires: Thu, 21 Mar 2024 19:11:22 GMT

GET
H2 200 iconfont.css
h5.fundrew.com/fectgame/font/ 876 B
709 B 42ms
40ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/font/iconfont.css
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0bdfbbda1eafa82439e41e5b54e3af9540132fc82877272099e31ce02fba9be5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4866
cf-polished: origSize=1106
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 03 Nov 2023 02:01:42 GMT
server: cloudflare
etag: W/"65445486-452"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WnZXr%2BHraYSEFaSbiOpvNLzkK2sq63Nv0uijOFK35kOH%2BVcA9B%2BjF%2FKiBm9vpawhFXYEflsrq9d8KV0iStHHkjjLvvnVWKauXxGe5ik8lK3rum3zPrSDxVVFjnX6tuIu8vg%2BKuTkeWo8P6hKTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f0adb9b3dd-MIA
expires: Fri, 22 Mar 2024 19:05:39 GMT

GET
H2 200 layui.css
h5.fundrew.com/layui/css/ 72 KB
14 KB 46ms
44ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/layui/css/layui.css
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 555f7b86153227e9631eedebb056e70b067349698a97eedc1d386ae352b3063c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
cf-polished: origSize=95086
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 06:42:50 GMT
server: cloudflare
etag: W/"644a196a-1736e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7fXDr74JwuSDpnpzape2cHfqA7T70fWIVXYNjODp82a6VpYY%2B4cZ2yCAP30eATP3ip427lRVpAP21jk8NE4%2F0JjFIr5Rf2J5SZV2rrNUGpVxpiNtEFDV1ZOnlzb8g3znB6rEz0tesvOEviRWiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f0adbbb3dd-MIA
expires: Thu, 21 Mar 2024 19:05:24 GMT

GET
H2 200 swiper-bundle.min.css
h5.fundrew.com/fectgame/swiper/ 15 KB
5 KB 48ms
46ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/swiper/swiper-bundle.min.css
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86254
etag: W/"1dc09d84-3ccb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2BnxhNxEd7XuimFyV7C1PlceRY%2FKUYrYskIGAIxTGITLxC6tJWtDdoPymqCwa9aOWK%2BTBzOtZrEVac%2BWDARXhnrUS77nSnoKI4twWxsL%2FQcFNpeeUd5qsqL2xFKF3XVU2v8eYF1hZ0Z%2FyMUKKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f0adbcb3dd-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 19:05:24 GMT

GET
H2 200 layui.all.js Show response
h5.fundrew.com/layui/ 272 KB
90 KB 82ms
80ms Script
application/javascript 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/layui/layui.all.js
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5c6a525813e0a61282b95d60110dc8eae2d46db789d0377b610017a35dcf50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
cf-polished: origSize=278671
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Nov 2020 16:02:36 GMT
server: cloudflare
etag: W/"5fbfd19c-4408f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WWFLQ9UcerWV8tfPmh4dYCeI8fXSjfQ9RjMSv4HqwAXOWYFxtyDYCH4VW62ebVL6uXd%2FuN%2BmCU8GF3vZOGdOyhdVFz5gJ57Sk8z0Bu2o8UD7MWfaqJ%2FP4wyJKmRslr70Rjw9%2FdAJm8sYIPb%2BRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 868605f0adbdb3dd-MIA
expires: Thu, 21 Mar 2024 19:03:19 GMT

GET
H2 200 jquery.min.js Show response
h5.fundrew.com/fectgame/js/ 82 KB
30 KB 52ms
51ms Script
application/javascript 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/js/jquery.min.js
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333c29e8bc3e1ab7b66e03bec3f64469da990700b9ace77b36c0f37f2f3b30b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 12 Mar 2021 02:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86254
etag: W/"604ad66c-14988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ucmWx2c1d48c17mcFOaMq4B5GUu%2BXs0m9EYkhCKjq6nsngFqgpLc350tOHhBXG9I6RuoOkJuqwf2XVNTYsLPE5MI9kF8w9YgIqrgVGopQHdY%2BseWyNLpyYf8sGO0iPwF55rpYFYzxbNvVmDCTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 868605f0adbeb3dd-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 19:03:19 GMT

GET
H2 200 lazyload.min.js Show response
h5.fundrew.com/fectgame/js/ 9 KB
3 KB 44ms
43ms Script
application/javascript 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/js/lazyload.min.js
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 180474b852aaad6d003a89a527e927f939cc398ce57a38b5b4b8ad1f83f495d4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 10 Jul 2023 06:45:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86254
etag: W/"64aba920-22be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bPsmReeQtejyiyiommEoFthX6cSeDRWwplVlE1BZM7eFKV7tjL84%2FsMuvIG%2BRaEw2Od3nf1zVwCPTieYOJYG%2FQYxe%2FRLjAoMVezr4ORgmM9ZKffCyR10%2B3ffxNKD8x0fPUY%2B8%2FvyrxqAzdeKXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 868605f0adbfb3dd-MIA
alt-svc: h3=":443"; ma=86400
expires: Thu, 21 Mar 2024 19:03:19 GMT

GET
H2 200 fastclick.js Show response
h5.fundrew.com/fectgame/js/ 11 KB
3 KB 80ms
79ms Script
application/javascript 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/js/fastclick.js
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
cf-polished: origSize=11663
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 30 Apr 2021 02:12:48 GMT
server: cloudflare
etag: W/"608b67a0-2d8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oFQr8aQgs%2BkiSbG4XFgNSClF25wEbbLmaKyx3Qf9pwgUPCeB%2FL0hRYtYR5BxBseTg8g%2Fo3yOWvX4PmCbJuHq2cIicO4PRRF4ZtBhIsXOpC5Kyi63cpf5Hh6nw5JhS2XYHJ0UzPCG3eNW1H2g1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 868605f0adc0b3dd-MIA
expires: Thu, 21 Mar 2024 19:03:19 GMT

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 7 KB
4 KB 133ms
34ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

2418a65502e833e1faa0c8d09609d9d334842e6e41073ecff88cd5902038720e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 11:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 2964
etag: W/"81b59edb901903bf68b50b79d25d06a2"
last-modified: Wed, 06 Mar 2024 12:20:10 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3398

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 297ms
134ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5589532f23ba2dfc3b0336a2fbf5f09fc5a56f78225d94600361b1a775220568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28964
x-xss-protection: 0
server: cafe
etag: 798 / 19804 / 31082135 / config-hash: 166869955028549038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 12:00:46 GMT

GET
H2 200 logo.png
h5.fundrew.com/fectgame/img/ 10 KB
11 KB 46ms
45ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/fectgame/img/logo.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340b15d2751ba80336509e1aa8e18b5bb294250a7ba27289144c595eaaea57da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
alt-svc: h3=":443"; ma=86400
content-length: 10546
last-modified: Thu, 22 Feb 2024 02:59:41 GMT
server: cloudflare
etag: "65d6b89d-2932"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VFTAj4TX1K2KFI3mONuS8cknW5On09Djifwd5UmjJtwGYsftik1bgLW3GzbihG%2BFOH4c8FPDGCOcvJbQufnOCOL3H0nRvh8%2Bioprl%2FFFn0nkH5bbGap9H%2FU8iw9eLMqRuoWeRGB3NsL7JVSfEg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f0adc1b3dd-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:27:06 GMT

GET
H2 200 lazy.png
h5.fundrew.com/fectgame/img/ 6 KB
7 KB 83ms
82ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/fectgame/img/lazy.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989c1d86aa0f87869fe79fa381952460bedffe8516ee776c48f5f80dbea8fb0c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
alt-svc: h3=":443"; ma=86400
content-length: 6461
last-modified: Thu, 22 Feb 2024 02:59:39 GMT
server: cloudflare
etag: "65d6b89b-193d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L3QeqZPInNo4ZsMB9T3%2FRDbdP74q72MOO%2Bh8WxGxXt%2F%2F0Q8dYuhqP3tpA09sZiD2aMuIUINg6nEIPNHN6D1wdV9BhJ17AlXG4Ltd%2B1YsKkmuHrO2Q4mueDxHdSdYuodR0FOusE2cJdhNZVzjZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f0ddedb3dd-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:11:22 GMT

GET
H2 200 main.js Show response
h5.fundrew.com/fectgame/js/ 2 KB
904 B 60ms
55ms Script
application/javascript 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/js/main.js
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6392ef99fb73e7afc441712e4eac0d2fccd97958f62ece39870708ee509c257

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86254
cf-polished: origSize=2432
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 30 Jan 2024 07:34:43 GMT
server: cloudflare
etag: W/"65b8a693-980"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N0P8Qoa37ElAEqi9mWLXr5xE0ErK7%2BUQghgdRLqEfe%2Bs5hCLWFTtlaukEOiJ2g7TRvF7vWOqKXeDryLMR6bbEU8vtUn3Q%2Fj0nEVuwf%2BdbcZK8F0oE4BNUHJukDGcz%2BbQHtRrl7tEJctqcwEk%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 868605f0fe15b3dd-MIA
expires: Thu, 21 Mar 2024 20:02:10 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
80 KB 224ms
91ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbde9f9c6f38cd094cbb487d53b0ff531a7c647d9d905982c221416ba9012534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 81546
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 12:00:46 GMT

GET
H3 200 laydate.css
h5.fundrew.com/layui/css/modules/laydate/default/ 7 KB
2 KB 44ms
43ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/layui/css/modules/laydate/default/laydate.css?v=5.0.9
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/layui/layui.all.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0639b600697b8398c14d64366932833404ea94c420349ea469605e7614aed98c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86253
cf-polished: origSize=7512
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Nov 2020 16:02:34 GMT
server: cloudflare
etag: W/"5fbfd19a-1d58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Za9Dh1918FQEeyye%2BqQ%2FEpdyuAgWuWWMs3LQeMBjo160BsxvPdQHpnFomEjm%2FTs4gwzG5%2B7TtjmOg3PEdGBxFMzXrlUi3GzHq3jlVEm4OGGgEAqT3DVoJ%2BZ4nmCiZRaKk9v4gbssLbqmSBcVlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f16b27daad-MIA
expires: Thu, 21 Mar 2024 19:05:25 GMT

GET
H3 200 layer.css
h5.fundrew.com/layui/css/modules/layer/default/ 14 KB
3 KB 43ms
43ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/layui/css/modules/layer/default/layer.css?v=3.1.1
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/layui/layui.all.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a4388efca6e5be9e54fcaadf59a389b4c26233bb7a0f53ab67b8da4c1b2d06

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86253
cf-polished: origSize=14400
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Nov 2020 16:02:34 GMT
server: cloudflare
etag: W/"5fbfd19a-3840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6LzkYpFL2Orh4uT7xz4Tu3Hdhh0WioGPh0Th4fb6iXcA9p%2Bk%2FQJQKeH4Rtoefgx2WfGnWkR9DV3qdN3Ys9OOpOnuOWEQuZlDY16xHt8SVl4iyZADlgdqa%2BHSSg4NmKbKHYGu3OeiVG8%2BoGVBzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f17b36daad-MIA
expires: Thu, 21 Mar 2024 23:44:50 GMT

GET
H3 200 code.css
h5.fundrew.com/layui/css/modules/ 1005 B
889 B 49ms
48ms Stylesheet
text/css 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/layui/css/modules/code.css
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/layui/layui.all.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feec796cc073154b3e63523ec6a9808c8c5e54b7ca9d51ac8d33a9665d676a84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19809
cf-polished: origSize=1038
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Nov 2020 16:02:34 GMT
server: cloudflare
etag: W/"5fbfd19a-40e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=35ElnA%2Bc9ecF3MwWFxWeaPEHDMHNjpcRUNzTh2iR5EYJiJJpSaPF29Orjoup4xx1On%2Fl6zanlatZ0YZlcFKdtK9LtQfUXhfddL%2FebvKr6fHn%2BRp%2FQ1rL75Ltn3JyJaoJkrk1ybuEW%2BQyoNoBFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 868605f18b42daad-MIA
expires: Thu, 21 Mar 2024 19:05:26 GMT

GET
H3 200 back.png
h5.fundrew.com/fectgame/img/ 804 KB
805 KB 47ms
47ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/fectgame/img/back.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/fectgame/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e7296cd5aa0af5f10a2849d2cd119033a36f335af28fb9f30cbb966cd00db4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/fectgame/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86253
alt-svc: h3=":443"; ma=86400
content-length: 823030
last-modified: Thu, 22 Feb 2024 02:59:35 GMT
server: cloudflare
etag: "65d6b897-c8ef6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oL69wo1kv1QcwGxfxVsIZJXC%2FaUi0UqtkC3Wlmp3%2B91JWiAvdJXl3SO1Z29Xu0eJeJD4dxOvlinahB8i9yxPATzGchpHAl%2FCrZ27SIqP4gyj6hGfSCkWOIiim2A1EtrGa8xtmv6Z7OLZJPDMZg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ab73daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:05:26 GMT

GET
H3 200 New.png
h5.fundrew.com/fectgame/img/ 4 KB
5 KB 247ms
244ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/fectgame/img/New.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/fectgame/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7ca2cd96ce5e47c205d527e2fdee9114f891e68f31c92a6bc61325c9e429350

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/fectgame/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 4112
last-modified: Thu, 22 Feb 2024 02:59:43 GMT
server: cloudflare
etag: "65d6b89f-1010"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Bl2sFeLARRHDuWkBjpm1Oo86aUOyuDCH8lG7xlIy0WTB9Dm68fTpsJP%2BKMs%2BcHUpq3n%2FSLY9mzwEv7%2Bj%2FcVyrTEFAVD0kNvCWrYJG6NhctNqCvvfklI8iAUJ43jAWSdGnQ87yI0FS8v1LTO%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ab7cdaad-MIA
access-control-allow-headers: X-Requested-With
expires: Sun, 21 Apr 2024 05:47:03 GMT

GET
H3 200 iconfont.woff2
h5.fundrew.com/fectgame/font/ 2 KB
2 KB 249ms
247ms Font
font/woff2 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/font/iconfont.woff2?t=1698976902387
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/fectgame/font/iconfont.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4abe13d8480548fb7f889d4a324a81ece8eef53b5bfe127c786ef52d01a0077d

Request headers

Referer: https://h5.fundrew.com/fectgame/font/iconfont.css
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
last-modified: Fri, 03 Nov 2023 02:01:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86251
etag: "65445486-734"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oQ6PlqNd0ITesD7H%2FLoi6otP84XNrSvtO%2F0bRP%2F0tzaaIU5kZziGrhBRXCg2%2BJQX4IJElJI8uXJ%2FEJtEDsJA4iOEbJTvTbFb%2FiLvnglMGErQXEZhfCnvq7ZPVXbVahjbNVhG3HlYyvnJZXkTGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 868605f1ab7ddaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1844

GET
H3 200 Montserrat-Regular.ttf
h5.fundrew.com/fectgame/css/ 28 KB
29 KB 249ms
248ms Font
application/octet-stream 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/css/Montserrat-Regular.ttf
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/fectgame/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32f9bdc73ecf308a19c0e918b407e12da12b6cd9a667decdc2ddcb74f457839a

Request headers

Referer: https://h5.fundrew.com/fectgame/css/main.css
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Feb 2024 02:59:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 86253
etag: "65d6b8a4-7158"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mVsKnA8ll4pyql6o9VqYvTNG77BqlxniWQcgR7muUed7j2JPrndk9DgdUFpSeWKrjMk6EV8ouitcasmnMW16p%2F2sW2B5WYkjVMdPdtNJTL9Wmsw7PY6gSk4tcPb2shKIqmfQhSmZfNeAbl0n3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 868605f1ab7fdaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 29016

GET
H3 200 Montserrat-Light.otf
h5.fundrew.com/fectgame/css/ 44 KB
44 KB 234ms
233ms Font
application/octet-stream 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://h5.fundrew.com/fectgame/css/Montserrat-Light.otf
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/fectgame/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6754a6bbc036bf4569a429a3659f10c61fa471e55bcd7d5379a1e2d39ab7e267

Request headers

Referer: https://h5.fundrew.com/fectgame/css/main.css
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Feb 2024 02:59:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22190
etag: "65d6b8a3-aef8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iPf3rw4qEVPYg79VDdrocIanGmZc4%2FJrA71HZ0bor4uEqSafkUjlcGuH2VxktzD%2BEMxlDKTnyJ%2Fp0UNz1BHr%2Fbg%2B1MhXmTLUECXf1sU1PA5oObt8pufFxdawDfmHrKItGoUP8Egx5gR387GiHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 868605f1cb8fdaad-MIA
alt-svc: h3=":443"; ma=86400
content-length: 44792

GET
H3 200 space-attack_1280x550.png
h5.fundrew.com/uploads/games/20230307/ 258 KB
259 KB 219ms
214ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20230307/space-attack_1280x550.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e300c913e4b04470ea92292771656b0b78173119bb264a0bdcf3cee7e639964

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86252
alt-svc: h3=":443"; ma=86400
content-length: 264511
last-modified: Tue, 07 Mar 2023 07:13:38 GMT
server: cloudflare
etag: "6406e422-4093f"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JqXIxEDnXTdI%2BEEZodzN1r83cc5dqsYsf%2FsJEV3ptqC%2BCNt9TjnJrn7J%2BNAYFenMkthXqa9x8hDM0VFJ8VYJMDKYi9cyw5M4GHuguiDU7s3Cf4YuZPQCdKP9Q9q9ZuWnRgaiDFWQHl8w2vQCWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebb2daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:07:55 GMT

GET
H3 200 eae3d076a688845bb9a39da7b656053f.jpeg
h5.fundrew.com/uploads/games/20240308/ 122 KB
122 KB 256ms
251ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20240308/eae3d076a688845bb9a39da7b656053f.jpeg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19b704af57495d92f5e37c0050509f40f88d11dcb74acdda6d17c14e711a7e36

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86252
alt-svc: h3=":443"; ma=86400
content-length: 124496
last-modified: Fri, 08 Mar 2024 03:39:58 GMT
server: cloudflare
etag: "65ea888e-1e650"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AQGlCrm5S8NuW%2FhMprtndu0zXNeaYmzN6oXblyT7jBK%2FbsdRzxmCDFSHzQCQ6H4TXxXIMkGUeRaGTI30MJpu2%2BKDgRXG1xjaiV19o1fYc%2BMCmZRv3Xd7zQDDNMeBPOqhrsV377eTsIqYMk1SEA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebb4daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:07:55 GMT

GET
H3 200 overtake_1280x540.jpg
h5.fundrew.com/uploads/games/20230210/ 113 KB
113 KB 222ms
217ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20230210/overtake_1280x540.jpg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2692cc5848c4998b98b0c86d66c6460b60cdd5cca40adfff7e00f082bd6a32df

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 13302
alt-svc: h3=":443"; ma=86400
content-length: 115427
last-modified: Fri, 10 Feb 2023 06:08:59 GMT
server: cloudflare
etag: "63e5df7b-1c2e3"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2jLicIGFNQp6x0UcPrYumXDMp%2Fw84amF7kSBJq0scJlc9kZ0DoD5kc2tggyQDoKWFRj%2F3p%2Fo55cC52goeDiYF5qXRKWNCZW8tX8FHm3ia7SLCy%2FEJWduswi84Kb1TAFSObVkQzWb%2B1A%2B7iskQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebb6daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sun, 21 Apr 2024 07:06:20 GMT

GET
H3 200 Exit_the_Gungeon_1280_720.png
h5.fundrew.com/uploads/games/20231129/ 301 KB
302 KB 230ms
225ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20231129/Exit_the_Gungeon_1280_720.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a74da84d8460d4910115c22a5816f07367a139a8b72e05e7f43222f2b912a0fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86252
alt-svc: h3=":443"; ma=86400
content-length: 308229
last-modified: Wed, 29 Nov 2023 06:58:35 GMT
server: cloudflare
etag: "6566e11b-4b405"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ruU8%2FBz5jSwsUXuad7zh5OxNZSWyREYzf%2FNuu0HpwmIiXMuW1F%2FN6g4BiMkEozdHrs0mDE9zv8VWrj9txGkDvPXIz3Emmh5NK1kjhHBBQLMVgzQ7dLUiVVjrYqwAM3THrilN0fJLUjFQCVYi%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebb9daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 11:12:46 GMT

GET
H3 200 53b131e6580c0434156b4b355fd20e38.png
h5.fundrew.com/uploads/games/20231129/ 21 KB
21 KB 273ms
268ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20231129/53b131e6580c0434156b4b355fd20e38.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46e2e1117717a0a8fbe6b42309b55bb0d9c91f9a49c98cc1a8a437652aa057f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86252
alt-svc: h3=":443"; ma=86400
content-length: 21283
last-modified: Wed, 29 Nov 2023 06:25:27 GMT
server: cloudflare
etag: "6566d957-5323"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BcK%2Fo8zrbX9XnEGYUZS0EMD3DuPDZyFgcFuK34jncQ9Olib7s7oBOq8i1BzlcIMr2tlW%2BHOZq%2FzhIqQFkOG09aHGn%2BlAWGy5Dsiwo3uECYW2mVW3tvIYROWeywGrqXT9H3556wEH1k5e8BHcng%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebbbdaad-MIA
access-control-allow-headers: X-Requested-With
expires: Fri, 19 Apr 2024 22:50:31 GMT

GET
H3 200 Think_It_1280_720.png
h5.fundrew.com/uploads/games/20231129/ 123 KB
124 KB 276ms
272ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20231129/Think_It_1280_720.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d57eb643b073ee064bb358da5c9d5fe8ca865c3db45a4acde19830283a45a4d5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86252
alt-svc: h3=":443"; ma=86400
content-length: 125925
last-modified: Wed, 29 Nov 2023 06:59:05 GMT
server: cloudflare
etag: "6566e139-1ebe5"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6v0MSzx5zwMvgm57qQYqZt%2BWbT1LQI27%2BZM%2BOSz8utazH8SCN%2BNEM%2FcLpTgXQCTZvVigzkehAhcRRrw7CGla9fjGu8fQjPXLV4aNpfX%2BiWAYP5CNHUJBqA6AlRFngcXR6SofwzwKzQviJ6heA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebbddaad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:07:55 GMT

GET
H3 200 d2b04da9422a8cc2881ec3d6c5eb92fb.jpeg
h5.fundrew.com/uploads/games/20230531/ 115 KB
115 KB 281ms
277ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20230531/d2b04da9422a8cc2881ec3d6c5eb92fb.jpeg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df9aab059be6eb9107c7832553db75c35b74ef8c330794b86443801e96311bc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86251
alt-svc: h3=":443"; ma=86400
content-length: 117326
last-modified: Wed, 31 May 2023 09:53:02 GMT
server: cloudflare
etag: "647718fe-1ca4e"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FArVQUWtH4qsqRgkQFxr6HUtfxleMjgmI7iwlKSIVQzHpkZEund8Lx4%2FFUbEbRXrHxMHSUL5upzfFj2MzswKIeNQd%2FyYQAnvOXhr2gx%2B7FlfIUCxEb6Zy9QvUo5G0W5C97%2BDGtEpK6cXKwMPCg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebbfdaad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:07:55 GMT

GET
H3 200 Pop_Challenge_1280_720.png
h5.fundrew.com/uploads/games/20231129/ 154 KB
155 KB 284ms
280ms Image
image/png 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20231129/Pop_Challenge_1280_720.png
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1a762d047bb341a96a44a4dfc1601e2c9e5e71920fef70eff8e10743d66b018

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86251
alt-svc: h3=":443"; ma=86400
content-length: 158166
last-modified: Wed, 29 Nov 2023 06:58:49 GMT
server: cloudflare
etag: "6566e129-269d6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IK6%2FShrLRIcLlygarKjA%2F%2FfONxNFpVwStE4Jituesntjoc5m%2BXZ2gHAHukON4pbaYj0FHUy4G2QTbm4%2FY9kd2f96j0aGLUXSShCbrDfPmrmiA6c9KHc7LX0uAHeV%2F%2FTesFhLIdkZnQxJLZ%2FGdg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebc2daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:07:55 GMT

GET
H3 200 Warriors_io_1280x550.jpg
h5.fundrew.com/uploads/games/20230210/ 242 KB
243 KB 293ms
289ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20230210/Warriors_io_1280x550.jpg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75c27d696a7ad5d38383f117afbee49ebca36766a474e2fa21fb1493124619a9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 86251
alt-svc: h3=":443"; ma=86400
content-length: 248224
last-modified: Fri, 10 Feb 2023 06:09:03 GMT
server: cloudflare
etag: "63e5df7f-3c9a0"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R7IV82GyrnEvVnvfyEdiist2jsMKayugBg7jnG9k6R6PfGdYzFQMO25Z7KBL3AABu4hzE96%2FSbr57couniEb2xYCjaVpJCwE0q5M1cf6wU%2BxbI2mAmYJnbZQfyJo8ordTQGSvkKU5AagJON%2Fuw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebc3daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 07:07:55 GMT

GET
H3 200 787b93a2a407f740141a6ecec653ecc0.jpg
h5.fundrew.com/uploads/games/20231021/ 52 KB
53 KB 314ms
310ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20231021/787b93a2a407f740141a6ecec653ecc0.jpg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ba517165b17ab6bcbc2fa854a71fc0434586a89881c0294a49de21a6947fe2e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11404
alt-svc: h3=":443"; ma=86400
content-length: 53644
last-modified: Sat, 21 Oct 2023 02:05:21 GMT
server: cloudflare
etag: "653331e1-d18c"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuQ%2FKK69%2BZ20zNXYRnJ%2BXYD9egNH6tDtUom48V0OzHtRf7%2FdYobkl7ijtMe1YBQ5m1fw0QeWHPqAhLLdFE%2FzPdpqgrMrHqHIUNVeg0F%2BadJ7UZxNb%2BaBw0vJrHj%2BV090q2f4H38QFSA3SRz3hA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebc5daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 09:21:39 GMT

GET
H3 200 Jewel_Christmas_Story_1280x550.jpg
h5.fundrew.com/uploads/games/20230203/ 251 KB
252 KB 315ms
312ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20230203/Jewel_Christmas_Story_1280x550.jpg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1eb48b8cfab054d5698bf318bcb8b1ccef69ef9bf5de1e1c3e16cdaee3291415

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19806
alt-svc: h3=":443"; ma=86400
content-length: 257326
last-modified: Fri, 03 Feb 2023 03:20:18 GMT
server: cloudflare
etag: "63dc7d72-3ed2e"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FBO7rWgXgFBhhShuoiwVp4Z2COY1zjEBzU%2BsEpDlY2OdlUsfCRUoJck6VRS%2FO2KGbgktE%2FAVAdvX%2BrO01nCTcqN8u20Jc%2F6FGbEczcXoE%2B5cRF2E8QqZJ2bWYIU0TIrf2mOuAyd0b98qvLSQAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebc7daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 15:52:11 GMT

GET
H3 200 2bf79d65e2f8446f54db16da90baac44.jpg
h5.fundrew.com/uploads/games/20231204/ 54 KB
55 KB 335ms
332ms Image
image/jpeg 2606:4700:3032::ac43:c671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h5.fundrew.com/uploads/games/20231204/2bf79d65e2f8446f54db16da90baac44.jpg
Requested by: Host: h5.fundrew.com
URL: https://h5.fundrew.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:c671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46cc34e35e55f0a132bb7603424311b217d7fd3287cebddc4ead5f933a3ca25a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 82643
alt-svc: h3=":443"; ma=86400
content-length: 55531
last-modified: Mon, 04 Dec 2023 08:33:36 GMT
server: cloudflare
etag: "656d8ee0-d8eb"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPA0oNC7khrfM7wu5o7%2FHbO1sb9AfKZdkoAMhOI7EJ5Z7YNkp3eNP1nm0n5RBcmYsyTHGcJu4at44t06aw3J8fZVH5NdXaaWYC%2BB7oBgi7YAJIED2KKVohTbAr2l456GSEvfs30X0mtztbenpg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 868605f1ebc9daad-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 20 Apr 2024 11:30:07 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/ 439 KB
138 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6741e40d6f221184f305d53cdd6de5d97ab2a9b176439a803b53079767c02b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 10:31:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141204
x-xss-protection: 0
server: cafe
etag: 1088271010723479833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 22 Mar 2025 10:31:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 302 KB
100 KB 104ms
98ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22d5666f2094150193f6492e4eca70298c5566263f2f4dbd553d1f5b4c2f149a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 12:00:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 290 KB
97 KB 129ms
127ms Script
application/javascript 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4PVFWLKPH0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b8bb68bdbfdd2b358b407a600ae861240bf8771301e00e4be664e57074a6f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 99334
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 22 Mar 2024 12:00:46 GMT

GET
H3 200 q Show response
p.adlooxtracking.com/ 41 B
70 B 148ms
73ms XHR
application/json 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/q?v=gpt-183fb71&c=705&t=1831&p=363&pn=%2F&s=%2F22149012983%2Fh5-bwg-game%2F300x200-home14701-id02339-bwg%09div-gpt-ad-17108312232056-0&s=%2F22149012983%2Fh5-bwg-game%2F300x100-home34701-id02339-bwg%09div-gpt-ad-17108312242026-0&s=%2F22149012983%2Fh5-bwg-game%2F320x480-outofpage4701-id02339-bwg%09gpt_unit_%2F22149012983%2Fh5-bwg-game%2F320x480-outofpage4701-id02339-bwg_0

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

02caf721a710bd4cb70e1d0757bd328ab7d612e99058428ca7feaa9cc8560a2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-adloox-pubint-version: 20240322063005
date: Fri, 22 Mar 2024 12:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-real-ip: 38.132.118.69
x-adloox-pubint-commit: 87429f7
via: 1.1 google
x-adloox-pubint-commit-db: 87429f730-dirty
server-timing: conn;dur=0.006, ua;dur=0.026, segment_pipeline;dur=0.328, segment_ip;dur=0.004, segment_iab-valid;dur=0.015, segment_iab-spider;dur=0.860, segment_bs;dur=0.004, segment;dur=1.391
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
vary: Accept-Encoding, origin, user-agent
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://h5.fundrew.com
access-control-expose-headers: x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control: private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age: 600
timing-allow-origin: *
access-control-allow-headers: x-cloud-trace-context

GET
H2 200 22847393195 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 259ms
99ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22847393195?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfd84ac00ca8242fa535fe4512474b08ffa732c6ad762626d48430248aa842ef

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z4y6qHMpLvu_Q5sHO7jL_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-z4y6qHMpLvu_Q5sHO7jL_A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTN8f7p1_VsAjdetEYBALLbMbA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
253 B 216ms
76ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je43k0v887060490z8812775298za200&_p=1711108846193&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=1378223586.1711108847&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711108847&sct=1&seg=0&dl=https%3A%2F%2Fh5.fundrew.com%2F&dt=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1055
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
244 B 199ms
65ms Ping
text/plain 2607:f8b0:4004:c0b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C3W7T6H5QW&cid=1378223586.1711108847&gtm=45je43k0v887060490z8812775298za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c0b::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
253 B 130ms
46ms Ping
text/plain 2001:4860:4802:32::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-4PVFWLKPH0&gtm=45je43k0v9178001718z8812775298za200&_p=1711108846193&gcd=13l3l3l3l1&npa=0&dma=0&cid=1378223586.1711108847&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1711108847&sct=1&seg=0&dl=https%3A%2F%2Fh5.fundrew.com%2F&dt=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=page_view&_fv=1&_ss=1&tfd=1117
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4PVFWLKPH0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUVryQDYjKma8gL8QBBbs6vXhjO0Vx6IGgset9AtZgpxqZtXhWEbv7Z81WTqiko9RPvLA_Pzgamh9wtaX-Rmr2a8H1RNAF8jIlwM4eQI3Eo5SmOx1OakPBxx-ijHzGSx3Qn-qUKjQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 93ms
93ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUVryQDYjKma8gL8QBBbs6vXhjO0Vx6IGgset9AtZgpxqZtXhWEbv7Z81WTqiko9RPvLA_Pzgamh9wtaX-Rmr2a8H1RNAF8jIlwM4eQI3Eo5SmOx1OakPBxx-ijHzGSx3Qn-qUKjQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMTA4ODQ3LDM2ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9oNS5mdW5kcmV3LmNvbS8iLG51bGwsW1s4LCJfSDNDUUFVbVRlUSJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjE0NDddLG51bGwsMTJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._H3CQAUmTeQ.es5.O/am=wA/d=1/rs=AJlcJMzFc1OemdZzkJDb1C6G0jJhKEK-pA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

020f1c9edf5d31fa5cb8370cb0215350dacda1feee1b666fb3f62984b83cfa11

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2b-gMSSuaaB47x3qRfSqDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:47 GMT
content-security-policy: script-src 'report-sample' 'nonce-2b-gMSSuaaB47x3qRfSqDw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0ZBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTD8f7p1_VsAhsanp9gBADkMzHy"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 64 KB
15 KB 660ms
659ms Fetch
text/plain 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3785767003653612&correlator=1734321141478831&eid=44809527%2C95327887%2C31082135%2C44807747&output=ldjh&gdfp_req=1&vrg=202403210101&ptt=17&impl=fif&gdpr=0&iu_parts=22149012983%2Ch5-bwg-game%2C300x200-home14701-id02339-bwg&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x200&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711108847401&lmt=1711004855&adxs=650&adys=383&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fh5.fundrew.com%2F&vis=1&psz=900x15&msz=300x0&fws=0&ohw=0&ga_vid=1378223586.1711108847&ga_sid=1711108847&ga_hid=68594250&ga_fc=true&dlt=1711108846163&idt=763&prev_scp=adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1&cust_params=adl_ok%3D1&adks=4067087313&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6ecc0d4f6a00c7ffe037d849d9d70e83396c6e4023a00507596ccb5f3b8719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15109
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://h5.fundrew.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 65 KB
15 KB 1042ms
1042ms Fetch
text/plain 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3785767003653612&correlator=1734321141478831&eid=44809527%2C95327887%2C31082135%2C44807747&output=ldjh&gdfp_req=1&vrg=202403210101&ptt=17&impl=fif&gdpr=0&iu_parts=22149012983%2Ch5-bwg-game%2C300x100-home34701-id02339-bwg&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711108847422&lmt=1711004855&adxs=650&adys=937&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fh5.fundrew.com%2F&vis=1&psz=900x15&msz=300x0&fws=0&ohw=0&ga_vid=1378223586.1711108847&ga_sid=1711108847&ga_hid=68594250&ga_fc=true&dlt=1711108846163&idt=763&prev_scp=adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1&cust_params=adl_ok%3D1&adks=1330549212&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67b8b9fadd7ae8cc732ed9b34e780898e48ded72bb46317d8e291c83380527be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15084
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://h5.fundrew.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 175 KB
50 KB 1480ms
1480ms Fetch
text/plain 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3785767003653612&correlator=1734321141478831&eid=44809527%2C95327887%2C31082135%2C44807747&output=ldjh&gdfp_req=1&vrg=202403210101&ptt=17&impl=fif&gdpr=0&iu_parts=22149012983%2Ch5-bwg-game%2C320x480-outofpage4701-id02339-bwg&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&fas=8&fsapi=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1711108847428&lmt=1711004855&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fh5.fundrew.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1378223586.1711108847&ga_sid=1711108847&ga_hid=68594250&ga_fc=true&dlt=1711108846163&idt=763&prev_scp=adl_dis%3D-1&cust_params=adl_ok%3D1&adks=1064351566&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a8ce2ee17b591ab7430c495ed3890efae139c880acaa26648065fa37e5aa9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51222
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tfav_adl_705.js Show response
j.adlooxtracking.com/ads/js/ 76 KB
26 KB 144ms
50ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_705.js
Requested by: Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a0c07800eddae4eb2c202d7fa83df1eb44cb499bcb86052c14eedcc4b49610

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:47 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2493
x-guploader-uploadid: ABPtcPocL2HrAuV6VUV3wBeFz7bYG90rXao9ESrRkaMj-ySr49oX-8-RNDjBCOhF8dwOJOW0iuY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 12 Mar 2024 09:19:35 GMT
server: cloudflare
etag: W/"0db7946c8b78047ab061860ce6ed8941"
vary: Accept-Encoding
x-goog-generation: 1710235175567269
content-type: application/javascript
x-goog-hash: crc32c=HLMTXQ==, md5=DbeUbIt4BHqwYYYM5u2JQQ==
cache-control: public, max-age=14400
x-goog-stored-content-length: 78191
cf-ray: 868605f92d9b7489-MIA
expires: Fri, 22 Mar 2024 12:19:14 GMT

GET
H2 200 container.html Show response
e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E41C 6 KB
3 KB 226ms
77ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 12:00:47 GMT
expires: Sat, 22 Mar 2025 12:00:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/ 47 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl_page_level_ads.js?cb=31082135

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9acbfd4b71d9f164f552385aa422a58008fd60d62758392c5577973455a3352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 10:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5332
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15221
x-xss-protection: 0
server: cafe
etag: 4927162971987520714
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 22 Mar 2025 10:31:55 GMT

GET
H2 200 AGSKWxWMtY653XOSz2gh8UMXs0FejA9D8LIRLRhKfmnIYjt8y5YRztfWS0XpwnOIsEKxiGJnpkpA-UtRnt1bnpH0nKuieDVsLZOm9JGp1SpB-SLbXdZzOzb1nrOV6__4U6R7sIv40zn66w== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 102ms
101ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWMtY653XOSz2gh8UMXs0FejA9D8LIRLRhKfmnIYjt8y5YRztfWS0XpwnOIsEKxiGJnpkpA-UtRnt1bnpH0nKuieDVsLZOm9JGp1SpB-SLbXdZzOzb1nrOV6__4U6R7sIv40zn66w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMTA4ODQ3LDQ3MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vaDUuZnVuZHJldy5jb20vIixudWxsLFtbOCwiX0gzQ1FBVW1UZVEiXSxbOSwiZW4tVVMiXSxbMjAsIltudWxsLG51bGwsWzk1MzIxNDQ3XSxudWxsLDEyXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

65e648d4b135ac251c91fe38419fd27df530230ca8a517231026f1a6f619b3a9

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-o6_Xwyvd935XwCBB478qxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:47 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-o6_Xwyvd935XwCBB478qxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmLw1JBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaery-ZJIBYA4j51k1nVQFi3fXTWUOBOOb5dNYUIHZKn8EaBMQ-9TNYY4C49eY51qlAfHLBedaLQCzEw_H-6df1bAIX_v75wwgANhk34w"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 276ms
142ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8ca9dd4301806720a7d88572c85db4732769b501d91935ec463195d5cae807c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12306
x-xss-protection: 0

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 90ms
89ms Image
text/html 2607:f8b0:4006:81e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?v=3&t=l&pid=1743373731&rv=43k0&u=AAAAAAAIAAAAACA&h=Ag&gtm=45je43k0v887060490za200&ccid=87060490&cid=G-C3W7T6H5QW&l=L189.S71.B56.E680.I345.EC5.TC20.HTC0~gtm.init.S0.V0.E119.TS5ogtgasend.TI15.TE1.TS5ogt1pdatav2.TI17.TE1.TS5ccdgalast.TI18.TE0.TS5ccdautoredact.TI19.TE0.TS5ogteventcreate.TI20.TE0.TS5ogteventcreate.TI21.TE0.TS5ccdconversionmarking.TI22.TE0.TS5ccdemvideo.TI23.TE0.TS5ccdemsitesearch.TI24.TE1.TS5ccdemscroll.TI25.TE0.TS5ccdempageview.TI26.TE1.TS5ccdemoutboundclick.TI27.TE0.TS5ccdemdownload.TI28.TE1.TS5ccdgaregscope.TI29.TE1.TS5ogtgooglesignals.TI30.TE0.TS5ccdgaadslink.TI31.TE0.TS5ogtgagamlink.TI32.TE1.TS5setproductsettings.TI33.TE0.TS5ccdgafirst.TI34.TE0~gtm.js.S0.V0.E93.TS5gct.TI12.TE27~gtm.dom.S0.V0.E14~gtm.load.S0.V0.E0~gtm.init_consent.S1.V1.E56~GA866

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:47 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 95ms
94ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 12:00:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EDC8 13 KB
5 KB 65ms
63ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 127971
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Mar 2024 00:27:57 GMT
expires: Fri, 21 Mar 2025 00:27:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CEE0 829 B
1 KB 222ms
85ms Document
text/html 2607:f8b0:4006:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

985fbc534e329a266395eb3823f186a42b4b775a5e113b4ad57d75be270b6df8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZGHmDGLsm7K6ctS4QXxdgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://h5.fundrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZGHmDGLsm7K6ctS4QXxdgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 12:00:48 GMT
expires: Fri, 22 Mar 2024 12:00:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032403142137000/ Frame 9824 196 KB
56 KB 207ms
66ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309f336674118e52ba3bd8f384593f54dc3e00560dcfaac77453d31e93dae251

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56095
x-xss-protection: 0
server: sffe
etag: "9a85feaa826ae040"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 9824 15 KB
5 KB 369ms
228ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21f40f3ee6b40a7b1eecb21ad4201dc4ded018412c76fae9319c81bf2a639855

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
server: sffe
etag: "ce3a2eecd59e044f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 9824 95 KB
28 KB 339ms
199ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7d9f773251c0fb95e3a25c76ea498105391aecd4d1353694902e9ebe4837e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29019
x-xss-protection: 0
server: sffe
etag: "ba11087cdeb61272"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 9824 5 KB
2 KB 361ms
221ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eed4f9f12c4cb50a14b30513bb6d45eadea8e1728154a51791b48ac040bc5ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "6d68cb3327b2b9ad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 9824 40 KB
13 KB 323ms
183ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7aed4caaef6d992d639acdf33a7236afbffb0f2a428a94f3a921a8fc5003334

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a127149d9d7c5d0c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9824 6 KB
1 KB 222ms
81ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 10:39:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Mar 2024 12:00:48 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9824 2 KB
3 KB 64ms
63ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:48:00 GMT
x-content-type-options: nosniff
server: cafe
age: 54768
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Fri, 22 Mar 2024 20:48:00 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9824 295 B
399 B 67ms
67ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:56:08 GMT
x-content-type-options: nosniff
server: cafe
age: 54280
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 22 Mar 2024 20:56:08 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 78ms
77ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je43k0v887060490za200&_p=1711108846193&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=1378223586.1711108847&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=2&sid=1711108847&sct=1&seg=0&dl=https%3A%2F%2Fh5.fundrew.com%2F&dt=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=ad_impression&_c=1&ep.query_id=CP_Om5jph4UDFYavywEdDJ0C9A&_et=1069&tfd=2130
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7354043734183499914/ Frame 9824 16 KB
16 KB 67ms
67ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7354043734183499914/14763004658117789537?w=400&h=209&tw=1&q=75

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f7d782500d7c133013a1949407e859ec911a834994b56570f8bfec40c43181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Sat, 22 Mar 2025 07:13:32 GMT
date: Fri, 22 Mar 2024 07:13:32 GMT
x-content-type-options: nosniff
age: 17236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16375
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 23:56:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 9824 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bac95ef64e3ab75df5100c5cfe68177aff98b8dbf33ba1d9548df11602889d8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ 88 B
559 B 174ms
78ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=1831&client=woso_ads_network&ts=pg-2166~1_fo-2166~1_vpw-2167~1600_vph-2167~1200_scw-2167~1600_sch-2167~1200_sco-2167~1_sca-2167~0_srx-2167~0_sry-2167~0_ev-2149~sb.2167~rp.2167~rvp.2167~rap.2182~ss&att=0.0.1600~1200&visite_id=10555710738&seq=0&timezone=600&js=tfav_adl_705.js&date_regen=61ebdd2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=div-gpt-ad-17108312232056-0&id2=%2F22149012983%2Fh5-bwg-game%2F300x200-home14701-id02339-bwg&id3=4959684875&id4=2793550054&id7=300x200&id8=3785767003653612&id9=1734321141478831&id11=%24ADLOOX_WEBSITE&p_d=0.035&d3=_na&tc=&fai=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app%21&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fh5.fundrew.com%2F&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_705.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-65b5859596-7k42q
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://h5.fundrew.com
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H3 200 ads Show response
fundingchoicesmessages.google.com/f/AGSKWxWA6KgkR7nbNjWWafvPBa7syyg9WGOdxw3eKgpC4u9Ed6mJoOx4V0_4zitdHyHstxGIOWHZ2b46JZlidW2ebnBW2yuSWCRNWL0zrJWKj-kosU9yV7pP8RS3LNr-20uvr-dJFoVJvp0V9gWKvlCPNYy_6mxRQ... 54 B
110 B 90ms
88ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWA6KgkR7nbNjWWafvPBa7syyg9WGOdxw3eKgpC4u9Ed6mJoOx4V0_4zitdHyHstxGIOWHZ2b46JZlidW2ebnBW2yuSWCRNWL0zrJWKj-kosU9yV7pP8RS3LNr-20uvr-dJFoVJvp0V9gWKvlCPNYy_6mxRQG5H-tYE7r11_gLSoYTVE1vOw15QlSgs/_/adlink_/banneradviva./vplayerad./ads?zone=/ban728x90.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US._H3CQAUmTeQ.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwpSS-MxNe7nMOqXh-V4wnAsbQe_w/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae178da9858becf5daa5909bb8f9f373d2f38845224cd8e03a7ffa301762de52

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tTDaz_NTHEslSsZqWlcCiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tTDaz_NTHEslSsZqWlcCiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtHikmII0JBiUAjbyXTy1m2mi0B83ukO03UgrmV4xtQKxAYaz5ksgPjdl5dMPF9fMkkAsQYQ862bzqoCxLrrp7OGAnHM8-msKUDslD6DNQiIfepnsMYAcevNc6xTgfjkgvOsF4FYiJvjw9Ov69kEXpzYVAwAltw4MA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rum.js Show response
pagead2.googlesyndication.com/pagead/js/ 64 KB
24 KB 190ms
62ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 11:06:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3258
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24450
x-xss-protection: 0
server: cafe
etag: 12071440461849196005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 12:06:30 GMT

POST
H3 204 AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 223ms
87ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DyO8aJqk9Tc3a5c_UCjfVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DyO8aJqk9Tc3a5c_UCjfVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0pBiqGV4xtQKxE7pM1iDgFiIh-PD06_r2QQeLHy_iREAzNkNOw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://h5.fundrew.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js Show response
pagead2.googlesyndication.com/bg/ Frame EDC8 40 KB
16 KB 190ms
66ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ClgGLJT-anMFFp_jPcSPgTpNjWBfoBtPLqdYJvwYrrQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 00:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 127970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15865
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Mar 2025 00:27:58 GMT

POST
H3 204 AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 135ms
90ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GvxCs4WruPZQvPpdCFP0xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-GvxCs4WruPZQvPpdCFP0xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0ZBiqGV4xtQKxE7pM1iDgFiIh-PD06_r2QQuHJ67mREAzGEM_g"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://h5.fundrew.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CEE0 0
0 122ms
122ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403210101&jk=3785767003653612&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9824 15 KB
16 KB 220ms
79ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:58 GMT
x-content-type-options: nosniff
age: 187970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:58 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9824 15 KB
16 KB 204ms
63ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:29 GMT
x-content-type-options: nosniff
age: 187999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:29 GMT

POST
H3 204 AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 102ms
101ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_yUUD-y9oXcim9zW1lXsZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_yUUD-y9oXcim9zW1lXsZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmII0JBiqGV4xtQKxE7pM1iDgFiIh-PD06_r2QRmLLrSzAQAzKMMuQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://h5.fundrew.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 93ms
92ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxW6zSF4TEJKlLNBKn7dbsVXyawrJeJLOmH1Cwk9jG_qZW1OKEpzbtg9Ygc9cJaj4JV5jBwRCt8c74NAKln-NmPXNulVMuy0bfNSTHdhNrPR80xTYcvI9zarLeyNI-5ZZtGTOa6eug==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-d9_aQIXdHU4YvxT77WUGJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-d9_aQIXdHU4YvxT77WUGJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw15BiqGV4xtQKxE7pM1iDgFiIh-PD06_r2QQmXO5qYQIAyzEMkA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://h5.fundrew.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU5Ur8WreoUhZ8OoztiJG9hm8ewykd37_tIQCoB0aLRavkkYViRKU5ekHGTgJLVOlSXDVrluDTbFwlhQfoscsoJQO9H-t10nGUkaIwHpo-LoKlwICxFM3Qg4KkuKcR81GDGZ5MhZg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 102ms
101ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU5Ur8WreoUhZ8OoztiJG9hm8ewykd37_tIQCoB0aLRavkkYViRKU5ekHGTgJLVOlSXDVrluDTbFwlhQfoscsoJQO9H-t10nGUkaIwHpo-LoKlwICxFM3Qg4KkuKcR81GDGZ5MhZg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExMTA4ODQ4LDUwNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9oNS5mdW5kcmV3LmNvbS8iLG51bGwsW1s4LCJfSDNDUUFVbVRlUSJdLFs5LCJlbi1VUyJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjE0NDddLG51bGwsMTJdIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

71eb1c0cb6467d0cd6eb15425cbafa02911fc78837f08f4362940b5e4f721daf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SFzYr2vMcTUXKjDLR7lB4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: script-src 'report-sample' 'nonce-SFzYr2vMcTUXKjDLR7lB4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJp6vL5kkgFgDiPnWTWdVAWLd9dNZQ4E45vl01hQgdkqfwRoExD71M1hjgLj15jnWqUB8csF51otALMTD8eHp1_VsAhtOLetlAgDjvDHB"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
234 B 526ms
186ms Ping
image/gif 2800:3f0:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lu2m11f6&ctx=0&met.9=1.jo~2.pn
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:810::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032403142137000/ Frame 374A 196 KB
55 KB 67ms
63ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

309f336674118e52ba3bd8f384593f54dc3e00560dcfaac77453d31e93dae251

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56095
x-xss-protection: 0
server: sffe
etag: "9a85feaa826ae040"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 374A 15 KB
5 KB 93ms
89ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21f40f3ee6b40a7b1eecb21ad4201dc4ded018412c76fae9319c81bf2a639855

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
server: sffe
etag: "ce3a2eecd59e044f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 374A 95 KB
28 KB 95ms
92ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a7d9f773251c0fb95e3a25c76ea498105391aecd4d1353694902e9ebe4837e9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29019
x-xss-protection: 0
server: sffe
etag: "ba11087cdeb61272"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 374A 5 KB
2 KB 101ms
98ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eed4f9f12c4cb50a14b30513bb6d45eadea8e1728154a51791b48ac040bc5ff

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1906
x-xss-protection: 0
server: sffe
etag: "6d68cb3327b2b9ad"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032403142137000/v0/ Frame 374A 40 KB
13 KB 102ms
100ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032403142137000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7aed4caaef6d992d639acdf33a7236afbffb0f2a428a94f3a921a8fc5003334

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 19 Mar 2024 23:12:18 GMT
age: 218910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12956
x-xss-protection: 0
server: sffe
etag: "a127149d9d7c5d0c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 19 Mar 2025 23:12:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 374A 6 KB
801 B 83ms
81ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 10:36:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 22 Mar 2024 12:00:48 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 374A 295 B
319 B 65ms
64ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 20:56:08 GMT
x-content-type-options: nosniff
server: cafe
age: 54280
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 22 Mar 2024 20:56:08 GMT

GET
H3 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 374A 2 KB
2 KB 65ms
63ms Image
image/png 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 16:25:25 GMT
x-content-type-options: nosniff
server: cafe
age: 70523
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Fri, 22 Mar 2024 16:25:25 GMT

GET
H2 200 tfav_adl_705.js Show response
j.adlooxtracking.com/ads/js/ 76 KB
26 KB 44ms
44ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_705.js
Requested by: Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a0c07800eddae4eb2c202d7fa83df1eb44cb499bcb86052c14eedcc4b49610

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2494
x-guploader-uploadid: ABPtcPocL2HrAuV6VUV3wBeFz7bYG90rXao9ESrRkaMj-ySr49oX-8-RNDjBCOhF8dwOJOW0iuY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 12 Mar 2024 09:19:35 GMT
server: cloudflare
etag: W/"0db7946c8b78047ab061860ce6ed8941"
vary: Accept-Encoding
x-goog-generation: 1710235175567269
content-type: application/javascript
x-goog-hash: crc32c=HLMTXQ==, md5=DbeUbIt4BHqwYYYM5u2JQQ==
cache-control: public, max-age=14400
x-goog-stored-content-length: 78191
cf-ray: 868605ffbdee7489-MIA
expires: Fri, 22 Mar 2024 12:19:14 GMT

GET
H3 200 7610006548669337792
tpc.googlesyndication.com/simgad/8137734129894763174/ Frame 374A 3 KB
3 KB 121ms
120ms Image
image/jpeg 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8137734129894763174/7610006548669337792?w=100&h=100&tw=1&q=75

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26cbc4f890ece06597592cc60f4a151d901f28545fa5c344bc2233ca8076b94b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons: true
date: Fri, 22 Mar 2024 12:00:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3246
x-xss-protection: 0
last-modified: Sun, 24 Dec 2023 22:04:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 22 Mar 2025 12:00:48 GMT

GET
DATA 200
OK truncated
/ Frame 374A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecfcdef5f38f77773bf56fdd8ee73fa23d7c18b9d0fc204af5152b255eb2e4c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 78ms
77ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je43k0v887060490za200&_p=1711108846193&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=1378223586.1711108847&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=3&sid=1711108847&sct=1&seg=0&dl=https%3A%2F%2Fh5.fundrew.com%2F&dt=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=ad_impression&_c=1&ep.query_id=CPSlu5jph4UDFUSBywEdd2UIjQ&_et=472&tfd=2607
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVpE2dFRGAwUYFuxU-3t77RWEgqYjhDv-MW55tZAhYlamGDq8c8Uo8zNJiBC7EA5y8hJKcKpf-iw8OxE-SlzgAinH89YTrrmRI69HLk1xg4SgxMYg9-kf1LwiTwZJvQUm7GwWaDbw== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 86ms
85ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpE2dFRGAwUYFuxU-3t77RWEgqYjhDv-MW55tZAhYlamGDq8c8Uo8zNJiBC7EA5y8hJKcKpf-iw8OxE-SlzgAinH89YTrrmRI69HLk1xg4SgxMYg9-kf1LwiTwZJvQUm7GwWaDbw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q8k9x7jX8LGK1hExMOovQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Q8k9x7jX8LGK1hExMOovQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1JBiqGV4xtQKxE7pM1iDgFiIh-PD06_r2QQuXJ_0kgkAzacNQw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://h5.fundrew.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 374A 15 KB
15 KB 66ms
62ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:29 GMT
x-content-type-options: nosniff
age: 187999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 374A 15 KB
16 KB 76ms
75ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:47:58 GMT
x-content-type-options: nosniff
age: 187970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 07:47:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 374A 15 KB
15 KB 89ms
88ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://h5.fundrew.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:04:28 GMT
x-content-type-options: nosniff
age: 183380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Mar 2025 09:04:28 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9824 0
0 177ms
176ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CX_KL73L9Zb-bHobfrr4PjLqKoA-MxurEdq20jIihEvrMreqTDhABILSj7n5gyYaAgNyjxBCgAeysl74CyAEJ4AIAqAMByAMKqgSCAk_Q_3sLw1MRnuxILdxZAW6HHUWH1PO9gg6lYJ2v-2h1b2FU0pNPtq5FZmnZ03yBQ1Z0m8gYxmIx0O4dzXtwGCmm7XegZrubgr2c3pWKyL1fbHvIJkuLo9Wa_gi5YfmN4XIyCQpqlPFN_eUTcZhH3gO2Z-6GyPMJcWXA0mRSAoXd1Zl-vOpgt4K2fsNJezCDfutSAVwPtkbbNGo6vqeYejYY3qwDe5OeFIjKaz307oeuFp1ZWezxSSa2pMnDMNCdLBTggnZsOzdgb7YRJZ0ugpTT0PdVyhJH7Tqnbts2m2K6xATE2gvi_Z9sm8OJ4aM1ZBXVfg6WSHqNbpN5yVIo0X2EWcAEt4zd4N8E4AQBiAXi6oa7TpIFBAgEGAGSBQQIBRgEoAYugAf80ujBAagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcFEM2HkQHSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpY97yamOmHhQOaCdYBaHR0cHM6Ly9zZWFyY2gueWFob28uY29tL3locy9zZWFyY2g_aHNwYXJ0PXlhaG9vJmhzaW1wPXlocy1nMjdhJmdfYXA9Z2d0MiZwPVBsdW1iaW5nK1NlcnZpY2UrU29mdHdhcmUmdHlwZT1QbHVtYmluZytTZXJ2aWNlK1NvZnR3YXJlJmd0eXBlPS0tbWt3LS1kYy1tdC02OTIyOTUxOTc5NTQtcy1wdGlkLS1wZ3JpZC0xNjMxNDMxNzM2ODctY3BnbmlkLTIxMDYxODA5NTA2LW4tZIAKA8gLAdoMEQoLEPD706zmv5-17AESAgED4g0TCILpmpjph4UDFYavywEdDJ0C9LgT5APYEwzQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjU1MTc4NTk0MDMyNjczORjo3XiyGAkSAqpQGC4iAQDoGAE&sigh=m-J6FOiy0pE&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwB7FLtqhcBa7hKUr9_rUOIVFRep9L1t6cssIJE_Omgkbf94tUikLqbPS-iB8DJz76KaBU_bUa5vTHjHqt_4CuM6zjGstJsCR09rGlCSPcwYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ 88 B
150 B 67ms
66ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=1831&client=woso_ads_network&ts=pg-2777~1_fo-2777~1_vpw-2777~1600_vph-2777~1200_scw-2777~1600_sch-2777~1200_sco-2777~1_sca-2777~0_srx-2777~0_sry-2777~0_ev-2710~sb.2777~rp.2777~rvp.2777~rap.2817~ss&att=0.0.1600~1200&visite_id=63521537454&seq=0&timezone=600&js=tfav_adl_705.js&date_regen=61ebdd2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=div-gpt-ad-17108312242026-0&id2=%2F22149012983%2Fh5-bwg-game%2F300x100-home34701-id02339-bwg&id3=4959684875&id4=2793550054&id7=300x100&id8=3785767003653612&id9=1734321141478831&id11=%24ADLOOX_WEBSITE&p_d=0.107&d3=_na&tc=&fai=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app%21&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fh5.fundrew.com%2F&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_705.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-65b5859596-vstbz
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://h5.fundrew.com
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EDC8 0
10 B 63ms
63ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k-ucIw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 374A 0
0 134ms
133ms Image
text/html 2607:f8b0:4006:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CBd0d8HL9ZfRtxIKuvg_3yqHoCNXz8b52raiS8soKZBABILSj7n5gyYaAgNyjxBCgAfyIvb4DyAEJ4AIAqAMByAMKqgSbAk_QuHMhWi8nBDhd7NQFA6ttSsAJrdPpMN7CwUcFJK-0tN8FNfWztwCxL50APFmoN5vziZksRIfmFtah7Z4M4j0SsqO1X-KL1XQV0sZgtQJSs92JyCGPFQDmKqZZk7bYPyy9a4jmbWxhG6it2TktJ2t2Pg_Z_wXrkwwhNAwhjm_oH8O9gh2dZDkiP88bDuknorIxGpbSf3muDQ14Q8lHllKwvE3ntu2poZOhyxEUeD5NkZCFbRSnotdgQsQRSDexGUqWz9F4gJ3Vu0XYskPiRFYmElVKqKAaibZwW_b3ZYUYtFh5PMHMtdLrL1yKcIfN6jilDwVWm74I0ub9u9b8MdowwHe5B6RKTehJrjne_XR4nvxDT_lnx9zG2NTABJ_hqKWOAeAEAYgFm9X75gKSBQQIBBgBkgUECAUYBKAGLoAH7PbCQagH2baxAqgHr76xAqgH1ckbqAemvhuoB47OG6gHk9gbqAfulrECqAf-nrEC2AcA8gcFEKL80AHSCCQIgGEQARgdMgKKAjoJgECAwICAgKAoSL39wTpYjtiamOmHhQOaCStodHRwczovL3d3dy53YWduZXJsYXcuY29tL21hcml0aW1lLWxhd3llcnMvgAoDyAsB2gwQCgoQ0PDfoN2GyLs3EgIBA-INEwjjg5uY6YeFAxVEgcsBHXdlCI24E-QD2BMNiBQD0BUBmBYBgBcBshceChwIABIUcHViLTY1NTE3ODU5NDAzMjY3MzkY6N14shgJEgKzTxguIgEA6BgB&sigh=KuRHJNu5kHQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwB7FLtqyGoalOGjD8OCJSjLY0-Bwa7D3dfEPUYgFxFId7uRffySKtxbL9sZWH6Jh97BL-fbF2t4OA1zVpYGKyEqyVD98w2Jsds0W3-x2PEYAQ&template_id=484&cbvp=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 container.html Show response
e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 112F 6 KB
3 KB 78ms
73ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403210101/pubads_impl.js?cb=31082135

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://h5.fundrew.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Mar 2024 12:00:47 GMT
expires: Sat, 22 Mar 2025 12:00:47 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tfav_adl_705.js Show response
j.adlooxtracking.com/ads/js/ 76 KB
26 KB 43ms
42ms Script
application/javascript 2606:4700:10::6816:4092
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://j.adlooxtracking.com/ads/js/tfav_adl_705.js
Requested by: Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4092 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4a0c07800eddae4eb2c202d7fa83df1eb44cb499bcb86052c14eedcc4b49610

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:49 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2495
x-guploader-uploadid: ABPtcPocL2HrAuV6VUV3wBeFz7bYG90rXao9ESrRkaMj-ySr49oX-8-RNDjBCOhF8dwOJOW0iuY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Tue, 12 Mar 2024 09:19:35 GMT
server: cloudflare
etag: W/"0db7946c8b78047ab061860ce6ed8941"
vary: Accept-Encoding
x-goog-generation: 1710235175567269
content-type: application/javascript
x-goog-hash: crc32c=HLMTXQ==, md5=DbeUbIt4BHqwYYYM5u2JQQ==
cache-control: public, max-age=14400
x-goog-stored-content-length: 78191
cf-ray: 86860602699d7489-MIA
expires: Fri, 22 Mar 2024 12:19:14 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 77ms
76ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je43k0v887060490za200&_p=1711108846193&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=10000&cid=1378223586.1711108847&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEI&_s=4&sid=1711108847&sct=1&seg=0&dl=https%3A%2F%2Fh5.fundrew.com%2F&dt=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=ad_impression&_c=1&ep.query_id=CLit05jph4UDFZuDywEdOFEIxA&_et=429&tfd=3042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://h5.fundrew.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ic5.php Show response
data00.adlooxtracking.com/ads/ 88 B
94 B 70ms
70ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=1831&client=woso_ads_network&ts=pg-3095~1_fo-3095~1_vpw-3095~1600_vph-3095~1200_scw-3095~1600_sch-3095~1200_sco-3095~1_sca-3095~0_srx-3095~0_sry-3095~0_ev-3094~sb.3095~rp.3095~rvp.3095~rap.3142~ss&att=0.0.1600~1200&visite_id=85480628004&seq=0&timezone=600&js=tfav_adl_705.js&date_regen=61ebdd2&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=gpt_unit_%2F22149012983%2Fh5-bwg-game%2F320x480-outofpage4701-id02339-bwg_0&id2=%2F22149012983%2Fh5-bwg-game%2F320x480-outofpage4701-id02339-bwg&id3=4959684875&id4=2793550054&id7=1600x1200&id8=3785767003653612&id9=1734321141478831&id11=%24ADLOOX_WEBSITE&p_d=0.048&d3=_na&tc=&fai=FectGame%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app%21&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fh5.fundrew.com%2F&activetab=1&cf=1
Requested by: Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_705.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 12:00:49 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-65b5859596-gz7zb
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://h5.fundrew.com
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 4A29 2 KB
822 B 64ms
63ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/ Frame 4A29 23 KB
9 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/abg_lite_fy2021.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9106
x-xss-protection: 0
server: cafe
etag: 8408112003982630589
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 4A29 3 KB
1 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/window_focus_fy2021.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/ Frame 4A29 20 KB
8 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:21:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 17564575596476239644
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:21:27 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4A29 206 KB
62 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 11:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63909
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Mar 2024 12:27:56 GMT

GET
H2 200 ef5ce9b2b01bfb848267c2a4546556c1.js Show response
www.gstatic.com/mysidia/ Frame 4A29 36 KB
15 KB 204ms
65ms Script
text/javascript 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ef5ce9b2b01bfb848267c2a4546556c1.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 07:56:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187438
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15234
x-xss-protection: 0
last-modified: Mon, 18 Mar 2024 23:16:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jun 2024 07:56:51 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 112F 15 KB
6 KB 73ms
72ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
URL: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6452
x-xss-protection: 0
server: cafe
etag: 12428443125520643955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:22:25 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 112F 205 B
651 B 190ms
64ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
URL: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 09:01:03 GMT
x-content-type-options: nosniff
age: 183586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 09:01:03 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 112F 604 B
696 B 209ms
83ms Image
image/png 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
URL: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 05:13:37 GMT
x-content-type-options: nosniff
age: 197232
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 20 Mar 2025 05:13:37 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/ Frame 112F 22 KB
9 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240320/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
URL: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 21 Mar 2024 22:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9112
x-xss-protection: 0
server: cafe
etag: 499061885667062015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Apr 2024 22:22:25 GMT

GET
H3 200 tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6979 51 KB
19 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tg0eXlKSKRHofALw13T9RBtpGLVNeNay91Fh1pIZuhE.js

Requested by

Host: h5.fundrew.com
URL: https://h5.fundrew.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b60d1e5e52922911e87c02f0d774fd441b6918b54d78d6b2f75161d69219ba11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 20 Mar 2024 08:01:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 187154
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19875
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 20 Mar 2025 08:01:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 125ms
124ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403210101&jk=3785767003653612&bg=!4eKl4q3NAAZaswqNerM7ADQBe5WfOGEcxiDOcOvt504wfvva7MtoKmVlmzGtdH2702uQ3cQCd4AYamarPonHw8KoDQiqAgAAAiZSAAAABmgBB34ANY0ikVm4WWE5gfPIhzrIeSc6HW0yft-GDgMhEYbYAcILkvh1-JafuacU-PHFgZ9_zTH1xY5umQJixTOCE77DGuf5IlNo-3WOBpRNLhDDb4_gCdvXF5hfOqBQxCQzHzn50MsceuJugeURci2n_KTOGYn5ilV1hqClKoSuzYMh7ZanOREgnJkTx2790H_wZbDIrUEqmIDGLky1G-GXHDZPBytjUq3ndOA9CZXFOlyjH5n4P2UFZToAF3RG6xlTYaB1gyuVjzXAWqJd8g8nhHb7vb_DZ0MrCAZLjL1L7Gn8S3v09xoVxZLus_Wm10FD6F14nDAW3PiNqZUWLiLux7BY2QVIbu_5Sk9M2e8H6MDUuJWDmOYO0a2X6vldT0Xc2Jyu1jZQByf1k_yTtSBZUQrCjIG3A00YunAM4gqZeb9BSv1zRTecOB-FOt1CsB0lTPcZm2Cy_pCLRAS6JQT7Ch5XVp31ynjdEw5dzffWtcxgvBOqmb9J-vp0SKU7Wld76A-03_7gH0xOKfqHktuH9Hb5mYo3VQMkLpSNV42_AaFVuyTK0pRwPDQ0uwcTbXlda25ssgSb5c7_Ur3imh67TKy8V_GrI6dodyA4qzzU10A-ZlAEpcVZWJmeA16uis9P_2m-7g0exUUOqwk46yxRQk1XeWbek4XqcAOtM3B50E72i9w-y_jedHctUsM4ur-h18GBTyxp3hxwHJB8EoWtaISDlZtqtXMZiUN076OeGX89W0jI4DGL6XTYJfSxQKwxrtEw2KTnAopT3bNc-1PBXTtde3_PNP5Kf1jG5f-G7AGd3yFfkAAtx0zIgcQdzkkcnuNvQC8iyi57J0TB1a5XqdO7KQtEPq4bsO639-fS3T-KwZb1weRlvakNbAkwGA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9824 42 B
64 B 130ms
129ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstxMAKIcRbHW4orakIp8CTKydeTrrZfN4ypQKKXLAf27gAoV_gW05O3sjD0kNQm5IWczOAclZllvHY7G9Yr8CZBZQ4COHmZzOTMZ9nUq5issJVLJ14KXxzuK_HR197vMfo1K25OYybWnN6w78_vK1eXCvz6iiCoJqQ&sai=AMfl-YQkIZUWaBHbVxYtQFvejXJel_JRePPLOybWx_Mq6LjBKY6s77ind0o3ZYdMcpi_ypzzlpI9tGTZzfuTZXPJisegwW3GFzGSnNjn-2HumJgbNBysISiWMWedJ2Np51rX75x21W_ueeotUSDGZD-X0A&sig=Cg0ArKJSzNQl0EAONJ5_EAE&cid=CAQSTwB7FLtqhcBa7hKUr9_rUOIVFRep9L1t6cssIJE_Omgkbf94tUikLqbPS-iB8DJz76KaBU_bUa5vTHjHqt_4CuM6zjGstJsCR09rGlCSPcwYAQ&id=ampim&o=650,383&d=300,200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=631&tls=1631&g=100&h=100&tt=1632&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 374A 42 B
64 B 127ms
127ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQbezj2kUIJymTM8cC6nuaUaMZahNZCjiT-r89N2f6380FgU5JVT1SIT9xqHnMoogf5eV0I6lviJAMdSBAFciWuS6QjfSoT6maaiTs8l2FeozUjfsz1Wwxw9dT1rlLTQysn7NrfWy3Ahiaxg9rGxmnpO2IrGRv2dg&sai=AMfl-YQmZxvyf1xeDx6nTNxnNsTclaum1M2XtCxtfcMZRvV49IYfFEeL62pYX69ziyS_96MVaAH4N9rD7-IqtEL3kJc1HLI0gbSKzoBKDKnNFwj0TJuwtJc7hICFf-eI8rx_jcb5v_Qt9dvOd2SlNxhQHA&sig=Cg0ArKJSzKiXPrhkgm9NEAE&cid=CAQSTwB7FLtqyGoalOGjD8OCJSjLY0-Bwa7D3dfEPUYgFxFId7uRffySKtxbL9sZWH6Jh97BL-fbF2t4OA1zVpYGKyEqyVD98w2Jsds0W3-x2PEYAQ&id=ampim&o=650,1137&d=300,100&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=344&tls=1344&g=62.99999952316284&h=62.99999952316284&tt=1344&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://h5.fundrew.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Mar 2024 12:00:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fundrew.com/	1970-01-21 04:54:28	Name: _ga Value: GA1.1.1378223586.1711108847
.fundrew.com/	1970-01-21 04:54:28	Name: _ga_4PVFWLKPH0 Value: GS1.1.1711108847.1.0.1711108847.0.0.0
.fundrew.com/	1970-01-21 04:04:04	Name: FCNEC Value: %5B%5B%22AKsRol8k2Ge2Q_Uf1qufppth5AmKXxj_B55O7qsNHuO578KG5ORHMz2hCYLjInjKgTjFey-Mp-GCo6-wMpGYqfKNqgzLPZkPdTCHcLYUr4cicYrc85z1iJ9qA2lKKEqVBc2KnsNHdAmd_CC3rzdWAoYIx64Vt_zy9w%3D%3D%22%5D%5D
.fundrew.com/	1970-01-21 04:40:04	Name: __gads Value: ID=121512ee0fa26057:T=1711108847:RT=1711108847:S=ALNI_MaIejxyEkfzVY8Z2xEomeQkAfhqCQ
.fundrew.com/	1970-01-21 04:40:04	Name: __gpi Value: UID=00000dd49d6abbee:T=1711108847:RT=1711108847:S=ALNI_MYD84FXksGc7-Ak-VBf_NSTxmzfuA
.fundrew.com/	1970-01-20 23:37:40	Name: __eoi Value: ID=ae5129b94ec90743:T=1711108847:RT=1711108847:S=AA-AfjaE93eyMNuSgRBZ4_sJke6-
.fundrew.com/	1970-01-21 04:54:28	Name: _ga_C3W7T6H5QW Value: GS1.1.1711108847.1.0.1711108849.58.0.0
.doubleclick.net/	1970-01-21 04:54:28	Name: IDE Value: AHWqTUmJ74W1Gv9hteoxW1C-v1EiCWHFcSfS25Aj9wWUkEoFYkWbgoZ3V4L9IbFGCCM

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://h5.fundrew.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
cdn.ampproject.org
csi.gstatic.com
data00.adlooxtracking.com
e0aede787922bf6b94afe06aebf02577.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
h5.fundrew.com
j.adlooxtracking.com
p.adlooxtracking.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
2001:4860:4802:32::178
2606:4700:10::6816:4092
2606:4700:3032::ac43:c671
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::2002
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:820::2004
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2001
2800:3f0:4001:810::2003
34.107.231.31
35.241.31.249
020f1c9edf5d31fa5cb8370cb0215350dacda1feee1b666fb3f62984b83cfa11
02caf721a710bd4cb70e1d0757bd328ab7d612e99058428ca7feaa9cc8560a2b
04fa4fe54665cacb0d30e028747b0a15046d5152d4295250380bcd5569e7c664
0639b600697b8398c14d64366932833404ea94c420349ea469605e7614aed98c
0a58062c94fe6a7305169fe33dc48f813a4d8d605fa01b4f2ea75826fc18aeb4
0bdfbbda1eafa82439e41e5b54e3af9540132fc82877272099e31ce02fba9be5
14fafb150b976a0b5ac428c91e0825c33ba47b251f2bf349f4e1e5f954d9ad63
180474b852aaad6d003a89a527e927f939cc398ce57a38b5b4b8ad1f83f495d4
19b704af57495d92f5e37c0050509f40f88d11dcb74acdda6d17c14e711a7e36
1a730cb34285c933a5839e656856a4eaac2449e49a997efe53d454b94ace676f
1eb48b8cfab054d5698bf318bcb8b1ccef69ef9bf5de1e1c3e16cdaee3291415
21f40f3ee6b40a7b1eecb21ad4201dc4ded018412c76fae9319c81bf2a639855
22d5666f2094150193f6492e4eca70298c5566263f2f4dbd553d1f5b4c2f149a
2418a65502e833e1faa0c8d09609d9d334842e6e41073ecff88cd5902038720e
2692cc5848c4998b98b0c86d66c6460b60cdd5cca40adfff7e00f082bd6a32df
26cbc4f890ece06597592cc60f4a151d901f28545fa5c344bc2233ca8076b94b
2e7296cd5aa0af5f10a2849d2cd119033a36f335af28fb9f30cbb966cd00db4c
309f336674118e52ba3bd8f384593f54dc3e00560dcfaac77453d31e93dae251
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32f9bdc73ecf308a19c0e918b407e12da12b6cd9a667decdc2ddcb74f457839a
333c29e8bc3e1ab7b66e03bec3f64469da990700b9ace77b36c0f37f2f3b30b5
340b15d2751ba80336509e1aa8e18b5bb294250a7ba27289144c595eaaea57da
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cc34e35e55f0a132bb7603424311b217d7fd3287cebddc4ead5f933a3ca25a
46e2e1117717a0a8fbe6b42309b55bb0d9c91f9a49c98cc1a8a437652aa057f0
4abe13d8480548fb7f889d4a324a81ece8eef53b5bfe127c786ef52d01a0077d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
555f7b86153227e9631eedebb056e70b067349698a97eedc1d386ae352b3063c
5589532f23ba2dfc3b0336a2fbf5f09fc5a56f78225d94600361b1a775220568
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23d8b3f234337a66c42065409ea946a4700a68fb92775125a176ec9520c82f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ecfcdef5f38f77773bf56fdd8ee73fa23d7c18b9d0fc204af5152b255eb2e4c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f7d782500d7c133013a1949407e859ec911a834994b56570f8bfec40c43181
65e648d4b135ac251c91fe38419fd27df530230ca8a517231026f1a6f619b3a9
6741e40d6f221184f305d53cdd6de5d97ab2a9b176439a803b53079767c02b4c
6754a6bbc036bf4569a429a3659f10c61fa471e55bcd7d5379a1e2d39ab7e267
67b8b9fadd7ae8cc732ed9b34e780898e48ded72bb46317d8e291c83380527be
6916ab45c343e75147499b9b51efd84eca073fd209f6a520d485e5b2199bf0cb
6a7d9f773251c0fb95e3a25c76ea498105391aecd4d1353694902e9ebe4837e9
6ba517165b17ab6bcbc2fa854a71fc0434586a89881c0294a49de21a6947fe2e
71eb1c0cb6467d0cd6eb15425cbafa02911fc78837f08f4362940b5e4f721daf
75c27d696a7ad5d38383f117afbee49ebca36766a474e2fa21fb1493124619a9
7a8ce2ee17b591ab7430c495ed3890efae139c880acaa26648065fa37e5aa9bd
7e300c913e4b04470ea92292771656b0b78173119bb264a0bdcf3cee7e639964
7eed4f9f12c4cb50a14b30513bb6d45eadea8e1728154a51791b48ac040bc5ff
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8bac95ef64e3ab75df5100c5cfe68177aff98b8dbf33ba1d9548df11602889d8
985fbc534e329a266395eb3823f186a42b4b775a5e113b4ad57d75be270b6df8
989c1d86aa0f87869fe79fa381952460bedffe8516ee776c48f5f80dbea8fb0c
9b8bb68bdbfdd2b358b407a600ae861240bf8771301e00e4be664e57074a6f5e
a1a762d047bb341a96a44a4dfc1601e2c9e5e71920fef70eff8e10743d66b018
a4a0c07800eddae4eb2c202d7fa83df1eb44cb499bcb86052c14eedcc4b49610
a74da84d8460d4910115c22a5816f07367a139a8b72e05e7f43222f2b912a0fc
a7cc72e26e482f77be53f9df0db51e9a6d1f3b708c6c198ee9e8ddd2bd00347e
a7ec617425e53734b944a1a1bf39f364f26f7c7398632c12c5b2d166e324e09d
ab6ecc0d4f6a00c7ffe037d849d9d70e83396c6e4023a00507596ccb5f3b8719
ae178da9858becf5daa5909bb8f9f373d2f38845224cd8e03a7ffa301762de52
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
b60d1e5e52922911e87c02f0d774fd441b6918b54d78d6b2f75161d69219ba11
bbde9f9c6f38cd094cbb487d53b0ff531a7c647d9d905982c221416ba9012534
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c7aed4caaef6d992d639acdf33a7236afbffb0f2a428a94f3a921a8fc5003334
ca5c6a525813e0a61282b95d60110dc8eae2d46db789d0377b610017a35dcf50
cdb8e30e7c4d660a9e95b53ce676447bf33feb6bd96362056bde5279359ec6c8
d57eb643b073ee064bb358da5c9d5fe8ca865c3db45a4acde19830283a45a4d5
d6392ef99fb73e7afc441712e4eac0d2fccd97958f62ece39870708ee509c257
d8ca9dd4301806720a7d88572c85db4732769b501d91935ec463195d5cae807c
d9acbfd4b71d9f164f552385aa422a58008fd60d62758392c5577973455a3352
df68f57ecda7de300bd2613e1619f481bcec4791f91634ceaa5ab9dc12493205
df9aab059be6eb9107c7832553db75c35b74ef8c330794b86443801e96311bc7
dfd84ac00ca8242fa535fe4512474b08ffa732c6ad762626d48430248aa842ef
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a4388efca6e5be9e54fcaadf59a389b4c26233bb7a0f53ab67b8da4c1b2d06
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7ca2cd96ce5e47c205d527e2fdee9114f891e68f31c92a6bc61325c9e429350
feec796cc073154b3e63523ec6a9808c8c5e54b7ca9d51ac8d33a9665d676a84

h5.fundrew.com Open in urlscan Pro 2606:4700:3032::ac43:c671 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

116 Requests

100 %HTTPS

88 %IPv6

10 Domains

19 Subdomains

18 IPs

2 Countries

4087 kBTransfer

6742 kBSize

8 Cookies

0 Outgoing links

Redirected requests

116 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

h5.fundrew.com Open in urlscan Pro
2606:4700:3032::ac43:c671 Public Scan

Screenshot
Live screenshot

Full Image

116
Requests

100 %
HTTPS

88 %
IPv6

10
Domains

19
Subdomains

18
IPs

2
Countries

4087 kB
Transfer

6742 kB
Size

8
Cookies

116 HTTP transactions
2 data transactions