ouo1.bravonewz.com Open in urlscan Pro
2600:9000:21da:d000:14:534f:c580:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ouo1.bravonewz.com/
Submission: On January 03 via api (January 3rd 2024, 4:36:32 am UTC) from US — Scanned from US

Summary HTTP 139 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 16 domains to perform 139 HTTP transactions. The main IP is 2600:9000:21da:d000:14:534f:c580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is ouo1.bravonewz.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on October 19th 2023. Valid for: a year.

This is the only time ouo1.bravonewz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2600:9000:21d... 2600:9000:21da:d000:14:534f:c580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.105.196.206 172.105.196.206	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
6	2600:9000:23c... 2600:9000:23cb:f200:2:d04b:a280:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2600:9000:24f... 2600:9000:24f0:b400:5:482e:72c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	54.161.189.120 54.161.189.120	14618 (AMAZON-AES) (AMAZON-AES)
10	2606:4700:303... 2606:4700:3036::ac43:c669	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	34.236.146.69 34.236.146.69	14618 (AMAZON-AES) (AMAZON-AES)
2	8.45.52.175 8.45.52.175	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
12	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
9	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
13	16.163.67.213 16.163.67.213	16509 (AMAZON-02) (AMAZON-02)
13	2607:f8b0:400... 2607:f8b0:4006:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
21	2607:f8b0:400... 2607:f8b0:4006:806::2001	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
3 3	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	52.116.53.150 52.116.53.150	36351 (SOFTLAYER) (SOFTLAYER)
2	2607:f8b0:400... 2607:f8b0:4006:816::201b	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
139	23

4 2600:9000:21da:d000:14:534f:c580:93a1 (United States)

ASN16509 (AMAZON-02, US)

ouo1.bravonewz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.105.196.206 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1838-206.members.linode.com

fonts.font.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.font.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:23cb:f200:2:d04b:a280:93a1 (United States)

ASN16509 (AMAZON-02, US)

sdk.enjoy4fun.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:24f0:b400:5:482e:72c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.gamebridge.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.161.189.120 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-161-189-120.compute-1.amazonaws.com

service.gamebridge.games	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3036::ac43:c669 (United States)

ASN13335 (CLOUDFLARENET, US)

insightfulnews.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.236.146.69 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-146-69.compute-1.amazonaws.com

gw.gmoneygame.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 8.45.52.175 (United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

creative.mdspinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:81f::2002 (United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 16.163.67.213 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com

deapi.funsdata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:823::2001 (United States)

ASN15169 (GOOGLE, US)

6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2607:f8b0:4006:806::2001 (United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2004 (United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.116.53.150 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 96.35.7434.ip4.static.sl-reverse.com

8proof.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:816::201b (United States)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com 6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185 pagead2.googlesyndication.com — Cisco Umbrella Rank: 140	168 KB
25	google.com 3 redirects analytics.google.com — Cisco Umbrella Rank: 266 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187 www.google.com — Cisco Umbrella Rank: 6	72 KB
21	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	430 KB
17	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	238 KB
13	funsdata.com deapi.funsdata.com — Cisco Umbrella Rank: 39565	5 KB
10	insightfulnews.xyz insightfulnews.xyz — Cisco Umbrella Rank: 910881	1 MB
6	enjoy4fun.com sdk.enjoy4fun.com — Cisco Umbrella Rank: 101176	96 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115 storage.googleapis.com — Cisco Umbrella Rank: 682	29 KB
4	gamebridge.games api.gamebridge.games — Cisco Umbrella Rank: 103261 service.gamebridge.games — Cisco Umbrella Rank: 370258	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	333 KB
4	bravonewz.com ouo1.bravonewz.com	10 KB
3	gstatic.com fonts.gstatic.com	83 KB
2	mdspinc.com creative.mdspinc.com — Cisco Umbrella Rank: 292231	167 KB
2	gmoneygame.xyz 2 redirects gw.gmoneygame.xyz — Cisco Umbrella Rank: 274674	880 B
2	font.im fonts.font.im — Cisco Umbrella Rank: 342306 fonts.gstatic.font.im	10 KB
1	8proof.com 8proof.com — Cisco Umbrella Rank: 125549	44 B
139	16

	Domain	Requested by
21	cdn.ampproject.org	securepubads.g.doubleclick.net
18	tpc.googlesyndication.com	ouo1.bravonewz.com securepubads.g.doubleclick.net
13	fundingchoicesmessages.google.com	securepubads.g.doubleclick.net ouo1.bravonewz.com
13	deapi.funsdata.com	sdk.enjoy4fun.com
12	securepubads.g.doubleclick.net	sdk.enjoy4fun.com securepubads.g.doubleclick.net ouo1.bravonewz.com 6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
10	insightfulnews.xyz	ouo1.bravonewz.com
9	analytics.google.com	www.googletagmanager.com
6	sdk.enjoy4fun.com	ouo1.bravonewz.com
5	pagead2.googlesyndication.com	ouo1.bravonewz.com
4	www.googletagmanager.com	ouo1.bravonewz.com sdk.enjoy4fun.com www.googletagmanager.com
4	ouo1.bravonewz.com	ouo1.bravonewz.com
3	fonts.gstatic.com	fonts.googleapis.com
3	googleads.g.doubleclick.net	ouo1.bravonewz.com
3	www.google.com	3 redirects
3	api.gamebridge.games	sdk.enjoy4fun.com
2	storage.googleapis.com	srcdoc
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	stats.g.doubleclick.net	www.googletagmanager.com
2	creative.mdspinc.com	ouo1.bravonewz.com
2	gw.gmoneygame.xyz	2 redirects
1	8proof.com	6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
1	service.gamebridge.games	sdk.enjoy4fun.com
1	fonts.gstatic.font.im	fonts.font.im
1	fonts.font.im	ouo1.bravonewz.com
139	25

This site contains no links.

Subject Issuer	Validity	Valid
bravonewz.com Amazon RSA 2048 M02	`2023-10-19` - `2024-11-16`	a year	crt.sh
fonts.font.im Encryption Everywhere DV TLS CA - G1	`2023-04-06` - `2024-04-06`	a year	crt.sh
*.enjoy4fun.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-05-25` - `2024-05-24`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fonts.gstatic.font.im Encryption Everywhere DV TLS CA - G1	`2023-04-06` - `2024-04-06`	a year	crt.sh
gamebridge.games Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.gamebridge.games Amazon RSA 2048 M01	`2023-02-20` - `2024-03-21`	a year	crt.sh
insightfulnews.xyz E1	`2023-12-18` - `2024-03-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.funsdata.com Amazon RSA 2048 M02	`2023-05-15` - `2024-06-12`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.8proof.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-29` - `2024-02-07`	a year	crt.sh
storage.googleapis.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://ouo1.bravonewz.com/
Frame ID: CAA668E018C09B12F23FC1F7E3E99923
Requests: 78 HTTP requests in this frame

Frame: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AC021D4CC3D89309735624488EC682F4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 5549B11E67302E34C4A4325278AFCF38
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 244D75F733DFAC09CF54AE25BB1A3584
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: E69E292D7F3A3E89597ABDB3D0DFDCFF
Requests: 20 HTTP requests in this frame

Frame: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2667C927489A310DB5212D9363F46561
Requests: 3 HTTP requests in this frame

Frame: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Frame ID: DAA92926C25569EB55902B004905A33A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 609877D22559F5364727E739D4AC4FB2
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Maticoo News

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

139
Requests

96 %
HTTPS

75 %
IPv6

16
Domains

25
Subdomains

23
IPs

3
Countries

2755 kB
Transfer

5475 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://gw.gmoneygame.xyz/myworldfix/redirect.php?r=LJ0qWxaiWxaiW42mM29n5jOpNCrAKCBtWxaiWxaiW0IdWxaiWxaiWyatZi1yahtradfoDyGiWxaiWxaiN4ImKB9HN4IgNCDlj40uO49xMRbCLjfiWxaiWxaiLVbzNVavZx9iNCIgORB4KcunKVDqLJuiZCDpMc9iNR0nKJbSkc9yKJ2iLRIxGJbyZ4eqkCWyEJbiEd3CKXeuKCeoLHPH HTTP 302
https://creative.mdspinc.com/cpmmedia/seacherAds/e0bb39dc92fd59fe.jpg

Request Chain 22

https://gw.gmoneygame.xyz/myworldfix/redirect.php?r=LJ0qWxaiWxaiW42mM29n5jOpNCrAKCBtWxaiWxaiW0IdWxaiWxaiWyatZi1yahtradfoDyGiWxaiWxaiN4ImKB9HN4IgNCDlj40uO49xMRbCLjfiWxaiWxaiLVbzNVavZx9iNCIgORB4KcunKVDqLJuiZCDpMc9iNR0nKJbSkc9yKJ2iLRIxGJbyZ41rkygCEXGzDifqDJWrKR1oLHPH HTTP 302
https://creative.mdspinc.com/cpmmedia/seacherAds/a1c8f8446805b1da.jpg

Request Chain 25

https://gw.gmoneygame.xyz/myworldfix/redirect.php?r=LJ0qWxaiWxaiW42mM29n5jOpNCrAKCBtWxaiWxaiW0IdWxaiWxaiWyatZi1yahtradfoDyGiWxaiWxaiN4ImKB9HN4IgNCDlj40uO49xMRbCLjfiWxaiWxaiLVbzNVavZx9iNCIgORB4KcunKVDqLJuiZCDpMc9iNR0nKJbSkc9yKJ2iLRIxGJbyZyeukdGsayA4kyPhDX2iD4GoLHPH HTTP 302
https://creative.mdspinc.com/cpmmedia/seacherAds/59a47396c0b41c7d.jpg

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

139 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ouo1.bravonewz.com/ 4 KB
2 KB 279ms
70ms Document
text/html 2600:9000:21da:d000:14:534f:c580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21da:d000:14:534f:c580:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

1d2960f499c3b2f779dcd8c4ef7b330ce1dc31bef180b92234502a72a9630391

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://.myworldfix.com https://.beesads.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 72289
alt-svc: h3=":443"; ma=86400
cache-control: no-store
content-encoding: gzip
content-security-policy: frame-ancestors https://*.myworldfix.com https://*.beesads.com
content-type: text/html; charset=utf-8
date: Tue, 02 Jan 2024 08:31:31 GMT
server: CloudFront
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 249557823ab8e41dec2ed10311f8ff98.cloudfront.net (CloudFront)
x-amz-cf-id: YSS2G7i5FsrVMJgScn0irxO21BihutJ9o09JL17tNXk0qSFKGw51Rg==
x-amz-cf-pop: EWR53-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-download-options: noopen

GET
H2 200 index-pc.entry.css
ouo1.bravonewz.com/content-site/1.7.4/ 8 KB
3 KB 70ms
69ms Stylesheet
text/css 2600:9000:21da:d000:14:534f:c580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ouo1.bravonewz.com/content-site/1.7.4/index-pc.entry.css
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:d000:14:534f:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f823fbe1603ace5fcb052b35fbac724ab2618c24d37af33c8c3b2b5b2efea20d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:33:29 GMT
content-encoding: gzip
via: 1.1 249557823ab8e41dec2ed10311f8ff98.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: nginx
age: 72172
x-amz-cf-pop: EWR53-C1
etag: W/"6593c8e9-1ffa"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: XvSyBWNcWagEkz71FUAmIr1zfojiWRyjNtXNogEtpPXoZaDwQjIdEA==

GET
H/1.1 200
OK css
fonts.font.im/ 1 KB
1007 B 729ms
194ms Stylesheet
text/css 172.105.196.206
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.font.im/css?family=Poppins:600

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.105.196.206 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1838-206.members.linode.com

Software

nginx/1.19.6 /

Resource Hash

0a954d47acf93ff18209a298857e97cc40ea4c8f81b2122a6ab650a4735e7a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 04:23:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
X-Cache: HIT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-XSS-Protection: 0
Server: nginx/1.19.6
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10368000
Timing-Allow-Origin: *
Expires: Thu, 02 May 2024 04:23:22 GMT

GET
H2 200 ads-tag.js Show response
sdk.enjoy4fun.com/v1/ 142 KB
40 KB 542ms
79ms Script
application/javascript 2600:9000:23cb:f200:2:d04b:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f200:2:d04b:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4e2e13fa5320f75aa0fc32e7785d26d773a7b96c2cc8a12b4f7c6b6b0aa1fee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 11:06:55 GMT
content-encoding: br
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified: Wed, 27 Dec 2023 09:39:58 GMT
server: AmazonS3
age: 581367
x-amz-cf-pop: JFK50-P1
etag: W/"68e2926aa132567936d7895a4a87ab0a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=600
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -xZfrF8EB3HeEW7OqStj2rbm0sNCqwfzxz0y-sccmPU5HtfCYkMKBA==

GET
H2 200 axios.min.js Show response
sdk.enjoy4fun.com/cdn/axios/0.19.2/dist/ 14 KB
5 KB 70ms
69ms Script
application/javascript 2600:9000:23cb:f200:2:d04b:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.enjoy4fun.com/cdn/axios/0.19.2/dist/axios.min.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f200:2:d04b:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 15:20:57 GMT
content-encoding: br
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: AmazonS3
age: 4108525
x-amz-cf-pop: JFK50-P1
etag: W/"e63531350b726384f625ead641f5ad66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: aN3W1R1J0n7ied-jonKBS_tTD79lV0T0gwRmtWl_a-F8SEKeRUS3Ow==

GET
H2 200 react.production.min.js Show response
sdk.enjoy4fun.com/cdn/react/16.14.0/umd/ 12 KB
5 KB 72ms
70ms Script
application/javascript 2600:9000:23cb:f200:2:d04b:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.enjoy4fun.com/cdn/react/16.14.0/umd/react.production.min.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f200:2:d04b:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 13:27:07 GMT
content-encoding: br
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: AmazonS3
age: 4201754
x-amz-cf-pop: JFK50-P1
etag: W/"63d498e143f421cc44dfb64f22fef270"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Kho-4HI_o3QuGrg8HdaG_X8M1y1oVGXXMWVQVPFiO4YSjSoRV1SM7g==

GET
H2 200 react-dom.production.min.js Show response
sdk.enjoy4fun.com/cdn/react-dom/16.14.0/umd/ 116 KB
36 KB 80ms
78ms Script
application/javascript 2600:9000:23cb:f200:2:d04b:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.enjoy4fun.com/cdn/react-dom/16.14.0/umd/react-dom.production.min.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f200:2:d04b:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 15 Nov 2023 13:27:07 GMT
content-encoding: br
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: AmazonS3
age: 4201754
x-amz-cf-pop: JFK50-P1
etag: W/"c5abc87541fe6bb0f43f22af475a8b20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: VEGjr9t6ll7vn9tS415Sm5QX4Mt4snXF5HDC-1jsnAiNHfWdeAWeWQ==

GET
H2 200 react-router-dom.min.js Show response
sdk.enjoy4fun.com/cdn/react-router-dom/5.3.0/umd/ 29 KB
10 KB 100ms
98ms Script
application/javascript 2600:9000:23cb:f200:2:d04b:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.enjoy4fun.com/cdn/react-router-dom/5.3.0/umd/react-router-dom.min.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f200:2:d04b:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 23496a85adfe42009adc1be838b844b5b8b38b11d6858760075d142e9f74cf2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 22:06:00 GMT
content-encoding: br
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: AmazonS3
age: 4257022
x-amz-cf-pop: JFK50-P1
etag: W/"548058a2f342e5292a6b5c26a9851ff8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AmAYo9awxqlrflHurbgOrvZ7dXhLzhELFwdOVu05My4DhKbR3DG_pQ==

GET
H2 200 index.js Show response
sdk.enjoy4fun.com/cdn/classnames/2.3.1/ 1 KB
1 KB 94ms
93ms Script
application/javascript 2600:9000:23cb:f200:2:d04b:a280:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.enjoy4fun.com/cdn/classnames/2.3.1/index.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:23cb:f200:2:d04b:a280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a9c3d842964c24040f0ff01b62d3985df786dda435f3a8821df322d2ef565ba

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 02:53:42 GMT
content-encoding: gzip
via: 1.1 a5bf84280caeb8a606c41eaba71ee8be.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: AmazonS3
age: 4066960
x-amz-cf-pop: JFK50-P1
etag: W/"99cc4708b0be65245e63848458b7dd5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: qxpV-BDhYyavhWGBsc4RXf4VaS47iM-EW2HXcfhEmmlVQ_WX8XJgRg==

GET
H3 200 index-pc.entry.js Show response
ouo1.bravonewz.com/content-site/1.7.4/ 9 KB
3 KB 69ms
68ms Script
application/javascript 2600:9000:21da:d000:14:534f:c580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ouo1.bravonewz.com/content-site/1.7.4/index-pc.entry.js
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21da:d000:14:534f:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 8879e4ae3d15a1b8bb9191909ace68e62ac1a08757d7bb222d97ea189c0506e7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 22:06:05 GMT
content-encoding: gzip
via: 1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: nginx
x-amz-cf-pop: EWR53-C1
age: 23416
etag: W/"6593c8e9-2449"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bdpjbAq-XSMQGB3vYJt3t_bJXcMTmcB7SOXhxvhh7BmrH3zbQj_r1w==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 256 KB
82 KB 213ms
78ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6a5817e6f4677485787dd9ce6cf538c541d34036d93ecaa1f265ee0dbc80bc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83534
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 04:04:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 04:36:21 GMT

GET
H3 200 logo.svg
ouo1.bravonewz.com/content-site/assets/ 4 KB
2 KB 71ms
70ms Image
image/svg+xml 2600:9000:21da:d000:14:534f:c580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ouo1.bravonewz.com/content-site/assets/logo.svg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:9000:21da:d000:14:534f:c580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dc43649982a1568c3d90d61db9e2565e40f22fec031b38bf786975ed576860c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 08:31:40 GMT
content-encoding: br
via: 1.1 6cf3377e93378c7e591abeecafea2e6a.cloudfront.net (CloudFront)
last-modified: Thu, 19 May 2022 08:51:14 GMT
server: nginx
x-amz-cf-pop: EWR53-C1
age: 72281
etag: W/"6593c8ea-fe3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: public, max-age=31556926
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: g5pRdftXJWNuYBQgJnvIue8Qnzli4gYVd7ZosMU8Yg6Hn8snU0OuEw==

GET
H/1.1 200
OK pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.font.im/s/poppins/v20/ 8 KB
9 KB 837ms
196ms Font
font/woff2 172.105.196.206
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.font.im/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Requested by

Host: fonts.font.im
URL: https://fonts.font.im/css?family=Poppins:600

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

172.105.196.206 Tokyo, Japan, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),

Reverse DNS

li1838-206.members.linode.com

Software

nginx/1.19.6 /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.font.im/
Origin: https://ouo1.bravonewz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 04:23:23 GMT
X-Content-Type-Options: nosniff
Age: 15590
Transfer-Encoding: chunked
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
X-Cache: HIT
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-XSS-Protection: 0
Server: nginx/1.19.6
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=10368000
Timing-Allow-Origin: *
Expires: Thu, 02 May 2024 04:23:23 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
67 KB 202ms
95ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5R4D28N

Requested by

Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcc36e58e798f0ccda4333f74a5c30b51fc87ddf9b088861c3448b57eeff438d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jan 2024 04:36:21 GMT

GET
H2 200 session-config Show response
api.gamebridge.games/gamebridge/v1/site/24787388/ 3 KB
3 KB 382ms
79ms Fetch
application/json 2600:9000:24f0:b400:5:482e:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.gamebridge.games/gamebridge/v1/site/24787388/session-config?pn=%2F&uid=
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:b400:5:482e:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 17d5ca47d57ac54c2e09873091e07ea6a1a00c8d6dc40f5c08093443ba1a762b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
via: 1.1 1dd1e483fa41d512929f44790f141972.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS, GET, PUT, DELETE
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-expose-headers: Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid, tid
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Authorization, Cache-Control, uid, tid
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cDruBvYcRXVMd8o9_8AQbO635k2qD_tGnqBr8lzuMxDYaHIUuVcaEw==

GET
H2 200 site-config Show response
api.gamebridge.games/gamebridge/v1/site/24787388/ 6 KB
6 KB 369ms
67ms Fetch
application/json 2600:9000:24f0:b400:5:482e:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.gamebridge.games/gamebridge/v1/site/24787388/site-config
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:b400:5:482e:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8a733043b7a7778d6035fd6c915853aded9d64b50d3bc7ac0a6dc65311250922

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 07:12:29 GMT
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 77033
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type,Cache-Control
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: fEYpCeEP3df6sMb7LUKLAkbJUdyv-lIEPVQs55Lbu_ojiJovw5Lxow==

GET
H2 200 list Show response
service.gamebridge.games/feed/summary/ 7 KB
7 KB 277ms
61ms XHR
application/json 54.161.189.120
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://service.gamebridge.games/feed/summary/list?page_size=10&page_index=1&category=Finance
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/cdn/axios/0.19.2/dist/axios.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.161.189.120 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-161-189-120.compute-1.amazonaws.com
Software: /
Resource Hash: 1a01317e9df37b5e3f3f6f92f08cc3ab4a002d927a2168469b8861346a52a87a

Request headers

Accept: application/json, text/plain, */*
Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://ouo1.bravonewz.com
date: Wed, 03 Jan 2024 04:36:22 GMT
access-control-expose-headers: Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid, tid
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, Cache-Control, uid, tid
access-control-allow-methods: POST, OPTIONS, GET, PUT, DELETE
content-type: application/json; charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
92 KB 77ms
77ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NK0H6S09HF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R4D28N

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd36da12a628e0955ce5de56a354a49be7e3f2f30b47da95e8e2e39bc24244f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 04:36:22 GMT

GET
H2 200 15eba8e3-580a-4f90-89b1-cd212197eecc_1126e908-1024x683.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 160 KB
160 KB 318ms
84ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/15eba8e3-580a-4f90-89b1-cd212197eecc_1126e908-1024x683.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16b848871a8d498147f05804212a8764e75bdd0bc04300082c3e0970fd4c8b03

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5543
alt-svc: h3=":443"; ma=86400
content-length: 163749
last-modified: Wed, 03 Jan 2024 02:41:49 GMT
server: cloudflare
etag: "6594c96d-27fa5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j3%2F4Mu%2BhwueGpfNNIfImiILHpcNM9OpcRo46uQ9qWOVs2w7MRSN6EfHTDW8MAwWeS2A1dqInZR3izuKUaomTgEEyv%2FemrR6vTa%2FThMJnDFmk%2FUnAu2HQ5LDnXU1j06npsZQit7%2F0OQOc2Ugbqi1UhdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a581f1b5c7c-MIA
expires: Fri, 02 Feb 2024 03:03:59 GMT

GET
H2 200 PKG-.00_01_49_26.Still001-1024x576.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 158 KB
158 KB 315ms
81ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/PKG-.00_01_49_26.Still001-1024x576.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a50ae771cefd0957a673b8ccec3db7025acdb609fe0e33a1c8d9aee95feba63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 12771
alt-svc: h3=":443"; ma=86400
content-length: 161537
last-modified: Wed, 03 Jan 2024 00:48:15 GMT
server: cloudflare
etag: "6594aecf-27701"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VddNm6y78Pb08wgFF6tlNxZ9Xcsb%2BLS4r3wxKDHTFwUXjmM16vGVWtRvFKG6KKJVZkC%2BfhMZ2SOvzatKYnbD483h9XpCD1qIGPa0cblnfixIAxzXDFB7vMIL4CuYpQuezs64U0obaeXAhfheEzwddG8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a581f1a5c7c-MIA
expires: Fri, 02 Feb 2024 01:03:31 GMT

GET
H2

200

e0bb39dc92fd59fe.jpg
creative.mdspinc.com/cpmmedia/seacherAds/
Redirect Chain

https://gw.gmoneygame.xyz/myworldfix/redirect.php?r=LJ0qWxaiWxaiW42mM29n5jOpNCrAKCBtWxaiWxaiW0IdWxaiWxaiWyatZi1yahtradfoDyGiWxaiWxaiN4ImKB9HN4IgNCDlj40uO49xMRbCLjfiWxaiWxaiLVbzNVavZx9iNCIgORB4KcunK...
https://creative.mdspinc.com/cpmmedia/seacherAds/e0bb39dc92fd59fe.jpg

106 KB
106 KB

6436ms
5712ms

Image
image/jpeg

8.45.52.175
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creative.mdspinc.com/cpmmedia/seacherAds/e0bb39dc92fd59fe.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Server: 8.45.52.175 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: ef6b777118049d8da11255d6605449642cfa99d1a1ab1bc37b6bced0ba890b44

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 03:57:18 GMT
via: cache16.l2us2[0,0,304-0,H], cache13.l2us2[0,0], cache13.l2us2[1,0], ens-cache8.us19[0,-1,200-0,H], ens-cache3.us19[1,0]
x-oss-request-id: 6594DB1EC7A0593530D741CB
content-md5: 2YqERb2yAcURHwLTLPEPjQ==
age: 2344
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:6:911156711
x-oss-cdn-auth: success
x-swift-savetime: Wed, 03 Jan 2024 03:57:40 GMT
content-length: 108320
x-oss-object-type: Normal
last-modified: Fri, 14 Apr 2023 03:23:24 GMT
server: Tengine
etag: "D98A8445BDB201C5111F02D32CF10F8D"
access-control-max-age: 0
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
content-type: image/jpeg
access-control-allow-origin: *
ali-swift-global-savetime: 1704254239
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 16517998600057316876
eagleid: 082d349717042565834038650e
x-oss-server-time: 22

Redirect headers

Date: Wed, 03 Jan 2024 04:36:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Location: https://creative.mdspinc.com/cpmmedia/seacherAds/e0bb39dc92fd59fe.jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
Content-Length: 0

GET
H2 200 8C93448D589B51AE9CB6E7242CB0BA65_160x90.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 5 KB
5 KB 317ms
84ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/8C93448D589B51AE9CB6E7242CB0BA65_160x90.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dfb98572e3d61d65ed899c5588f45911f08017c2a8cdd32a73493dee98db6e4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16381
alt-svc: h3=":443"; ma=86400
content-length: 4658
last-modified: Tue, 02 Jan 2024 23:39:24 GMT
server: cloudflare
etag: "65949eac-1232"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYmfQKd8QUx0%2F0QP8IIzLBy%2BeD%2Fl2sDYeucD9FtBre8wQzJCsvw9tdu7uBWSnzrhVNEWbPRXoh0qeahDrvcOfTdmOrjwuw7R3mI75bxEdoVKwwQO5H%2FP4TLhUFtW5f7lRop02Gyh3zSMVqQbwmwp2xM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a581f245c7c-MIA
expires: Fri, 02 Feb 2024 00:03:21 GMT

GET
H2 200 HSBC.png
insightfulnews.xyz/wp-content/uploads/2024/01/ 416 KB
417 KB 276ms
44ms Image
image/png 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/HSBC.png
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53888787a870ff0fa634da2fa1b09aa0cf689e3b6c3abb907b21dac62d5d7758

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16381
alt-svc: h3=":443"; ma=86400
content-length: 425961
last-modified: Tue, 02 Jan 2024 23:39:36 GMT
server: cloudflare
etag: "65949eb8-67fe9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H84XKo1CNRnPHSdTaR%2FWRDlC%2Fxso4O5B76NLM64SmTduQSdS2IB%2Foeumsdo59%2BAcnwYp1PPhqAIsXnfqqP97w9dfDbRy3s%2FoNb5bwhRLIudc%2FLk13q2BknJqReMXmteYIrGvVSr%2Bz46q066yliZhiV4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a581f185c7c-MIA
expires: Fri, 02 Feb 2024 00:03:21 GMT

GET
H2

200

a1c8f8446805b1da.jpg
creative.mdspinc.com/cpmmedia/seacherAds/
Redirect Chain

https://gw.gmoneygame.xyz/myworldfix/redirect.php?r=LJ0qWxaiWxaiW42mM29n5jOpNCrAKCBtWxaiWxaiW0IdWxaiWxaiWyatZi1yahtradfoDyGiWxaiWxaiN4ImKB9HN4IgNCDlj40uO49xMRbCLjfiWxaiWxaiLVbzNVavZx9iNCIgORB4KcunK...
https://creative.mdspinc.com/cpmmedia/seacherAds/a1c8f8446805b1da.jpg

60 KB
61 KB

1375ms
651ms

Image
image/jpeg

8.45.52.175
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creative.mdspinc.com/cpmmedia/seacherAds/a1c8f8446805b1da.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Server: 8.45.52.175 , United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: bfb83a3974382a9b50add165ab2972d4387ab46e77e5f9f09d3eb440d655214f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:23:39 GMT
via: cache10.l2us2[0,0,304-0,H], cache16.l2us2[0,0], cache16.l2us2[1,0], ens-cache5.us19[0,0,200-0,H], ens-cache3.us19[1,0]
x-oss-request-id: 6594E14BF1D07138397B3A24
content-md5: 3CP6fRTE9wF+O4g+BgFdTg==
age: 764
x-swift-cachetime: 3600
x-cache: HIT TCP_MEM_HIT dirn:9:1180488500
x-oss-cdn-auth: success
x-swift-savetime: Wed, 03 Jan 2024 04:23:47 GMT
content-length: 61339
x-oss-object-type: Normal
last-modified: Tue, 08 Aug 2023 01:03:04 GMT
server: Tengine
etag: "DC23FA7D14C4F7017E3B883E06015D4E"
access-control-max-age: 0
ali-swift-global-savetime: 1704255819
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, HEAD
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 13617786752156991353
eagleid: 082d349717042565834038648e
x-oss-server-time: 21

Redirect headers

Date: Wed, 03 Jan 2024 04:36:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Location: https://creative.mdspinc.com/cpmmedia/seacherAds/a1c8f8446805b1da.jpg
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token
Content-Length: 0

GET
H2 200 money-1.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 62 KB
63 KB 274ms
43ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/money-1.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8def6bfae59acb3fc37e20a2859823d3df699f2040fac0f4a926edea4834b329

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 16381
alt-svc: h3=":443"; ma=86400
content-length: 63601
last-modified: Tue, 02 Jan 2024 23:39:38 GMT
server: cloudflare
etag: "65949eba-f871"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pr2ivYCZCXpC5OkigwRWeOnn%2FZOkvKO0hpORkOE4jZIqatEdVQgwnWIFixH6WJ%2F%2FURE6QwjsXfsrKQUAJJsPOCqvINYcYNo1iiiEQB6uyLXWNbUOyRebdq40T%2Bzar8na1NvO7wnfzKq5fSBG8el2iDs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a581f135c7c-MIA
expires: Fri, 02 Feb 2024 00:03:21 GMT

GET
H2 200 903ebbdb-26e8-4dc7-a674-c51ca649ad47.jpeg
insightfulnews.xyz/wp-content/uploads/2024/01/ 5 KB
6 KB 313ms
82ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/903ebbdb-26e8-4dc7-a674-c51ca649ad47.jpeg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e895409b184da8fc667712cd5fcd8cb5246fcd060ff690e2b2efc7c39f856fc5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19898
alt-svc: h3=":443"; ma=86400
content-length: 5426
last-modified: Tue, 02 Jan 2024 22:41:46 GMT
server: cloudflare
etag: "6594912a-1532"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WF8GJ2CDrjjrL4Jjl3TbTqi6%2FDp7ZaM85goMwP3NQWnuWaQyxrrXv%2BZ6eyPb%2BhLxjo9OTOpNQryab0iG2ujJ3TCTt3CJqe33bQh2o3SGUAaSfwUhQx23DBqMMsQOO4iwgHAcsJe4ZPuDnBd71elZMkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a581f175c7c-MIA
expires: Thu, 01 Feb 2024 23:04:44 GMT

GET

59a47396c0b41c7d.jpg
creative.mdspinc.com/cpmmedia/seacherAds/
Redirect Chain

https://gw.gmoneygame.xyz/myworldfix/redirect.php?r=LJ0qWxaiWxaiW42mM29n5jOpNCrAKCBtWxaiWxaiW0IdWxaiWxaiWyatZi1yahtradfoDyGiWxaiWxaiN4ImKB9HN4IgNCDlj40uO49xMRbCLjfiWxaiWxaiLVbzNVavZx9iNCIgORB4KcunK...
https://creative.mdspinc.com/cpmmedia/seacherAds/59a47396c0b41c7d.jpg

0
0

GET
H2 200 AlexLiegl.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 11 KB
11 KB 62ms
61ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/AlexLiegl.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f8b3abe0da9efc69064764f0fea569784c000055a3594396e9420931db8d02e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9073
alt-svc: h3=":443"; ma=86400
content-length: 10830
last-modified: Wed, 03 Jan 2024 01:44:07 GMT
server: cloudflare
etag: "6594bbe7-2a4e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbP38tjW9unoNX283Xeq5AI6utgjv1ST1zo0YK6G16rkiiqzzLN7qdZSVnEITceu1xt%2BQZ%2FhmT8nYc6HhM60sUgM24NqXn3eh4NZG0SPzAbYXPYbh3MyW%2BJ%2B9aOBKm8kLbvdMbrkQIrM2jMijkmJPKA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a586f9d5c7c-MIA
expires: Fri, 02 Feb 2024 02:05:09 GMT

GET
H2 200 SJSHYJWCLZDALJ5OKUWIQS46BA-1024x687.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 105 KB
105 KB 63ms
62ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/SJSHYJWCLZDALJ5OKUWIQS46BA-1024x687.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fe87d6467a7b69443e0484b980d6b00c6b7ca5b6f1e632c716c4384b3dd98da

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19898
alt-svc: h3=":443"; ma=86400
content-length: 107192
last-modified: Tue, 02 Jan 2024 22:42:03 GMT
server: cloudflare
etag: "6594913b-1a2b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9XZafKoneDCFfvEtHQFVGicjJW9ICbVmAnE1CW2dUZPyCGzxG9%2FytfT%2F1XlB9kfS95wp0WJNE5TzHwsfDD3KCwsSLC%2FNUIMFLJxlIegL7%2FFD12kuY69yDBRuPf3PjKoWHYKnZFOyMIWz1mNEn6CNaVs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a587fa55c7c-MIA
expires: Thu, 01 Feb 2024 23:04:44 GMT

GET
H2 200 skysports-football-premier-league_6410549.jpg
insightfulnews.xyz/wp-content/uploads/2024/01/ 72 KB
72 KB 62ms
62ms Image
image/jpeg 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/skysports-football-premier-league_6410549.jpg
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d83d3f2a87a94f940a81d0087e49b3a1dedde38d7e136a49e56523584e52edff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23577
alt-svc: h3=":443"; ma=86400
content-length: 73335
last-modified: Tue, 02 Jan 2024 21:42:34 GMT
server: cloudflare
etag: "6594834a-11e77"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5unPN2FbAyjf1K0dWXSaIW8aPqNFaMcDpZeynlF5503zc1ueNqETJsmlk2To1XPSwJzJfBSEcR%2FSY569XCBCZwbOX5YFX8FL7PRC2vjESmOp4W9bvjOFZLVhyej4ZIcIdKCQBE2XVvrBhrUD1zRbNQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a587fa65c7c-MIA
expires: Thu, 01 Feb 2024 22:03:25 GMT

GET
H2 200 Spinnaker-Capital-and-Respira-logos.png
insightfulnews.xyz/wp-content/uploads/2024/01/ 97 KB
98 KB 62ms
61ms Image
image/png 2606:4700:3036::ac43:c669
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insightfulnews.xyz/wp-content/uploads/2024/01/Spinnaker-Capital-and-Respira-logos.png
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c669 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 394861292ac74a494c4f52442eb3a015742d11782df36d69b75b0da252311a28

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 19898
alt-svc: h3=":443"; ma=86400
content-length: 99826
last-modified: Tue, 02 Jan 2024 22:42:06 GMT
server: cloudflare
etag: "6594913e-185f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HwPhsgOvO%2BJBHuwSOGypCpURymGeIW0v8AdoiupAR40ZXCWpkGDk7isqzlpmVYCqdLi1vgHX%2BbzzHRSBLtha6pVvp8S8aICAZTa0W3G5q8Fuv3JFpobQt%2FydSIzMlsgkECufZLT72JHrRyZAKxBudHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 83f88a587fa85c7c-MIA
expires: Thu, 01 Feb 2024 23:04:44 GMT

GET
H2 200 price Show response
api.gamebridge.games/gamebridge/v1/ads/ 3 KB
4 KB 77ms
76ms Fetch
application/json 2600:9000:24f0:b400:5:482e:72c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.gamebridge.games/gamebridge/v1/ads/price
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:b400:5:482e:72c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 31aae2fd87895f7f2a91ed5e5a581a226dacb0ab5981cd428d025ba914fd97f8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
x-cache: Miss from cloudfront
access-control-allow-methods: POST, OPTIONS, GET, PUT, DELETE
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-expose-headers: Authorization, Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Content-Type, uid, tid
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
access-control-allow-headers: Content-Type, Authorization, Cache-Control, uid, tid
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AFkHaesesMG3PfPBNanXokK8YrsXj7qQgHY6sJMQ1Dzyhlzu6VdrKw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 317ms
113ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c579b70839ec2ddfb2c482859d6785c6422551bcd889a80fca9586919ec7155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29005
x-xss-protection: 0
server: cafe
etag: 91 / 19725 / m202312070101 / config-hash: 15281352381595987283
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 Jan 2024 04:36:22 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 278 KB
92 KB 79ms
79ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJ6SSRR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9f68504c9d4a273de5bf817a9a4c8cd3295396e26f30eccb561b085ed0d175f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 Jan 2024 04:36:22 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
256 B 142ms
48ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NK0H6S09HF&gtm=45je3bt0v9106897975z89106873888&_p=1704256581752&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1569
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NK0H6S09HF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
256 B 187ms
66ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NK0H6S09HF&cid=908902529.1704256582&gtm=45je3bt0v9106897975z89106873888&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NK0H6S09HF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 88ms
49ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je3bt0v9133154062z89133144017&_p=1704256581752&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=page_view&_fv=1&_ss=1&ep.site_id=24787388&tfd=1624
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 132ms
67ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-HGM5N36QZC&cid=908902529.1704256582&gtm=45je3bt0v9133154062z89133144017&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/ 432 KB
135 KB 66ms
64ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 22:25:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22234
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138203
x-xss-protection: 0
server: cafe
etag: 14959461090202361603
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 01 Jan 2025 22:25:48 GMT

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
359 B 991ms
476ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 191f428dc5ebe1d269c36f7bcb86649dd55716c7c51739423945b498d6538cab

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 1228ms
714ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.20.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 989ms
480ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 725ms
482ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 722ms
481ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 717ms
478ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: a463986784a303d79375af161a8afb6fb1249053147b75e5689297f5c0a111d7

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.20.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 717ms
479ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 951ms
717ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: a463986784a303d79375af161a8afb6fb1249053147b75e5689297f5c0a111d7

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.20.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

GET
H2 200 22997715202 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 245ms
103ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/22997715202?ers=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9adf902a6cce161e61c46cef4089699e1df704810e73c639b25a583dc42f2e37

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QZMJS4dZYUTywczSpNh2hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-QZMJS4dZYUTywczSpNh2hg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVhVD5hy5hAQgPOe92J04r0FsqCKR6ZohDPA6Z7eOMcLKn3BMRUmcGNJ37hZfmOonZJ6jZ2q6sRuao0K-Y3l7ER8An4b4LJfOszIWAuSbULqeLeNElDPAuynDuS1EKtq26541QFAg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 109ms
109ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVhVD5hy5hAQgPOe92J04r0FsqCKR6ZohDPA6Z7eOMcLKn3BMRUmcGNJ37hZfmOonZJ6jZ2q6sRuao0K-Y3l7ER8An4b4LJfOszIWAuSbULqeLeNElDPAuynDuS1EKtq26541QFAg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MjU2NTgzLDI4ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9vdW8xLmJyYXZvbmV3ei5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a450d0fd89c2e2a975390dd9468f720be6ecc627531dabd079999a760ee2d6d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l4VVdU_PNtROSbQiMJacLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-l4VVdU_PNtROSbQiMJacLg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
14 KB 720ms
719ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4094191817267936&correlator=784610921781754&eid=44809527&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22997715202%2Couo1.bravonewz.com%2Czone_47786_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704256583321&lmt=1704256583&adxs=436&adys=860&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fouo1.bravonewz.com%2F&vis=1&psz=728x90&msz=728x0&fws=0&ohw=0&ga_vid=908902529.1704256582&ga_sid=1704256583&ga_hid=1353697568&ga_fc=true&dlt=1704256581017&idt=1829&prev_scp=adstag_id%3Dtag-code-0%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20240103&adks=85426175&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc396b39bfe77a331ffc0b6563e4b36ef352c445b0611ff87c2f0092fa425381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14559
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
12 KB 426ms
425ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4094191817267936&correlator=784610921781754&eid=44809527&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22997715202%2Couo1.bravonewz.com%2Czone_47784_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704256583338&lmt=1704256583&adxs=247&adys=90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fouo1.bravonewz.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=908902529.1704256582&ga_sid=1704256583&ga_hid=1353697568&ga_fc=true&dlt=1704256581017&idt=1829&prev_scp=adstag_id%3Dtag-code-2%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20240103&adks=4013732499&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

901dcf29dcefbf9397d6b92f31b0370349c545fda6daec7124590249da2f12b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12649
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 108 KB
17 KB 1085ms
1084ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4094191817267936&correlator=784610921781754&eid=44809527&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22997715202%2Couo1.bravonewz.com%2Czone_47787_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704256583347&lmt=1704256583&adxs=107&adys=700&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fouo1.bravonewz.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=908902529.1704256582&ga_sid=1704256583&ga_hid=1353697568&ga_fc=true&dlt=1704256581017&idt=1829&prev_scp=adstag_id%3Dtag-code-3%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20240103&adks=1378747771&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb790e1af04a584cba8a432be8ef465b056ed6a53feb075ebc670b3b8265caf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17499
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
14 KB 1684ms
1683ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4094191817267936&correlator=784610921781754&eid=44809527&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22997715202%2Couo1.bravonewz.com%2Czone_47785_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704256583353&lmt=1704256583&adxs=1193&adys=90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fouo1.bravonewz.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=512&ohw=0&ga_vid=908902529.1704256582&ga_sid=1704256583&ga_hid=1353697568&ga_fc=true&dlt=1704256581017&idt=1829&prev_scp=adstag_id%3Dtag-code-4%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20240103&adks=3690936597&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e5c18561a9f539fe99de4c37951410bc83fee2537d0a203a2b01b0cc9fa36ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14409
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 43 KB
16 KB 1271ms
1270ms Fetch
text/plain 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4094191817267936&correlator=784610921781754&eid=44809527&output=ldjh&gdfp_req=1&vrg=202312070101&ptt=17&impl=fif&gdpr=0&iu_parts=22997715202%2Couo1.bravonewz.com%2Czone_47788_config_1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1704256583356&lmt=1704256583&adxs=1193&adys=700&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fouo1.bravonewz.com%2F&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=908902529.1704256582&ga_sid=1704256583&ga_hid=1353697568&ga_fc=true&dlt=1704256581017&idt=1829&prev_scp=adstag_id%3Dtag-code-5%26adstag_bid%3Dno-bid&cust_params=cid%3Ddefault%26user_day%3Dday_20240103&adks=1684841246&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f4f0f23c2dab3c1f20cb5a8fe7ef05a83a769ef70e22b92be1ffc496281712

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16095
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AC02 6 KB
3 KB 258ms
83ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 04:36:23 GMT
expires: Thu, 02 Jan 2025 04:36:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWSplFjt745H6ahHmS4mJb-0HFN8Vn57s7ZBg5l8yeihQJXv_iGqlxE99zFOrWgbCMcsKyUQVXTuySpXxHNYZC1BL42Q8aYzxdQPyc-RGjyzrjGumIzovBGYFaC5q6Av5NvSgpuzA== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 132ms
132ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWSplFjt745H6ahHmS4mJb-0HFN8Vn57s7ZBg5l8yeihQJXv_iGqlxE99zFOrWgbCMcsKyUQVXTuySpXxHNYZC1BL42Q8aYzxdQPyc-RGjyzrjGumIzovBGYFaC5q6Av5NvSgpuzA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MjU2NTgzLDQwNjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyXSwiaHR0cHM6Ly9vdW8xLmJyYXZvbmV3ei5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6beec1235d8d071a06e755195d7eedd5ff8c43b9683a5eb34ff220eefa598658

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6AESeKA3cxa7Bbi7mmY-cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
content-security-policy: script-src 'report-sample' 'nonce-6AESeKA3cxa7Bbi7mmY-cA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 5549 196 KB
56 KB 198ms
62ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5549 15 KB
5 KB 360ms
225ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5549 95 KB
28 KB 318ms
183ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5549 5 KB
2 KB 314ms
179ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 5549 40 KB
13 KB 347ms
212ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
DATA 200
OK truncated
/ Frame 5549 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53ba2295ed3992d09c4bf3aee72892afde1c3ef6532b5880b371d149fdd78fdb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 16103041946926359269
tpc.googlesyndication.com/simgad/ Frame 5549 49 KB
50 KB 200ms
66ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16103041946926359269?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmy_YqxsyTOiuIpkFymSk7eMQDEAw

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96c58325fbc8271de26e60d6e2d234545af1151b545c72a2120dd5e10a8db31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 19:52:54 GMT
x-content-type-options: nosniff
age: 31409
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50685
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 07:02:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 Jan 2025 19:52:54 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5549 2 KB
3 KB 196ms
63ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:54:03 GMT
x-content-type-options: nosniff
server: cafe
age: 85340
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 03 Jan 2024 04:54:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 5549 295 B
399 B 197ms
64ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:27:46 GMT
x-content-type-options: nosniff
server: cafe
age: 54517
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 03 Jan 2024 13:27:46 GMT

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 240ms
239ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: c326a1c6efdcf30c6d38b6fd18e0b368f9d6d77e4426fc1da231440a32f100cf

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:23 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 47ms
46ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NK0H6S09HF&gtm=45je3bt0v9106897975z89106873888&_p=1704256581752&gcd=11l1l1l1l1&dma=0&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=G-NK0H6S09HF&_et=3&up.site_id=24787388&up.game_name=&tfd=3090
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NK0H6S09HF&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
54 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je3bt0v9133154062&_p=1704256581752&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=ad_impression&_c=1&ep.site_id=24787388&ep.query_id=CLL6i8KywIMDFZenWgUd6OcJ2A&_et=1469&tfd=3094
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 244D 196 KB
55 KB 74ms
72ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 244D 15 KB
5 KB 115ms
113ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 244D 95 KB
28 KB 116ms
115ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 244D 5 KB
2 KB 135ms
134ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 244D 40 KB
13 KB 136ms
135ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 244D 18 KB
2 KB 228ms
87ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 04:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 02:56:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 04:36:24 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 244D 295 B
358 B 63ms
62ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:27:46 GMT
x-content-type-options: nosniff
server: cafe
age: 54518
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 03 Jan 2024 13:27:46 GMT

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 244D 2 KB
3 KB 63ms
62ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 03:43:47 GMT
x-content-type-options: nosniff
server: cafe
age: 3157
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Thu, 04 Jan 2024 03:43:47 GMT

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 239ms
239ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
server: nginx/1.20.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je3bt0v9133154062&_p=1704256581752&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=ad_impression&_c=1&ep.site_id=24787388&ep.query_id=CL-vnsKywIMDFa2KWgUdIlEIvA&_et=286&tfd=3383
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 244D 161 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 244D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dcafc3e39b8e888e31deca058b45d855d4660e3404483619772dcc0ba5803ee

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 5549
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

214ms
77ms

Image
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 04:36:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5549 0
0 101ms
99ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_P12R-SUZfK6GpfP6toP6M-nwA3dwtHFcpOAuruxEWQQASC5u4qfAWDJhoCA3KPEEKABh5-D_wPIAQLgAgCoAwHIAwiqBJwCT9Aq8pz-7MEnDhtHnY73sVht0O47i-4NOW9_uiterfyGx4rAL2hAZDgBDzOtcsYRHvm7eCGfVacCokrIEl3OOFR_MWYV1SEueiy2-vPfkhOefcnrLMDp0Wtw5c9JwXxs6dXtuX9jnZirqCq5mLCzV2ZNhXKZRp7qICdnBdFF-vFC4BoX6eDYcgag8mGSMojTfv-osODl5mHS_IC8hOmU3V0cN2eCse2TUIOm6RB30opNYcgOB_nw9Qkq6gbPU55DeUTnN00DnYWdfV0n24OXO17JSC4ffeVLAnWmYdY-NFvyjd-9-Z4ufI0bY5PrzckMmMmogLM08tnaLvieuR7B5f66ALSDtHNlLUbxOAfBwCLj5AeMoLfCxycpqGvABNj5z6ikBOAEAYgF-dXKhEOSBQQIBBgBkgUECAUYBKAGAoAH4eB8qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ-Ksa0ggfCIBhEAEYHTICigI6BIBAgEBIvf3BOliz4YrCssCDA5oJI2h0dHBzOi8vZ3JhZHNjaG9vbC51d29ybGQuY29tL21jYXQvgAoDyAsBogwYKhYKFOS0sQLutbECtbixAuS0sQLutbEC2gwRCgsQsPOZqueY3fiXARICAQPiDRMIiIuLwrLAgwMVl6daBR3o5wnY2BMC0BUBmBYBgBcBshcfCh0IABIUcHViLTg0NTYzNTIzNDgwOTAzNjYY6IeZAQ&sigh=zY3VjJ_ffSs&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_6NuFxnUemI_p8plxjvQah9ylbiHgTZfOmJZ88Sw_plWXG-8uDZmqFPvbPWh7W4JiDWpxQZxgw4OfCz1pqsggWTvzKt5GI3dnktIYAQ&cbvp=2
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 244D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

216ms
92ms

Image
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 04:36:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 244D 0
0 99ms
98ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CckBCR-SUZf_vLK2V6toPoqKh4Avv9NCRdf7_t6uwEdnZHhABILm7ip8BYMmGgIDco8QQoAHaqNjVA8gBAeACAKgDAcgDCqoEmAJP0DyraJYAhx7lbE76GSpmQViC5NS2Q3p7TlM2DK3FGr5Lz-HPcjLrkrEG2Jr6jySqG-JADaHg5TDhvNqwjqWXB5TRfkoBRZaZONpDxiKWD5DtYgoxAfELwoHpKExabHvWTsI3I76xDSdn76eyQoOHXorN_iodXEStugjVjLFBnCCk7LJwloxZ3R4bqBrksv9ArVJ4htBGceRGbp7tl0EIZw0HuPVoPzuYwR44kFd_t7fqVXo3xr6uedWxqKIqtfUZonBQKb440xBkvwHIbg0K3UuLPGATTSBlmwSX8rrbKflO8alFf4roJjFsbpLrbEldcfoMW0uD_MIxQICFNni6ii8ylS-7-2TqQ5mJakyo2V8V-dtKAccrwASq6t-etwTgBAGIBfmi-stDkgUECAQYAZIFBAgFGASAB47XpyqoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBC8uxPSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WNTsisKywIMDmgmYAmh0dHBzOi8vd3d3LmFtZXJpY2FuZXhwcmVzcy5jb20vZW4tdXMvYnVzaW5lc3MvYmx1ZXByaW50L2J1c2luZXNzLWxpbmUtb2YtY3JlZGl0Lz9yZWZpZD1hbWV4X3AyX3NlbV9uYl9wMi1sb2MtZ2RuLWN1c3RvbWludGVudF9uZXdhZDcxfHtnY2xpZH0mdXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1jcGMmdXRtX3Rlcm09X291bzEuYnJhdm9uZXd6LmNvbSZ1dG1fY29udGVudD02NjM4MjYxODM4MzQmdXRtX2NhbXBhaWduPVAyLUxPQy1HRE4tQ3VzdG9tSW50ZW50JmdjbGlkPXtnY2xpZH2ACgPICwGiDCAqHgoc5LSxAu61sQK1uLECrLqxAuS0sQLutbECu7uxAtoMEQoLEPDM-rmI-LjE7QESAgED4g0TCJici8KywIMDFa2KWgUdIlEIvNgTCogUAdAVAZgWAYAXAbIXHwodCAASFHB1Yi04NDU2MzUyMzQ4MDkwMzY2GOiHmQE&sigh=0UlOo3ufKNE&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_xfbktYfwVun3SjaNvmcQ1dDkvMYjWzCN4JrUApSC9AA-SdFRkf1mpl7Y1Ve_0BeRGvu_FPJjKp5UL2XCXZJb11eZ8Wnkx2RNFxgB&cbvp=2
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 244D 33 KB
33 KB 270ms
134ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo1.bravonewz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 05:00:04 GMT
x-content-type-options: nosniff
age: 603380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 05:00:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 244D 16 KB
16 KB 268ms
133ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500%7CGoogle%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo1.bravonewz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 16:45:20 GMT
x-content-type-options: nosniff
age: 474664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Dec 2024 16:45:20 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame E69E 196 KB
55 KB 68ms
67ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E69E 15 KB
5 KB 137ms
136ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E69E 95 KB
28 KB 180ms
179ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H3 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E69E 72 KB
16 KB 162ms
161ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 27 Dec 2023 12:44:16 GMT
age: 575528
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16661
x-xss-protection: 0
server: sffe
etag: "6d0f8508d14b183a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 26 Dec 2024 12:44:16 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E69E 5 KB
2 KB 143ms
142ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame E69E 40 KB
13 KB 146ms
146ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89560
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
DATA 200
OK truncated
/ Frame E69E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df62332ed4668f36c9e9c03afaf98b9841e1b6a4d9263986c77587710d59f20a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 c1bdfa0e113776c41c3bd24212287a23.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 4 KB
1 KB 65ms
64ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/c1bdfa0e113776c41c3bd24212287a23.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d09663b00aedf80e5dc48dedc9d90aefaa8a793d491b70d8a49073ff30c4f2f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:50 GMT
date: Wed, 27 Dec 2023 18:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554134
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1443
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 e84d185dbd9b171cfd429734c4b1791e.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 8 KB
3 KB 68ms
66ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/e84d185dbd9b171cfd429734c4b1791e.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9e83ba57281c789c8463ae5626237e47441c0fc1512eb0b610a78cd5bd42175

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Sat, 28 Dec 2024 16:34:34 GMT
date: Fri, 29 Dec 2023 16:34:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 388910
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2975
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 db66911953cc4c1c652345135d362368.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 18 KB
5 KB 102ms
100ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/db66911953cc4c1c652345135d362368.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20f747758acb2c2cbe9e9669281f1d68c2925234bf31132fb8d3546516ee3010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 11:12:19 GMT
date: Wed, 27 Dec 2023 11:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 581045
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4715
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 da37c7641ef76e2e6c625583900aae17.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 3 KB
1 KB 74ms
72ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/da37c7641ef76e2e6c625583900aae17.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7406e6704e6b43e6b79717bfd611dd62dedf298f630ec6bcd0bce5c98b973d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:49 GMT
date: Wed, 27 Dec 2023 18:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554135
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1261
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 e84d70aec83ca275bf6966fe24397ce7.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 454 B
335 B 71ms
69ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/e84d70aec83ca275bf6966fe24397ce7.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

541c0e050e0bb4c4fd544e938d67d45ec3ac4a3f57c06cd40c494b4d936d7924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:46 GMT
date: Wed, 27 Dec 2023 18:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554138
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abd727c6ad3e2e7b73599424a2caf91c.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 446 B
320 B 73ms
71ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/abd727c6ad3e2e7b73599424a2caf91c.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b40e47cea115869fe48f1f9c7486889ea717794a44c1d0c4f9ec8eca02f92ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:40 GMT
date: Wed, 27 Dec 2023 18:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554144
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 042331a683f5d694546ee9eef12363f4.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 444 B
318 B 70ms
68ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/042331a683f5d694546ee9eef12363f4.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1dd9cd76f98dca5c2725e5b3607055d5c66026b247bec58347a49ab71f2a483

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:47 GMT
date: Wed, 27 Dec 2023 18:40:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554137
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 c2331d3e7c04df976b4e358ff2d1b6db.png
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 89 KB
89 KB 74ms
73ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/c2331d3e7c04df976b4e358ff2d1b6db.png

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3ed632bfa3d59d2c1d8c821eda81a24ada516a16a0ffab022f3948d6b01ab6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:42 GMT
date: Wed, 27 Dec 2023 18:40:42 GMT
x-content-type-options: nosniff
age: 554142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91060
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 2ac756729a1ead7b6e005a71687e3daf.svg
tpc.googlesyndication.com/sadbundle/11807394186172819242/images/ Frame E69E 273 B
222 B 101ms
99ms Image
image/svg+xml 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/11807394186172819242/images/2ac756729a1ead7b6e005a71687e3daf.svg

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7243851ff5dc64ae5af042ddc3df57a52654de6ba5ebfcb60a4194395343d391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 18:40:42 GMT
date: Wed, 27 Dec 2023 18:40:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554142
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 192
x-xss-protection: 0
last-modified: Wed, 20 Dec 2023 16:16:32 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E69E 2 KB
2 KB 97ms
95ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:54:03 GMT
x-content-type-options: nosniff
server: cafe
age: 85341
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 03 Jan 2024 04:54:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E69E 295 B
319 B 96ms
95ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:27:46 GMT
x-content-type-options: nosniff
server: cafe
age: 54518
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 03 Jan 2024 13:27:46 GMT

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 240ms
239ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je3bt0v9133154062&_p=1704256581752&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=4&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=ad_impression&_c=1&ep.site_id=24787388&ep.query_id=COWor8KywIMDFbOgWgUdLH0C5Q&_et=371&tfd=3755
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 88ms
87ms Image
image/gif 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=0.02434871151482132

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-I6D_qg0agYVPLUXGvbozJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-I6D_qg0agYVPLUXGvbozJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 107ms
105ms Image
image/gif 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=10.23174745285234

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A4O2J2Mr7XMLcCH8WOo21Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-A4O2J2Mr7XMLcCH8WOo21Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2667 6 KB
3 KB 65ms
64ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 Jan 2024 04:36:23 GMT
expires: Thu, 02 Jan 2025 04:36:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 240ms
239ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.24.0 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
server: nginx/1.24.0
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 48ms
48ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je3bt0v9133154062&_p=1704256581752&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=5&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=ad_impression&_c=1&ep.site_id=24787388&ep.query_id=CKSJxsKywIMDFY6gWgUde0QPTw&_et=178&tfd=3934
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 214ms
85ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q_xupSfehqvIkaHIqqZBSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-security-policy: script-src 'report-sample' 'nonce-q_xupSfehqvIkaHIqqZBSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://ouo1.bravonewz.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E69E 0
0 98ms
98ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcS65SOSUZeVks8Hq2g-s-omoDq7WlYh12uKAt7wS2dkeEAEgubuKnwFgyYaAgNyjxBCgAdWyrs0ByAEJ4AIAqAMByAMIqgShAk_QW_TNXRVUrm71OoClmkfH1U0XSic1LXu8YZHQSFKXuwVARd8EnbGtGZRE5LK462yAASzR5KNjUMMmWfcNlbLIBh-DfMAs5quHPxZiWgzaexx4ajg1Is-0fOwUb32nQE4usLMCAQRkYYgrfoUGNXpwyPGDMxvGG7O-32mdfMb7ojLqbqLpIM1WRPf4xOJy9JHvuZWGyI93ANypsClFXpbcCBc_Uk0NLRDSjzKkk256p7r_veg1_oZeg2DuA6xlAx9XJY0ilV54DpAdX2giD14hx3AGFgxA7R65EuPaXOJXcGpDXv0qWPHzdo0hVDxGuET62aZRWa9nnqFhwrw2hJq4U1kVMr1T_dGYXztbhCNqJIuVbJhr2KNPc2XSo_gC-KzABIa7j4HMBOAEAYgFqKuX5U2SBQQIBBgBkgUECAUYBKAGLoAHk83RsgKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAPIHBBDz9SbSCB8IgGEQARgdMgKKAjoEgECAQEi9_cE6WITuisKywIMDmgkXaHR0cHM6Ly93d3cuaW52ZXN0LmdvbGSACgPICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxCA5IqVm-PH1_ABEgIBA-INEwjdnYvCssCDAxWzoFoFHSx9AuXYEwLQFQGAFwGyFx8KHQgAEhRwdWItODQ1NjM1MjM0ODA5MDM2Nhjoh5kB&sigh=TbViSWtOft4&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwAvHhf_OWMoPtdpNn73ORKSOL2MF5hXkPbfRUQPgXYWRvAKLCQyifX_kEqsHtVM4trS3jDAO2EZhe3FPMwUYGYZTD3kr4-JqVGxEpESNcYYAQ&template_id=419&cbvp=2
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2667 0
0 97ms
96ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZHR8SOSUZaTFF47B6toP-4i9-AS-vcfmYdeIqO67DcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTg0NTYzNTIzNDgwOTAzNjbIAQngAgCoAwHIAwKqBIoCT9CgUCiqbf-FWkyJf62J3ISlJhI2MxhuR1aP2jmOQ5C2hNx_kzrwRYW7_sfuAGhq2Ux2kNSNudEPaHt6pDBqH3qNBfJm7IBC7yb224Jy7lTo0YW-Oebxfv9KNu0xH8S10UNhtkMZk8j9iix0JCnfyVsGejCry6k6_cFlrG7VAKF86DSz2n4DHiBxwnM3HJeBlgbt04i9hi1FwizKWFTscLzmHerr5jKYS_x39PAU4RbhUYbbXoq0hUu4J6fKwXjG9CcZVQzF79EY5Eg18zmINHoE1Zf69kv_X4MWrYCXbyvAXqvMrZsgB5g1B1KsfNf3qyT_Qr09hh-ujZm7gTzMIbVAwRs6pgd6187gBAGABoe8gsDU5Ne29AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpYreeKwrLAgwOACgH6CwIIAYAMAeINEwjHjovCssCDAxWOoFoFHXtED0_QFQGAFwGyFx0KGxIUcHViLTg0NTYzNTIzNDgwOTAzNjYY6IeZAQ&sigh=b9kai96dfF4&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_mp_Q2AmLZ-rJKPRsoP9aVzn24oXW9M9DECt9TfeSHlRypGsAQw0Lu65O4StM0THSphcq55kCeNnKCSC79ITrPDj4dLvnpEohUh0YAQ&cbvp=2&vis=1
Requested by: Host: 6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
URL: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 win
8proof.com/app/ Frame 2667 0
44 B 204ms
63ms Image
text/plain 52.116.53.150
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://8proof.com/app/win?id=703003299474&ap=ZZTkSAAF4qQFWqCOAA9Ee59YGybzMu79t7V2Ng&t=b&cbvp=2
Requested by: Host: 6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
URL: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.116.53.150 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS: 96.35.7434.ip4.static.sl-reverse.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:24 GMT
content-length: 0
server: nginx

GET
H2 200 montserrat-v25-latin-800.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame DAA9 13 KB
13 KB 215ms
64ms Font
application/octet-stream 2607:f8b0:4006:816::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-800.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac

Request headers

Referer: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/
Origin: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:05:54 GMT
age: 1830
x-guploader-uploadid: ABPtcPowrpLAQHiDVFDE2BuLcyd94wr4IGpmNIt9WuEZNegP6Ku8rxzIIu9x1niAz0mLg63Qjvj_04iJTg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12896
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "47adf1610f40ec74b72068c5a111d3ad"
x-goog-generation: 1698054811260784
x-goog-hash: crc32c=goDBpA==, md5=R63xYQ9A7HS3IGjFoRHTrQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12896
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 03 Jan 2024 05:05:54 GMT

GET
H2 200 montserrat-v25-latin-600.woff2
storage.googleapis.com/iadx_storage/assets/fonts/ Frame DAA9 12 KB
13 KB 228ms
77ms Font
application/octet-stream 2607:f8b0:4006:816::201b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/iadx_storage/assets/fonts/montserrat-v25-latin-600.woff2
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::201b , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31

Request headers

Referer: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com/
Origin: https://6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:02:08 GMT
age: 2056
x-guploader-uploadid: ABPtcPqiaS5rPWFp1f90yWDitdyf4WIDTUTGyyIMwYrhTvOU3Ql6ho1n_EsVifZiEq7biu6ebcE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12700
last-modified: Mon, 23 Oct 2023 09:53:31 GMT
server: UploadServer
etag: "e571167fbcce8d5081bce96a09930063"
x-goog-generation: 1698054811605570
x-goog-hash: crc32c=I0wmew==, md5=5XEWf7zOjVCBvOlqCZMAYw==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, x-goog-acl
cache-control: public, max-age=3600
x-goog-stored-content-length: 12700
accept-ranges: bytes
content-type: application/octet-stream
expires: Wed, 03 Jan 2024 05:02:08 GMT

GET
H3 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012310301456000/ Frame 6098 196 KB
55 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56081
x-xss-protection: 0
server: sffe
etag: "6a17d296884b026a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H3 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6098 15 KB
5 KB 83ms
80ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5225
x-xss-protection: 0
server: sffe
etag: "0b7142e00666043e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H3 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6098 95 KB
28 KB 84ms
81ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29077
x-xss-protection: 0
server: sffe
etag: "7b1f1965b6cd6fda"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H3 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6098 5 KB
2 KB 89ms
87ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Dec 2023 12:45:59 GMT
age: 489026
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1911
x-xss-protection: 0
server: sffe
etag: "5b0a82507b260c6e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Dec 2024 12:45:59 GMT

GET
H3 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 6098 40 KB
13 KB 90ms
87ms Script
text/javascript 2607:f8b0:4006:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 02 Jan 2024 03:43:44 GMT
age: 89561
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12952
x-xss-protection: 0
server: sffe
etag: "9817e561a46c70fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Jan 2025 03:43:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6098 14 KB
1 KB 81ms
79ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 03 Jan 2024 04:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 04:12:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 03 Jan 2024 04:36:25 GMT

GET
H3 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6098 2 KB
2 KB 65ms
64ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 04:54:03 GMT
x-content-type-options: nosniff
server: cafe
age: 85342
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Wed, 03 Jan 2024 04:54:03 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6098 295 B
319 B 66ms
65ms Image
image/png 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:27:46 GMT
x-content-type-options: nosniff
server: cafe
age: 54519
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Wed, 03 Jan 2024 13:27:46 GMT

POST
H2 200 json Show response
deapi.funsdata.com/v1/wgt/report/ 51 B
358 B 239ms
239ms Fetch
application/json 16.163.67.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://deapi.funsdata.com/v1/wgt/report/json
Requested by: Host: sdk.enjoy4fun.com
URL: https://sdk.enjoy4fun.com/v1/ads-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 16.163.67.213 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-67-213.ap-east-1.compute.amazonaws.com
Software: nginx/1.20.1 /
Resource Hash: 42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
server: nginx/1.20.1
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type: application/json;charset=utf8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-CSRF-Token,Authorization,accept,origin,Cache-Control,X-Requested-With
content-length: 51

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-HGM5N36QZC&gtm=45je3bt0v9133154062&_p=1704256581752&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=6&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&en=ad_impression&_c=1&ep.site_id=24787388&ep.query_id=CL-r0sKywIMDFTWfWgUdo8AG7A&_et=402&tfd=4337
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HGM5N36QZC&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 6098 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b322e74aed0904b4989c7bd7378ab0d668a9355f56f4546e4e044c0fec864012

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6098 33 KB
33 KB 64ms
63ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ouo1.bravonewz.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 05:00:04 GMT
x-content-type-options: nosniff
age: 603381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 05:00:04 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 6098
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

79ms
78ms

Image
text/html

2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H2
Server: 2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Wed, 03 Jan 2024 04:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6098 0
0 99ms
99ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1xQZSOSUZb_nI7W-6toPo4Gb4A73lp36dL-9-4vYEsCNtwEQASC5u4qfAWDJhoCA3KPEEKABt9C26APIAQHgAgCoAwHIAwqqBJkCT9ASXZid5qKFUaUkn56bGb9USD0TxeYLQ3BwA9VxBx2FQIm7mjdXuqNHC_yKy_EVntPXNPdlgxlC_RVOPIxulhDpMhxIy4JZEU7KWzd3iJcbtE1aJisP9MRpxc3ZHh9k71sa3qRWqW0_fLZtgwjtLveXW4ctxhcW2tIWEzRhVdNQNTPgJxONKB2gJ7j76HyOXkJNHM2r4zE53ZSjHAQlAjerRjxJu022OwTCgJOxMiByJdeIWrrA1dyxDp41KfDzR1rjmyGsMBd2zA2uvLZE3kr-nuBJAaw_VaVRc29B4SSxi4oU3qlSpgLb8_W30lejH13sDpQyGizbybZN9vrEBKoFEk4g8J7ebrR-4TA4RKgzPCFbDhEbsajABNjL_-bGBOAEAYgF4cHEuU2SBQQIBBgBkgUECAUYBKAGZoAHsa_JF6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENy8CdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYoP2KwrLAgwOaCd4BaHR0cHM6Ly9hY2NvdW50cy5oZWRnZXllLmNvbS9wcm9tby9jeWJlcl8yMDIzX3JlZy9wb3J0Zm9saW9fc29sdXRpb25zLzEwMTE_dXRtX3NvdXJjZT1nb29nbGUmdXRtX21lZGl1bT1wcGMmdXRtX2NhbXBhaWduPWJyYW5kZWQtZ29vZ2xlLXNlYXJjaC10ZXJtcyZwaUNJZD0yMzk0MzcmY3JlYXRpdmU9NjgxNzkzNDQzNzc3JmtleXdvcmQ9Jm1hdGNodHlwZT0mbmV0d29yaz1kJmRldmljZT1jgAoDyAsBogwQKg4KDOS0sQLutbECtbixAtoMEQoLEJDw-_XindulrAESAgED4g0TCMm4i8KywIMDFTWfWgUdo8AG7NgTDogUAdAVAYAXAbIXHwodCAASFHB1Yi04NDU2MzUyMzQ4MDkwMzY2GOiHmQE&sigh=skGD6nB8AWc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_mBwMI0B0akvtUNVOXfen7qjhfl7rYRWpm5JnmxpNhYIrp5uKzcLez9O0Nfx-odY_E856kqxOhExXzV3250zF9JedkiarusnrhhgB&cbvp=2
Requested by: Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 5549 42 B
108 B 228ms
87ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl2qWajR_bu4LFjxCjxrN4IzaTsbyG4uKJWm1ljh8STEXKhygMEt0Gs5roOepvCqyyRVrdHMIP86f-C13NKZpaZsdIuu1ke_rAJ4fObACWRBy1zq14rHgpUVeUgRl2uTEjHyo21fMgiI1YzwFGzxJpk_2hAEae6NqFAiC_uLwZNnbVAH9b_Vw&sai=AMfl-YTyPeCuKy5kEJoPP4lanq7cadt3VDr03_3YjT_JxWJSFuORSH0tgpjyGc8_nVSFCm4Ddm2S8oVIRq4oDmb6NRYIikr7QwtH7UitnWQ2ptEtaV2sT15tMVvDZLehZpuFREn7-7L-pbIMAKV1M1i1CQ&sig=Cg0ArKJSzG-5NoiVjznKEAE&cid=CAQSTwAvHhf_6NuFxnUemI_p8plxjvQah9ylbiHgTZfOmJZ88Sw_plWXG-8uDZmqFPvbPWh7W4JiDWpxQZxgw4OfCz1pqsggWTvzKt5GI3dnktIYAQ&id=ampim&o=247,90&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=432&tls=1433&g=100&h=100&tt=1433&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad_gif__700_100_ Show response
fundingchoicesmessages.google.com/f/AGSKWxWnGWYOV7Vm0hpTEojkeIibC9f_fSD1iZNf4w5aoceknRfGk7ByOMwsonUchPDbxY0W0_NMSIJPVCnI9yeT_Hc2onsQb248Rj1l04qzAm46UEv1KJWFBUP3dXK8Hn_7RpJZLo3ZsVgQdHi1SzpYxXjVUCDAj... 54 B
109 B 91ms
90ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWnGWYOV7Vm0hpTEojkeIibC9f_fSD1iZNf4w5aoceknRfGk7ByOMwsonUchPDbxY0W0_NMSIJPVCnI9yeT_Hc2onsQb248Rj1l04qzAm46UEv1KJWFBUP3dXK8Hn_7RpJZLo3ZsVgQdHi1SzpYxXjVUCDAjXEge1PemkOgyvmlab9tJ6wljPOBGEgd/_/aimatch_ad_/728-90./adviewed./ad_gif__700_100_

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68945d4dbe1a015ca687db0a8527c23b028fa82b493a4f7265cda42fdfde7c1f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-liK6_3jBG795irOhMjlEKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-liK6_3jBG795irOhMjlEKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
455 B 154ms
64ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 13:19:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 13:19:50 GMT

POST
H3 204 AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 86ms
86ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DVuw3Tr5Ih49w9oM9MwI6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DVuw3Tr5Ih49w9oM9MwI6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 244D 42 B
173 B 155ms
87ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJmEyTSHckOWKxnKMreowzhLEvfUaapSIfOJWUKGXYYHD6uegd2KYKjYVy9TBjRpV_s-omVjCCdf9XyaFbgh2GcfybVdhHftsKFxEZnLhl3dCFJ6YQOw9U2mg9_tmECA3W47dpNT468WBHFUYeJ_0DXWpk&sai=AMfl-YT2BBxERDDToJYmhaUvu-bkgzMuWwtkmAvrMqdLthkkPLuXUHHRIbkzD5iVOdnLoRmaVlm-bUSz1V4HTIc9Q_8YkopkwCd5CJt8uJXGnjJDDEPJMBxY2KDx3zTm9VA4bH8rCpCPEjbrB4EHfc6b&sig=Cg0ArKJSzCnkR4HiXYEPEAE&cid=CAQSTgAvHhf_xfbktYfwVun3SjaNvmcQ1dDkvMYjWzCN4JrUApSC9AA-SdFRkf1mpl7Y1Ve_0BeRGvu_FPJjKp5UL2XCXZJb11eZ8Wnkx2RNFxgB&id=ampim&o=436,860&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=216&tls=1216&g=100&h=100&tt=1216&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 86ms
85ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-z9QiuzzP9its2KwjjyUD2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-z9QiuzzP9its2KwjjyUD2w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 89ms
88ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--8OTN9Ty4_2sNbkmvfuKaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: script-src 'report-sample' 'nonce--8OTN9Ty4_2sNbkmvfuKaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 105ms
105ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVEZAVZkj-nP2BecEs62HYwbcp__iMVHE5VZcaVYGfBqUyO-5ZISIOwSi9NKb3G-JOdE-9ap97X1rnGEWjN59m3knc8bcBDLN2bodtSPmLlB5as3d1gifOfST_M77RJaV8SCneMHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-atCg17qiBZddT_7lj_FZVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-atCg17qiBZddT_7lj_FZVw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxViZ2FWtYowQbG1eHinpAKhKK3m889np2Bczgf0kWCd0tA-VE8cC_xm0XzZWpG_7JB1b8-4NP96ggqYnM3hpuDJaHGIE0AEyJormsOBqrwvRUZgrK_WnbEo84u-jx5tet7G9coijg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 99ms
99ms Script
application/javascript 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxViZ2FWtYowQbG1eHinpAKhKK3m889np2Bczgf0kWCd0tA-VE8cC_xm0XzZWpG_7JB1b8-4NP96ggqYnM3hpuDJaHGIE0AEyJormsOBqrwvRUZgrK_WnbEo84u-jx5tet7G9coijg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MjU2NTg1LDQ0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9vdW8xLmJyYXZvbmV3ei5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68993782744ccdfa7b27384cbc4455cb83c3bb33354186a9f2c87d6d005f6d77

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QgcF4Dh60VeUjTvElRK4Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-QgcF4Dh60VeUjTvElRK4Ng' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxXnqoBRZshz4oT-UcZItkgD-0kwSgeio-S01Lr2RzkqYy0lIyf0L3gluiVIhGtsJbgx05x5u9NrMCBhL17GoRNPNxiLOi1Q-3LnbNCwwVkjitRiE1FHFq4g9WJfLVQ4x8uUYZ-0_A== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 87ms
86ms XHR
text/html 2607:f8b0:4006:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXnqoBRZshz4oT-UcZItkgD-0kwSgeio-S01Lr2RzkqYy0lIyf0L3gluiVIhGtsJbgx05x5u9NrMCBhL17GoRNPNxiLOi1Q-3LnbNCwwVkjitRiE1FHFq4g9WJfLVQ4x8uUYZ-0_A==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nP2Nzo9nPw5mghR17vRCMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 Jan 2024 04:36:25 GMT
content-security-policy: script-src 'report-sample' 'nonce-nP2Nzo9nPw5mghR17vRCMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ouo1.bravonewz.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame E69E 42 B
108 B 88ms
87ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSAeXJTN9AvYIEgowQxReyaZn-5fpNcxOMl-1pN03_kmaWEMwB3_ObNmGLm9DKSxM_k4CxA0x1QNyW1eg2-UaaDxviHtfgGNzYj1woIYYtm9AbIS_dIqfeT6fQTSeckJ0ZQC-wnb0ss3vDfd9LyU8vlO7t9j_XktlnsNbOuMIiKRwcynGcaXM&sai=AMfl-YT3qdzv40QdOOSulznucxKXwqyCJOLLlA7Op65XqikTlFfwiuxiAZLbgS6h3hHMoKUIun3kPI35_C_JVHIVYGC8zN6gZgdQkgYdIcOl87yipXS03_CEZk8naqapBW0S8a_z8n8m8lr17NJZfONt6w&sig=Cg0ArKJSzHVnu7_5kgWiEAE&cid=CAQSTwAvHhf_OWMoPtdpNn73ORKSOL2MF5hXkPbfRUQPgXYWRvAKLCQyifX_kEqsHtVM4trS3jDAO2EZhe3FPMwUYGYZTD3kr4-JqVGxEpESNcYYAQ&id=ampim&o=107,700&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=244&tls=1245&g=100&h=100&tt=1245&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6098 42 B
64 B 88ms
87ms Image
image/gif 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQHxFc5j_WDOMGf7r7z8VOaP2yXda2ekBtI0Xg1qTbR5kzWArQdrXcC1S9qs-gA3jM3GEqXIMfR7Xzs9gxuI_Ftg_Y6SuJ0rSZTPUBIuh057mvuybxL1KDPuy-TNVcS11oz8MYaq_9_W4NwbL_wauJKFnK&sai=AMfl-YQMC9PYl2X9IbqcqZWmU-TjMqfFzO_55tA-RihGHpGmRqi-xgTf0FyMrlqfdU5-6QdY1_m7jzDYvlD1tjH3F4CbXpoAFRr5sKEME8LD0_RBHcjRBoBX2Mwv-lq1XmzAEz9N8AivxNDlRibn6QGs&sig=Cg0ArKJSzGuzWqwqr0JrEAE&cid=CAQSTgAvHhf_mBwMI0B0akvtUNVOXfen7qjhfl7rYRWpm5JnmxpNhYIrp5uKzcLez9O0Nfx-odY_E856kqxOhExXzV3250zF9JedkiarusnrhhgB&id=ampim&o=1193,90&d=160,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=136&tls=1136&g=100&h=100&tt=1136&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Requested by

Host: ouo1.bravonewz.com
URL: https://ouo1.bravonewz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ouo1.bravonewz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-NK0H6S09HF&gtm=45je3bt0v9106897975z89133154062&_p=1704256581752&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=908902529.1704256582&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1704256582&sct=1&seg=0&dl=https%3A%2F%2Fouo1.bravonewz.com%2F&dt=Maticoo%20News&_s=3&tfd=8091
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NK0H6S09HF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ouo1.bravonewz.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 Jan 2024 04:36:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ouo1.bravonewz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: creative.mdspinc.com
URL: https://creative.mdspinc.com/cpmmedia/seacherAds/59a47396c0b41c7d.jpg

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bravonewz.com/	1970-01-20 19:33:52	Name: _gcl_au Value: 1.1.1779672371.1704256582
.bravonewz.com/	1970-01-21 03:00:16	Name: _ga Value: GA1.1.908902529.1704256582
.doubleclick.net/	1970-01-21 03:00:16	Name: IDE Value: AHWqTUncKzfb44IpFH4mAWSug5IDsqMX_M8dfwRSDb3iXNKjny19RA7qmz0czaTTkcc
.doubleclick.net/	1970-01-20 17:24:17	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 17:24:20	Name: DSID Value: NO_DATA
.bravonewz.com/	1970-01-21 02:45:52	Name: __gads Value: ID=2e2cbdbefb6be89d:T=1704256583:RT=1704256583:S=ALNI_MYSFrhWZTZdqpMK6AIuqIsMYdvAEA
.bravonewz.com/	1970-01-21 02:45:52	Name: __gpi Value: UID=00000a05f9ad556d:T=1704256583:RT=1704256583:S=ALNI_MZ6BT96WeOEkBV0lZWi6oWkMHBGqg
.bravonewz.com/	1970-01-21 03:00:16	Name: _ga_NK0H6S09HF Value: GS1.1.1704256582.1.0.1704256585.57.0.0
.bravonewz.com/	1970-01-21 03:00:16	Name: _ga_HGM5N36QZC Value: GS1.1.1704256582.1.0.1704256585.57.0.0
.bravonewz.com/	1970-01-21 02:09:52	Name: FCNEC Value: %5B%5B%22AKsRol-Q_nuevDwo7J3ux-Gw7oZZ-UVHiAdjFu9BgXWd6y19my6j1R5LlrEee4ZQ1liWQwNCwWuxUKrSGmKw8YieelXWhOMv5GsmgL5lTdyjz0lNSS9pj8qayKx93BWIa21_JHtj0O2cYmNhchgh-upBiJTGJMAHKQ%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors https://.myworldfix.com https://.beesads.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6804ee0b40a25aa01832ccbc699f9299.safeframe.googlesyndication.com
8proof.com
analytics.google.com
api.gamebridge.games
cdn.ampproject.org
creative.mdspinc.com
deapi.funsdata.com
fonts.font.im
fonts.googleapis.com
fonts.gstatic.com
fonts.gstatic.font.im
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gw.gmoneygame.xyz
insightfulnews.xyz
ouo1.bravonewz.com
pagead2.googlesyndication.com
sdk.enjoy4fun.com
securepubads.g.doubleclick.net
service.gamebridge.games
stats.g.doubleclick.net
storage.googleapis.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
creative.mdspinc.com
16.163.67.213
172.105.196.206
2001:4860:4802:34::181
2600:9000:21da:d000:14:534f:c580:93a1
2600:9000:23cb:f200:2:d04b:a280:93a1
2600:9000:24f0:b400:5:482e:72c0:93a1
2606:4700:3036::ac43:c669
2607:f8b0:4004:c06::9b
2607:f8b0:4006:806::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80e::2008
2607:f8b0:4006:80e::200e
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::201b
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2001
34.236.146.69
52.116.53.150
54.161.189.120
8.45.52.175
013fc39efb38a28d8eccab58189059646847bc5c54e1c4b637e874b6109ee0ef
0a954d47acf93ff18209a298857e97cc40ea4c8f81b2122a6ab650a4735e7a5d
0f8b3abe0da9efc69064764f0fea569784c000055a3594396e9420931db8d02e
16b848871a8d498147f05804212a8764e75bdd0bc04300082c3e0970fd4c8b03
17d5ca47d57ac54c2e09873091e07ea6a1a00c8d6dc40f5c08093443ba1a762b
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
191f428dc5ebe1d269c36f7bcb86649dd55716c7c51739423945b498d6538cab
1a01317e9df37b5e3f3f6f92f08cc3ab4a002d927a2168469b8861346a52a87a
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1d2960f499c3b2f779dcd8c4ef7b330ce1dc31bef180b92234502a72a9630391
20f747758acb2c2cbe9e9669281f1d68c2925234bf31132fb8d3546516ee3010
23496a85adfe42009adc1be838b844b5b8b38b11d6858760075d142e9f74cf2f
29e4c24a2fa1b6c2218b217e252a8d838cb65819a3b959a73c1a3565067ec0d9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
31aae2fd87895f7f2a91ed5e5a581a226dacb0ab5981cd428d025ba914fd97f8
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
394861292ac74a494c4f52442eb3a015742d11782df36d69b75b0da252311a28
3a9c3d842964c24040f0ff01b62d3985df786dda435f3a8821df322d2ef565ba
42f90637ea25ad029a8be581e8d36bd49b021a7a27639c9bf6230cf49dbb4d1c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4949f4e1cff9e8a960b44c9a8be70bc4bb10216eb4d0123ca61753e0908a0f87
4dcafc3e39b8e888e31deca058b45d855d4660e3404483619772dcc0ba5803ee
4fe87d6467a7b69443e0484b980d6b00c6b7ca5b6f1e632c716c4384b3dd98da
4ff7fb4a3bb565f34d7c187bb245a7d22765081708dd1c1d2d24b8fc8ecd40a4
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53888787a870ff0fa634da2fa1b09aa0cf689e3b6c3abb907b21dac62d5d7758
53ba2295ed3992d09c4bf3aee72892afde1c3ef6532b5880b371d149fdd78fdb
541c0e050e0bb4c4fd544e938d67d45ec3ac4a3f57c06cd40c494b4d936d7924
5cef9367d2bcaba25b74d20e0e139d2cf900e9123e5fde26101aee7f40f6b5cf
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
68945d4dbe1a015ca687db0a8527c23b028fa82b493a4f7265cda42fdfde7c1f
68993782744ccdfa7b27384cbc4455cb83c3bb33354186a9f2c87d6d005f6d77
6a5817e6f4677485787dd9ce6cf538c541d34036d93ecaa1f265ee0dbc80bc3f
6beec1235d8d071a06e755195d7eedd5ff8c43b9683a5eb34ff220eefa598658
7243851ff5dc64ae5af042ddc3df57a52654de6ba5ebfcb60a4194395343d391
7406e6704e6b43e6b79717bfd611dd62dedf298f630ec6bcd0bce5c98b973d62
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8879e4ae3d15a1b8bb9191909ace68e62ac1a08757d7bb222d97ea189c0506e7
8a733043b7a7778d6035fd6c915853aded9d64b50d3bc7ac0a6dc65311250922
8b40e47cea115869fe48f1f9c7486889ea717794a44c1d0c4f9ec8eca02f92ba
8def6bfae59acb3fc37e20a2859823d3df699f2040fac0f4a926edea4834b329
8e5c18561a9f539fe99de4c37951410bc83fee2537d0a203a2b01b0cc9fa36ca
901dcf29dcefbf9397d6b92f31b0370349c545fda6daec7124590249da2f12b2
98be19bc78b5bc5d419e4fa6ea055ebd4671a963e2cc644aeed4362f15d14c31
99ac7037f3c17416260a2218401c1271c5e3f78cd23c4f8dc217d352bf1eb170
9a50ae771cefd0957a673b8ccec3db7025acdb609fe0e33a1c8d9aee95feba63
9adf902a6cce161e61c46cef4089699e1df704810e73c639b25a583dc42f2e37
9c579b70839ec2ddfb2c482859d6785c6422551bcd889a80fca9586919ec7155
9f68504c9d4a273de5bf817a9a4c8cd3295396e26f30eccb561b085ed0d175f5
a450d0fd89c2e2a975390dd9468f720be6ecc627531dabd079999a760ee2d6d2
a463986784a303d79375af161a8afb6fb1249053147b75e5689297f5c0a111d7
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b322e74aed0904b4989c7bd7378ab0d668a9355f56f4546e4e044c0fec864012
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
bb790e1af04a584cba8a432be8ef465b056ed6a53feb075ebc670b3b8265caf3
bcc36e58e798f0ccda4333f74a5c30b51fc87ddf9b088861c3448b57eeff438d
bfb83a3974382a9b50add165ab2972d4387ab46e77e5f9f09d3eb440d655214f
c326a1c6efdcf30c6d38b6fd18e0b368f9d6d77e4426fc1da231440a32f100cf
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c96c58325fbc8271de26e60d6e2d234545af1151b545c72a2120dd5e10a8db31
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d09663b00aedf80e5dc48dedc9d90aefaa8a793d491b70d8a49073ff30c4f2f8
d1dd9cd76f98dca5c2725e5b3607055d5c66026b247bec58347a49ab71f2a483
d5d2945f49fc861ab7092bbd5bef93da3b0f6b6e91a2e1b7711d778bc7a57bac
d83d3f2a87a94f940a81d0087e49b3a1dedde38d7e136a49e56523584e52edff
dc396b39bfe77a331ffc0b6563e4b36ef352c445b0611ff87c2f0092fa425381
dc43649982a1568c3d90d61db9e2565e40f22fec031b38bf786975ed576860c0
df62332ed4668f36c9e9c03afaf98b9841e1b6a4d9263986c77587710d59f20a
dfb98572e3d61d65ed899c5588f45911f08017c2a8cdd32a73493dee98db6e4f
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e1f4f0f23c2dab3c1f20cb5a8fe7ef05a83a769ef70e22b92be1ffc496281712
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e2e13fa5320f75aa0fc32e7785d26d773a7b96c2cc8a12b4f7c6b6b0aa1fee
e895409b184da8fc667712cd5fcd8cb5246fcd060ff690e2b2efc7c39f856fc5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6b777118049d8da11255d6605449642cfa99d1a1ab1bc37b6bced0ba890b44
f3ed632bfa3d59d2c1d8c821eda81a24ada516a16a0ffab022f3948d6b01ab6d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f823fbe1603ace5fcb052b35fbac724ab2618c24d37af33c8c3b2b5b2efea20d
f9e83ba57281c789c8463ae5626237e47441c0fc1512eb0b610a78cd5bd42175
fd36da12a628e0955ce5de56a354a49be7e3f2f30b47da95e8e2e39bc24244f4

ouo1.bravonewz.com Open in urlscan Pro 2600:9000:21da:d000:14:534f:c580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

96 %HTTPS

75 %IPv6

16 Domains

25 Subdomains

23 IPs

3 Countries

2755 kBTransfer

5475 kBSize

10 Cookies

0 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ouo1.bravonewz.com Open in urlscan Pro
2600:9000:21da:d000:14:534f:c580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

96 %
HTTPS

75 %
IPv6

16
Domains

25
Subdomains

23
IPs

3
Countries

2755 kB
Transfer

5475 kB
Size

10
Cookies

139 HTTP transactions
5 data transactions