animal.meogamehay.com Open in urlscan Pro
2606:4700:3033::ac43:85d1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://animal.meogamehay.com/
Submission: On December 28 via api (December 28th 2023, 4:44:08 am UTC) from US — Scanned from US

Summary HTTP 134 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 21 IPs in 2 countries across 13 domains to perform 134 HTTP transactions. The main IP is 2606:4700:3033::ac43:85d1, located in United States and belongs to CLOUDFLARENET, US. The main domain is animal.meogamehay.com.
TLS certificate: Issued by GTS CA 1P5 on December 20th 2023. Valid for: 3 months.

This is the only time animal.meogamehay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	2606:4700:303... 2606:4700:3033::ac43:85d1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
14	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
11	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
22	2607:f8b0:400... 2607:f8b0:4006:80d::2001	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1 2	72.44.46.92 72.44.46.92	14618 (AMAZON-AES) (AMAZON-AES)
3 4	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	68.67.160.137 68.67.160.137	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	2607:f8b0:400... 2607:f8b0:4006:80f::2004	15169 (GOOGLE) (GOOGLE)
1	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1	2600:9000:261... 2600:9000:2616:ba00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	2600:1f18:1ac... 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228	14618 (AMAZON-AES) (AMAZON-AES)
11	2607:f8b0:400... 2607:f8b0:4006:80b::2006	15169 (GOOGLE) (GOOGLE)
2	142.251.40.166 142.251.40.166	15169 (GOOGLE) (GOOGLE)
1	23.47.69.85 23.47.69.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:ae80:147... 2606:ae80:1471:17::1080	25751 (VALUECLICK) (VALUECLICK)
134	21

23 2606:4700:3033::ac43:85d1 (United States)

ASN13335 (CLOUDFLARENET, US)

animal.meogamehay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:816::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:80a::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2607:f8b0:4006:80d::2001 (United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2002 (United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.44.46.92 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-46-92.compute-1.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.32.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.137 (Jersey City, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80f::2004 (United States) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2616:ba00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2607:f8b0:4006:80b::2006 (United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.166 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.47.69.85 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-69-85.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:ae80:1471:17::1080 (United States)

ASN25751 (VALUECLICK, US)

tpt.mediaplex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	536 KB
23	meogamehay.com animal.meogamehay.com	308 KB
21	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 bid.g.doubleclick.net — Cisco Umbrella Rank: 840 ad.doubleclick.net — Cisco Umbrella Rank: 139	169 KB
11	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	379 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567	108 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	81 KB
6	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	11 KB
4	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	258 KB
1	mediaplex.com tpt.mediaplex.com — Cisco Umbrella Rank: 5881	323 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	596 B
134	13

	Domain	Requested by
23	animal.meogamehay.com	animal.meogamehay.com
22	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net animal.meogamehay.com tpc.googlesyndication.com s0.2mdn.net
22	pagead2.googlesyndication.com	animal.meogamehay.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net fw.adsafeprotected.com s0.2mdn.net www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com animal.meogamehay.com googleads.g.doubleclick.net
11	s0.2mdn.net	animal.meogamehay.com s0.2mdn.net googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	ajax.googleapis.com googleads.g.doubleclick.net
4	www.google.com	3 redirects tpc.googlesyndication.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net animal.meogamehay.com
2	ad.doubleclick.net	animal.meogamehay.com
2	fw.adsafeprotected.com	1 redirects animal.meogamehay.com
2	fonts.gstatic.com	fonts.googleapis.com
1	tpt.mediaplex.com	googleads.g.doubleclick.net
1	stags.bluekai.com	googleads.g.doubleclick.net
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
1	ajax.googleapis.com	animal.meogamehay.com
134	21

This site contains links to these domains. Also see Links.

Domain
tielabs.com

Subject Issuer	Validity	Valid
meogamehay.com GTS CA 1P5	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.mediaplex.com GlobalSign RSA OV SSL CA 2018	`2023-03-16` - `2024-04-16`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://animal.meogamehay.com/
Frame ID: 3E897B5DE3873B880C0CE1B7196C3840
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 2B1BEB7C456990120208477DBFC7F1C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5431908161009251&output=html&adk=2969136045&adf=3689892565&lmt=1703738643&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fanimal.meogamehay.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703738642973&bpp=3&bdt=361&idt=395&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=319231132275&frm=20&pv=2&ga_vid=1658447084.1703738643&ga_sid=1703738643&ga_hid=700892302&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079980%2C95320884&oid=2&pvsid=3490638409845107&tmod=553644559&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=416
Frame ID: 254531D13EB6754897CA78DD7F816260
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F79B2667909AFA74EA53FD9F0DE1A607
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 5CAFFA6325DCF45BB5A7685648FC883E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: AF4B744D0C1B14F93BBAB0EF0704455B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 291E6DA7AE76E523F5CA31EB43D29321
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARis1cbbATAB&v=APEucNWK4cS-NlYfTmj8GjtQcg5-E9SLwkgf3QAFSPVA1ci63wVxjYza7BQrIpiOOyA-ANFWl-vcvkKwFWEehwa5hjkGPFRDSA
Frame ID: D8CBE984A8B25A8AEE2ADD2AB9E859CA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 886E7538303767FEEE3423207EB184A2
Requests: 29 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 838C758115CB793F304D48C3DF8DF829
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 39E43A56948046F29AA19C0D09184FEF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EF060CEE0362C71FDACE295C7B733E93
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A352FAFAE003EB5FA3A2E805EF6BF31C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 79E2DAEC1BF753E1850F76FA376AFE78
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 40A08AF84AF4656E7F3B35436F7172A0
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: BBA377E664872298A8347980E54A341A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 558CA67E1636C10D99A6ED1BB759FC21
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: C27D92235560F20B5755DDF77862E840
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 68C98F95608B8C8A4E85D703B68B765D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: DE22C776ACC57FC2A4D275A51F95E084
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
Frame ID: F9EDFDBFA9FB0F72F4C0766C1682AF61
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Frame ID: 96C3BC94FD80126C9518DA7181A875A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

animal.meogamehay.com

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

134
Requests

96 %
HTTPS

65 %
IPv6

13
Domains

21
Subdomains

21
IPs

2
Countries

1850 kB
Transfer

5095 kB
Size

14
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://tielabs.com/go/jannah-sites-footer
Title: Jannah Theme by TieLabs

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYz9FaCOJTIqdPUcV5UuvQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHvvHadYmvngmkV3rgfKumI&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHvvHadYmvngmkV3rgfKumI%26google_cver%3D1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDI5MjQ3NDYxMzc0NTI4OA%3D%3D

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 90

https://fw.adsafeprotected.com/rfw/bgd/1278205/67951302/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFaPevS7e680YqKGaZXthZL67uxU8GLwnn-TIFPJ-SlAeinQn9qR_bssv9AoZjjtPPvQX3uOzH0XQtN8ovk-Xg1L1qFxtdpk6hqj4SyRUAoCZ_4NNxbI1-XiwvPsypqd88OT6TrWeneaKbr0YZS3srPZIvM0MRH97aDiLoKaJikc8kh5SbVAMtU10V_Vfz8GgCYLIJMmRnVqzBRNQaIulVD8lEPuSpiJ891Ul2SSA9icURqq6LINz1SRphuqyhNsLcPxKKNZD1p3q3SIlQHt7HooNa6cUZLP6LjBajKpdRe3Tj957Iaamc7oIvsN58-DhJ_-A7y6RzAJj6d4ueHjMUkAfDlCdwGdsmNSbp_yJCugddpZOa7OXnelOEhmZm4xmO4u4WR1JUAnAfcY4e8gGi7qgUw2y0XJoN0C0fSBCAcp1IeFGRTM5Ds6XyHwZJ0jTyuVBxfeBaPBisXcufVycc8itTVEa23o1Ay3i_xNam7l-kyD-8mYiHAkduJKt-sfmNfpTNimzhnvw8sPX_PUzN58uO13RRsivbtdKdZpCnUC40EL23rnr-HxInHxIOg7O06-hSgV5YBKaOpPUWzf1lXGIzqIHAM7-GzEfXE2oY-7bYazmgjvDVDlNYtvBhx3sIc-c8LDpCK4gRQxxg-nl1ZDNQYQsth7uXwkgzKgBIpPEvwdtNfFWldtaO7oOGiP2VJeJ0P58DW_PfWBEB9X0H_t3zSxyZbQtuigcAKuQfmfjzZqSQgJcV0otXgNRqj5CDcJXkczPHHYJ68nn76jqWOUp1uxab8Hf9xpjv6oU-IET0S0Do7oD4Z_c-WBLgOX_NLb-q59mQW8qt661SXfgAQu_dDfsZ3P5wSfYTK5Y-ndUsz-BjEIza3s9--I-YvtvfVMXXn-8rbhJXjCgJ1mY-VkNfm1gfj-hcMQowmLKahGVTXNh021Am5vrE5xgr2wIi-3JRT2qJWEcATIY_hGn0527l28syA_Uoia9-_PAQ2lQDIxMrBEJ3FoqJPDKA4FwfsuumNRTueHEMRu1Ib09YIdDGnkm1M-7TK7rxcxnqIECAiiESb1uVsdK2GVKlGTJ5yaRbKzmnQmANVnEM6aWQ-tcrTrZQuTDzs6Q7cKU8U4yDcLuu6ZdA1lm4f948L9jtEof1TwfxWMnYk28Flg0VPlWQjOOfbXvwgejdCoP3dymLDC58-n3BByzZG28ubvb4y_rLcJDHzsT3JL0051fznapGRCDel6equMmhxpvqpoKyAG4deUkeEFHwmgOgDwRRlGqWMZUQGQVmEPMculvl-9FyF2pBnTQtUg4V-AadjWPS09X6sC0YlZyQlkew1LbHZHWr_-BnJzKH0uwQQSe8vsaB3HQHRgCtQ0SMi3SzJeiNdG4MgfqAdBXHsmYcw3hZaRFiRuTgnOIzvr2qmuQA69SgQzM5UPL9Pf8vVh7pV4p2ncs-kaEod41DMOZPiqVaqtkDOKp9zgivWGAfmB4BiPehXrHoKa4EeX9oPKqfZyTfN9-zuhLS3E24piGSsKYwczRWUfLCno91IkQcTtXgtSfHtiDLzSX-9Tn81WzVk_MJ_ABBAODD8TyHvQJubvjUTyv8V80GBmWJH5zXBBz6l_mNn67fcEqjQbhqyfiHuSbyj02sgP3ZShZI1UyJMcZW0lzod-2qN5UacnL6Vhlz6tZYN87E3BoF3KA_HiYHBcyZSszn8xYKVOd_utvpEtmeYq7EhNqmE3RJHOEHXXESLcZAEGpPt2S8L7t6-3tTDcoEwN8GOrp3avDrEct05lbpycAjVqA6p9RNv8BoUJuNIfNLynpbCqwl-Z6NC2en0ars68eW488-43iumtDGH3gtdyQd-VCKPDrLOgGybQIrDcVQj6florkzVi1RJ2t6ebQEX5uR5WpWg5luLMC_wiDXDSyY3qypumUEUAoAky-Ii4F77Hy-mPARMB5COxzDrdbrThpUWnkfc_CA85wsnAoFkDXvHIOmQ5DqA7DUKXwVnrt5Lv2j2zEgMILjezIOiyTWXRHjPLSDFSQzVV2YDe3vLlKZkWsCS4vEdPb6LhRBMQicyVqs8ZGoFYxQt_5_OAqdf0rSiaRsC7g6IU2rJNpVDWc5Qb1MLibXaLuUv2fQNB3bSfeyRc4so3N6ttv5YQ2ANTPHRki0JXt6MB03A8ypTdWlcnkS9R540Fyvg46P1v82kaR8KLifjFw0FKKs0M0AxLagdZGJi-PgjdA19IekqmDXvHewwKd6yPo9iF-zF32ZLcPt3tax8BD1kClAG_WpftUiu1LQBW7VOtJlpRcsc2KfYmpJj25flN2of-_rzbYKV2jnYZ5PU5R9QCeRap4kHARzfCtS7x1AQz0_2vQWZBMAPvG9RFNngvrFjXgd1iquWNhtOzvm7uNNL-wY8EL1QadclEmqfPteqGLE4DWRJE1C-NDHaoY-WZnT3bpDIW1EQWbDVDGEEOUdA-7fJs8hoQydU0QMNPkbo4mM_zcZLexR0FJV_uA5z4lQjCeXlHoCbGn_-3AHHikyDNZDSwrdFHwWP-kwmaJPDIm-60fcKtwVl3t3qg1a8J8CFqmkzrqPAiXzPDW4W-j7qWJ-1-IvtECFhdQR8U9oPsicS4B7TcmVwiKIT37qd_RCtTlnB8olLafldxSYPh_ASTLcGX5E5TJeTG1MmXJAcyn3kHGZber8Zb28Q6e9bXOEMY8fSzIWuhMFQDGCGVhIhxYiSD6XGOLCF6ZOMTd9sj7tJ-yxrQ-b-mGUINKprSO-grIydBoAHxFnUweEB7iUYinYRqqfhej3ooRSLdZAaxGtFAzHWEFqY23u1i_mVbGW79mvY_tN8H1Yx8O2zOKtpOSWiYgG6e5OEPzTlmloIV4jyAxY4DHMbM7ZtdOqBGly6KbEMfSdvrmabuCPh92ZRY_zoRJNbB_EvtGBUl_fFWTYQMQmAA2UiFq38MwqPhPVoKz0FBq9ejFXB1e9Ab-xZM8w1gypcuKtiPXF6D6WrEaZRIV4QvDZj5wJSFO75lEhQ8uM5j_NzMH7BbvFhEpT4UA0qNcWFJ-pRwNvBpSWDv3aQ6YSDJz46pFZYNfYJyBJoeYl5RL7MIdxj2So-LE1tG-RfaGvIKXJuIkia6bt_cHqU_K714wtdK_BvnQ217L44TNHBeW7MkxL8KapVDoKgBZnsG3qrTrIzsv7lAXTcpi3k2ngTE-9qI6r_uXDYR6Qslt74VO7EwCr1FBtY8tfD3XDZZeYfa0emO-ceFJgPowEDh1fe-eejd__JXcTb_Mz2BYz9vjhlbsePKLQJLQfiio4IX4CAdX-RNpoqcWqmVNRAtRMuEQyYMnx_iq8w62fdq8zA6L4G09iWjHZSEsREuwxEiYvpkFpLye3o_p8vtSSjRvXnQaYb7G_N6ZyFSJjXuHUUU6JRHFfato4S-GPQJq55IQM9uxZCDnQkO4cBdsFArsaOar8JNOZfOUjgM2whrzX9nHkp6lPwPmS7Ya-QZNKccVUI4aF9E7AHngEROUhOOCeMvVR08e9pvTkXDFBMmS9ojl-zyTQgKrZ6B4YHPy5_-Aplq5p8OGtDqSaXNKLAlu_BuYhBaccU0RAyGYJs9ftE7HUwndUWgqdP-vEDwtpcqaMgd0aNm2CUdXH5WlKimTTz4rxZItBUHLSIqUj5VqllJd9iwQpriMUojDcxFKX5Vjj8slFTWnhfjhBz5o2xgOhAF2T4E7HesClRmQhpxBSFYiDwKMcp1vaKSVvzEwBiFZ4sv7n4B74LjvHZTl0APO3NN6NTj6oGlUIBBJPAC8eF__8jLv_X3nq0NwjicYPWOYcEhZXMZy7kw7jJFB1cN0G5s79-0eqem3HtsCoML3YuNkFFVVbD1S8VMqHHCk6sGjk85KzzkOoUNPjdxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1009767980&ias_pubId=pub-5431908161009251&ias_chanId=1&ias_placementId=19085213996&bidurl=https://animal.meogamehay.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h3Fbt4fsN7birSGx97chXz&adsafe_url=https%3A%2F%2Fanimal.meogamehay.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fanimal.meogamehay.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D2969136041%26client%3Dca-pub-5431908161009251%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:398d6bfa-75e1-5f17-4f55-cf558df56221,c:y1ycVy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-8m6kw,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:bae3d24d-a53b-11ee-bbb5-96eeee45282b,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFaPevS7e680YqKGaZXthZL67uxU8GLwnn-TIFPJ-SlAeinQn9qR_bssv9AoZjjtPPvQX3uOzH0XQtN8ovk-Xg1L1qFxtdpk6hqj4SyRUAoCZ_4NNxbI1-XiwvPsypqd88OT6TrWeneaKbr0YZS3srPZIvM0MRH97aDiLoKaJikc8kh5SbVAMtU10V_Vfz8GgCYLIJMmRnVqzBRNQaIulVD8lEPuSpiJ891Ul2SSA9icURqq6LINz1SRphuqyhNsLcPxKKNZD1p3q3SIlQHt7HooNa6cUZLP6LjBajKpdRe3Tj957Iaamc7oIvsN58-DhJ_-A7y6RzAJj6d4ueHjMUkAfDlCdwGdsmNSbp_yJCugddpZOa7OXnelOEhmZm4xmO4u4WR1JUAnAfcY4e8gGi7qgUw2y0XJoN0C0fSBCAcp1IeFGRTM5Ds6XyHwZJ0jTyuVBxfeBaPBisXcufVycc8itTVEa23o1Ay3i_xNam7l-kyD-8mYiHAkduJKt-sfmNfpTNimzhnvw8sPX_PUzN58uO13RRsivbtdKdZpCnUC40EL23rnr-HxInHxIOg7O06-hSgV5YBKaOpPUWzf1lXGIzqIHAM7-GzEfXE2oY-7bYazmgjvDVDlNYtvBhx3sIc-c8LDpCK4gRQxxg-nl1ZDNQYQsth7uXwkgzKgBIpPEvwdtNfFWldtaO7oOGiP2VJeJ0P58DW_PfWBEB9X0H_t3zSxyZbQtuigcAKuQfmfjzZqSQgJcV0otXgNRqj5CDcJXkczPHHYJ68nn76jqWOUp1uxab8Hf9xpjv6oU-IET0S0Do7oD4Z_c-WBLgOX_NLb-q59mQW8qt661SXfgAQu_dDfsZ3P5wSfYTK5Y-ndUsz-BjEIza3s9--I-YvtvfVMXXn-8rbhJXjCgJ1mY-VkNfm1gfj-hcMQowmLKahGVTXNh021Am5vrE5xgr2wIi-3JRT2qJWEcATIY_hGn0527l28syA_Uoia9-_PAQ2lQDIxMrBEJ3FoqJPDKA4FwfsuumNRTueHEMRu1Ib09YIdDGnkm1M-7TK7rxcxnqIECAiiESb1uVsdK2GVKlGTJ5yaRbKzmnQmANVnEM6aWQ-tcrTrZQuTDzs6Q7cKU8U4yDcLuu6ZdA1lm4f948L9jtEof1TwfxWMnYk28Flg0VPlWQjOOfbXvwgejdCoP3dymLDC58-n3BByzZG28ubvb4y_rLcJDHzsT3JL0051fznapGRCDel6equMmhxpvqpoKyAG4deUkeEFHwmgOgDwRRlGqWMZUQGQVmEPMculvl-9FyF2pBnTQtUg4V-AadjWPS09X6sC0YlZyQlkew1LbHZHWr_-BnJzKH0uwQQSe8vsaB3HQHRgCtQ0SMi3SzJeiNdG4MgfqAdBXHsmYcw3hZaRFiRuTgnOIzvr2qmuQA69SgQzM5UPL9Pf8vVh7pV4p2ncs-kaEod41DMOZPiqVaqtkDOKp9zgivWGAfmB4BiPehXrHoKa4EeX9oPKqfZyTfN9-zuhLS3E24piGSsKYwczRWUfLCno91IkQcTtXgtSfHtiDLzSX-9Tn81WzVk_MJ_ABBAODD8TyHvQJubvjUTyv8V80GBmWJH5zXBBz6l_mNn67fcEqjQbhqyfiHuSbyj02sgP3ZShZI1UyJMcZW0lzod-2qN5UacnL6Vhlz6tZYN87E3BoF3KA_HiYHBcyZSszn8xYKVOd_utvpEtmeYq7EhNqmE3RJHOEHXXESLcZAEGpPt2S8L7t6-3tTDcoEwN8GOrp3avDrEct05lbpycAjVqA6p9RNv8BoUJuNIfNLynpbCqwl-Z6NC2en0ars68eW488-43iumtDGH3gtdyQd-VCKPDrLOgGybQIrDcVQj6florkzVi1RJ2t6ebQEX5uR5WpWg5luLMC_wiDXDSyY3qypumUEUAoAky-Ii4F77Hy-mPARMB5COxzDrdbrThpUWnkfc_CA85wsnAoFkDXvHIOmQ5DqA7DUKXwVnrt5Lv2j2zEgMILjezIOiyTWXRHjPLSDFSQzVV2YDe3vLlKZkWsCS4vEdPb6LhRBMQicyVqs8ZGoFYxQt_5_OAqdf0rSiaRsC7g6IU2rJNpVDWc5Qb1MLibXaLuUv2fQNB3bSfeyRc4so3N6ttv5YQ2ANTPHRki0JXt6MB03A8ypTdWlcnkS9R540Fyvg46P1v82kaR8KLifjFw0FKKs0M0AxLagdZGJi-PgjdA19IekqmDXvHewwKd6yPo9iF-zF32ZLcPt3tax8BD1kClAG_WpftUiu1LQBW7VOtJlpRcsc2KfYmpJj25flN2of-_rzbYKV2jnYZ5PU5R9QCeRap4kHARzfCtS7x1AQz0_2vQWZBMAPvG9RFNngvrFjXgd1iquWNhtOzvm7uNNL-wY8EL1QadclEmqfPteqGLE4DWRJE1C-NDHaoY-WZnT3bpDIW1EQWbDVDGEEOUdA-7fJs8hoQydU0QMNPkbo4mM_zcZLexR0FJV_uA5z4lQjCeXlHoCbGn_-3AHHikyDNZDSwrdFHwWP-kwmaJPDIm-60fcKtwVl3t3qg1a8J8CFqmkzrqPAiXzPDW4W-j7qWJ-1-IvtECFhdQR8U9oPsicS4B7TcmVwiKIT37qd_RCtTlnB8olLafldxSYPh_ASTLcGX5E5TJeTG1MmXJAcyn3kHGZber8Zb28Q6e9bXOEMY8fSzIWuhMFQDGCGVhIhxYiSD6XGOLCF6ZOMTd9sj7tJ-yxrQ-b-mGUINKprSO-grIydBoAHxFnUweEB7iUYinYRqqfhej3ooRSLdZAaxGtFAzHWEFqY23u1i_mVbGW79mvY_tN8H1Yx8O2zOKtpOSWiYgG6e5OEPzTlmloIV4jyAxY4DHMbM7ZtdOqBGly6KbEMfSdvrmabuCPh92ZRY_zoRJNbB_EvtGBUl_fFWTYQMQmAA2UiFq38MwqPhPVoKz0FBq9ejFXB1e9Ab-xZM8w1gypcuKtiPXF6D6WrEaZRIV4QvDZj5wJSFO75lEhQ8uM5j_NzMH7BbvFhEpT4UA0qNcWFJ-pRwNvBpSWDv3aQ6YSDJz46pFZYNfYJyBJoeYl5RL7MIdxj2So-LE1tG-RfaGvIKXJuIkia6bt_cHqU_K714wtdK_BvnQ217L44TNHBeW7MkxL8KapVDoKgBZnsG3qrTrIzsv7lAXTcpi3k2ngTE-9qI6r_uXDYR6Qslt74VO7EwCr1FBtY8tfD3XDZZeYfa0emO-ceFJgPowEDh1fe-eejd__JXcTb_Mz2BYz9vjhlbsePKLQJLQfiio4IX4CAdX-RNpoqcWqmVNRAtRMuEQyYMnx_iq8w62fdq8zA6L4G09iWjHZSEsREuwxEiYvpkFpLye3o_p8vtSSjRvXnQaYb7G_N6ZyFSJjXuHUUU6JRHFfato4S-GPQJq55IQM9uxZCDnQkO4cBdsFArsaOar8JNOZfOUjgM2whrzX9nHkp6lPwPmS7Ya-QZNKccVUI4aF9E7AHngEROUhOOCeMvVR08e9pvTkXDFBMmS9ojl-zyTQgKrZ6B4YHPy5_-Aplq5p8OGtDqSaXNKLAlu_BuYhBaccU0RAyGYJs9ftE7HUwndUWgqdP-vEDwtpcqaMgd0aNm2CUdXH5WlKimTTz4rxZItBUHLSIqUj5VqllJd9iwQpriMUojDcxFKX5Vjj8slFTWnhfjhBz5o2xgOhAF2T4E7HesClRmQhpxBSFYiDwKMcp1vaKSVvzEwBiFZ4sv7n4B74LjvHZTl0APO3NN6NTj6oGlUIBBJPAC8eF__8jLv_X3nq0NwjicYPWOYcEhZXMZy7kw7jJFB1cN0G5s79-0eqem3HtsCoML3YuNkFFVVbD1S8VMqHHCk6sGjk85KzzkOoUNPjdxgBYAE&cry=1&bundleId=

Request Chain 96

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

134 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
animal.meogamehay.com/ 57 KB
13 KB 646ms
546ms Document
text/html 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ee96157035ca2c12237752548ca5b28ecc4f3f83c4dad483e5333bfbf289010

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 83c72550ffefd9bd-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 04:44:02 GMT
link: <https://animal.meogamehay.com/index.php?rest_route=/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3c1t59qVAhGUwW3R7KUF2EIgcMMK1hvjVz4O4vOpbNrWdKRf3q19o0U8g3bEBG4q2eDJYwfdAtKRWbbtWuTXTlvCVGQmsA0%2FRbeeCN%2FGJnY9l4Oiimc5S9qb%2FgnVfTq9N8C7hWl%2FqsIwLPnYoIo%2BFFecYo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-litespeed-cache: hit

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 247ms
96ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5431908161009251

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe6bd5ed8e4b90a17e5ee59bc5949f68bad22de5c5fa236ee97c25faa56d40f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Origin: https://animal.meogamehay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51257
x-xss-protection: 0
server: cafe
etag: 8256201593263747081
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:02 GMT

GET
H2 200 style.min.css
animal.meogamehay.com/wp-includes/css/dist/block-library/ 107 KB
15 KB 50ms
45ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 02:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179091
etag: W/"1add3-6588e868-18031c;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kn67wTaBkIHIrMCQ%2F1OROff%2BWw1o%2Fi1uNoxGOXQ5Ug1WOBEKwdY9hHr7oHonyH%2FHlzmQ5HHdpFRJ%2BN7PsACWN1x8O%2FWBg1auzjmw%2F9%2FIPDuwcuAnsmC7bGjyqGu0EiOFY21jGiyEgepV4pAJWPnU1VOMPuc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547af7d9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 02:59:11 GMT

GET
H2 200 base.min.css
animal.meogamehay.com/wp-content/themes/jannah/assets/css/ 41 KB
9 KB 53ms
49ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40047
etag: W/"a3b0-6588ff94-17f6c0;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRkJv98VO8kMNiZUIdGqPDuynL1yDmoi8Ayd%2F1IzmiW3jBcTHMK8ZPPYGiDBcS7B91IF9PmnY6HAcitC7Gmx5FRcFEGgMRMpeao0U%2BRxIB%2BQfn9EjLCX9H9QU65808ZVaseZpoQdHzqPqjZINbvK1fPeh0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547af8d9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jan 2024 17:36:35 GMT

GET
H2 200 style.min.css
animal.meogamehay.com/wp-content/themes/jannah/assets/css/ 171 KB
30 KB 78ms
74ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40047
etag: W/"2aca3-6588ff94-17f768;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pe3jI7gcCG38N%2BJOUmQ9vJNVah%2FqCG0Zfe27aMF1pUcEuJshg0FcnyC%2BaBPn3%2B1xS22KxY03JW4NcT2OyNaNGqMR0S8kAeIYAJQTyN6T%2Fws1siu7pHdpkrdAYVSWQZW4x479x5tNyNPhDNmOgYGT0n27QF0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547af9d9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jan 2024 17:36:35 GMT

GET
H2 200 widgets.min.css
animal.meogamehay.com/wp-content/themes/jannah/assets/css/ 53 KB
10 KB 51ms
48ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40047
etag: W/"d37e-6588ff94-17f76a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxtuWQx3oWZwS6Pwolck9pxnAGZv6VvtYMyoTZ1%2BNEZwD9zWtD8OcpNpkqnIEj0VFdE7BKSPA49fhyIQoTs%2BoIBkDqa2IwgR9MK3bMXQQBQgTw8AL57r8tJqEgevW6B0KB1O7MClnj0RUy6mZSW0jDd9ydo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547afbd9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jan 2024 17:36:35 GMT

GET
H2 200 helpers.min.css
animal.meogamehay.com/wp-content/themes/jannah/assets/css/ 15 KB
4 KB 44ms
42ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40047
etag: W/"3b78-6588ff94-17f6c4;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xCe9fwu2cTBZPieNChE1YgQ3V9tE8urIY0dEKemm83uyA1aN4ThcVpDqkyjcQYOwi%2BJ0T18yYfQrNXduzBvwCizPauMZgkHiMP3ial2phe7kxBnDUT8dmhmp9oISqsVefid%2BQJp47Owzoh6F%2BNPr4gnYn%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547afcd9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jan 2024 17:36:35 GMT

GET
H2 200 fontawesome.css
animal.meogamehay.com/wp-content/themes/jannah/assets/css/ 57 KB
13 KB 49ms
47ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 40047
etag: W/"e526-6588ff94-17f6c2;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vM3wHIr6YDHMjxAcc5Mh1L50Max8tFVeGYtlDV%2FQDzbPWqIusmN30RQ3ZHya7axnarJmGFu%2BN559%2BTcs5X9EQCFRM2OAXCOCaabM%2B1kdzGsQqgbklpHgk48XOD7kQeBdqTE5%2FKHXhbJgVacBXBMspb%2FBDdk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547afdd9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Wed, 03 Jan 2024 17:36:35 GMT

GET
H2 200 skin.css
animal.meogamehay.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/ 12 KB
2 KB 48ms
46ms Stylesheet
text/css 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/ilightbox/dark-skin/skin.css?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179091
etag: W/"2ef2-6588ff94-17f7a2;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3bY8lKsqV%2FRulZ8Q%2FyKLEJnxYuXiFN71bF8FMez%2BwX1QeQi2PP0anF38vPQHkFFZC2CIf2PouJo0PhvKqZvpAUan1nLj9Kp%2BnsP9aUIVEytNQg9sG8GT%2BdnMyy7emNd8o6xuWqK3xqSNEZu5HfTR9026kA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
cf-ray: 83c725547afed9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 02:59:11 GMT

GET
H2 200 jquery.min.js Show response
animal.meogamehay.com/wp-includes/js/jquery/ 86 KB
31 KB 79ms
77ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 02:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179091
etag: W/"15601-6588e868-180999;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25lyea4qKTDhkgb%2Fo0TGEqwIqJv4%2Fq%2B2%2FPWQ1wHFA4upYNDN%2BZ81tdH7YgHfqJ4XTB0vZ%2FxzuwK1bitlOAflCg45bkxnXdfwAwa%2BcRDW7Yh1pmJvyc6%2BlGky7Z%2BOgSRaIz0SjbCbUoYEdnxGb7oJ8CTMX5g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725547affd9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 02:59:11 GMT

GET
H2 200 jquery-migrate.min.js Show response
animal.meogamehay.com/wp-includes/js/jquery/ 13 KB
5 KB 79ms
77ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 02:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 179091
etag: W/"3509-6588e868-1809eb;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DT89QetEztGbfBZCpDRDVuUQWvz4Z05PdTIuS5Qd9vhVWU05mMc5CUazZVlPSrnzr%2FRDzT9H8Zvx5O6DkiSPyUZ304FyOQ%2Fys%2FIveymv8q2si6CCIwBeuQ%2BTkRj1lRvGjG3yy8VZDDAaykYJRXH3SE%2FhhnU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725547b00d9bd-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 02:59:11 GMT

GET
H2 200 how-long-are-giraffes-pregnant-390x220.jpg
animal.meogamehay.com/wp-content/uploads/2023/12/ 10 KB
10 KB 45ms
43ms Image
image/jpeg 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animal.meogamehay.com/wp-content/uploads/2023/12/how-long-are-giraffes-pregnant-390x220.jpg
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bec5d335ab398f4a684db704b24663ddb703e982df3f0548ba2ba9c707f07200

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87372
alt-svc: h3=":443"; ma=86400
content-length: 10102
last-modified: Mon, 25 Dec 2023 08:19:25 GMT
server: cloudflare
etag: "2776-65893b0d-180b9c;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wD0Tst3RF0D42L%2B%2Fn6vtSSJE8oL8l0hyM4%2Fb7VMQGQUJgbLqQ6CsOUQIugEMtdfzwoDZz44ULNuEBxc2BOchps23qWHkKiZXIFWycG3oO3v3omh6M2u%2Fu1VQafWcRrkeaum1yYh9pTBnmUzu76pt1sGGHUU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83c725547b01d9bd-MIA
expires: Wed, 03 Jan 2024 04:27:49 GMT

GET
H2 200 how-to-clean-perfume-atomizer-390x220.jpg
animal.meogamehay.com/wp-content/uploads/2023/12/ 14 KB
14 KB 80ms
78ms Image
image/jpeg 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animal.meogamehay.com/wp-content/uploads/2023/12/how-to-clean-perfume-atomizer-390x220.jpg
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaf322520dd7c047b7201891400f94981878ee788f5026df32d27e95065b6041

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87372
alt-svc: h3=":443"; ma=86400
content-length: 14099
last-modified: Mon, 25 Dec 2023 07:45:43 GMT
server: cloudflare
etag: "3713-65893327-180b88;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luwVBqFCWuMYs7uJ05RoUMFE44ZbBuBxYiy9NA25Mbwn1ipxmHKdsmpRcSov%2FJNW7BMs86qXc%2FYw%2BgLFBB4rxgplZyty7gGL%2FPNNfhe8b7qrmhVyqqQCUlbUAslhZu2EfcMvEJydkgaXF%2BxLJ9HnwyYqAts%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83c72554ab27d9bd-MIA
expires: Wed, 03 Jan 2024 04:27:50 GMT

GET
H2 200 how-elephant-walk-390x220.jpg
animal.meogamehay.com/wp-content/uploads/2023/12/ 16 KB
16 KB 79ms
78ms Image
image/jpeg 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animal.meogamehay.com/wp-content/uploads/2023/12/how-elephant-walk-390x220.jpg
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a739d1355b8e33556dab1c870268a5a85016ead0e43541bdaa84c8828ce7ab2c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 87372
alt-svc: h3=":443"; ma=86400
content-length: 16458
last-modified: Mon, 25 Dec 2023 07:44:15 GMT
server: cloudflare
etag: "404a-658932cf-17fec2;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juIamWCKLQA%2Fg7VE%2FzxHVsjHq4FsV2XDX5pvyXSLV3OMS6Xb8dNyQx6%2FmwY82RgVKbgJldI68BG%2FHBhCq672zvn6daXkwkY4Q4ZItJBwEYqb8pDVVBShzk1ad3fbeb%2Bl8Jxewf28FKpL%2FgJ3LnL%2BUkxQ8lA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83c72554ab28d9bd-MIA
expires: Wed, 03 Jan 2024 04:27:50 GMT

GET
H3 200 scripts.min.js Show response
animal.meogamehay.com/wp-content/themes/jannah/assets/js/ 22 KB
7 KB 77ms
76ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176568
etag: W/"57c9-6588ff94-17f869;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p21lSGI5bKQ5Fa6b33CMqsX3omuGesNuFnbOkZ5oYcsHqNVoOpYxbxFR2bDYku9lUvWKegfYzEw1ximRbyx8ejRiYiNcEDw36kMktSR8TcYUUAPEywE%2FuRfWbc%2BU3d3QPuXwdlq20GtAcPFfMarivlNFpRA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725552afdda87-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 03:41:14 GMT

GET
H3 200 lightbox.js Show response
animal.meogamehay.com/wp-content/themes/jannah/assets/ilightbox/ 80 KB
26 KB 44ms
44ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176568
etag: W/"13e0f-6588ff94-17f7ba;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oMlACq3AAi%2BLVBBfF5MWxR%2FR44%2BYpmcmOLZRIYTUlVnvO4Gv4yLf75cIoP6S7bSTJRR5elJgFuOYyJ4omkQo6uaqmkH4KBiUz2p9%2BRPocEQafokO8NjNqV3edkpd3Rg%2BK7fNbnoqKLoPWk3oBRBjzOfrYoA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725552affda87-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 03:41:14 GMT

GET
H3 200 desktop.min.js Show response
animal.meogamehay.com/wp-content/themes/jannah/assets/js/ 16 KB
6 KB 97ms
97ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176568
etag: W/"4198-6588ff94-17f85a;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zhj2BGmHOSI5aBjkfAEJjk%2B27jJsHY5rBfb%2BJYbrPZD4o%2Bx9q9l8%2Fp8v5gnWhrbXVOYJMSY74JytFrP2aY%2BqgrH87byL4yl3sm%2FVwl6%2FBtEdUYB8lvGY6KSgh6DQx5NmyuxERdDYtAohjw7Rfh1g%2FtFGxes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725553b13da87-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 03:41:14 GMT

GET
H3 200 live-search.js Show response
animal.meogamehay.com/wp-content/themes/jannah/assets/js/ 14 KB
5 KB 98ms
98ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176568
etag: W/"3909-6588ff94-17f866;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bodZz1p5cHJL1qYmX8BpBzVZgsGSxfd9X4CvEc63WBcvV40HnjrXdeGcU2l2%2FjIK1Piabimli3Ff1NB%2FhZDcnmcNFuJAcRwUFYHQo9pVG7h0UpEY%2FBV8pm3dPCv9KUHeDqU%2BmA4uqE7ih3hbxp%2BVBRnR%2FBY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725553b17da87-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 03:41:14 GMT

GET
H3 200 br-news.js Show response
animal.meogamehay.com/wp-content/themes/jannah/assets/js/ 5 KB
2 KB 99ms
98ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.9
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176568
etag: W/"15da-6588ff94-17f858;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mx%2B%2BVraqJNbON4mmpVp9MGqSUyWJklc62dyCTs7NqCDkYpJ5tma8ECTB33oRMQE9VLQbsh8w4i0PQ%2Ftcj9MCcmhf%2BfuFV9EyJAhtRF57vEvQJ77eOsm7G%2BRA0YyrEWivvsnz058096Qsv9RRf3T19DNyx%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c725553b1cda87-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 03:41:14 GMT

GET
BLOB 200
OK 715278fb-ebb9-450f-bdcf-51577d6d89f1
https://animal.meogamehay.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://animal.meogamehay.com/715278fb-ebb9-450f-bdcf-51577d6d89f1
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 tielabs-fonticon.woff
animal.meogamehay.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/ 40 KB
25 KB 538ms
538ms Font
application/font-woff 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Request headers

Referer: https://animal.meogamehay.com/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.9
Origin: https://animal.meogamehay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:03 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 25 Dec 2023 04:05:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"9e58-6588ff94-17f77f;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fr52oJY7XUROv6R5zpZ5SfwdIHxWEeP41mXidxyCxhQfCGQBYdqy%2FMzMgQ6qStrnx%2B0RL%2BbRyCBSitUfVPsxgH797Fta5NDEN1HEFpxmo2Ua9elS2bY1K%2FnGgOfprd1pSNwuEinAGExRVw0dILi3uKPEXbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
cache-control: max-age=14400
cf-ray: 83c725555b30da87-MIA
alt-svc: h3=":443"; ma=86400

GET
H3 200 how-much-is-a-dragon-lizard-390x220.jpg
animal.meogamehay.com/wp-content/uploads/2023/12/ 19 KB
19 KB 61ms
60ms Image
image/jpeg 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animal.meogamehay.com/wp-content/uploads/2023/12/how-much-is-a-dragon-lizard-390x220.jpg
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e92ad6a7a03dec0e576421a7ba475217ab9821c800109899767f80f5ce82d35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176531
alt-svc: h3=":443"; ma=86400
content-length: 19284
last-modified: Mon, 25 Dec 2023 07:23:06 GMT
server: cloudflare
etag: "4b54-65892dda-17feba;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eSH%2BRX7STEhNQtEC3u6Td%2BxCIoiLHZJof4xfhAp7%2B5CBbmX13P3tsqN3GrwuwMgdRQ32hK%2BzlrbFafzKOJb5O4D%2FhJnK8E10frxWXJ0IAc11UuZQpnKtTpBEoCA%2BwhQzyvrn4vfEv0UFmjjhRUfFi5GZu4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83c725557b69da87-MIA
expires: Tue, 02 Jan 2024 03:41:51 GMT

GET
H3 200 sneakers-for-office-wear-390x220.jpg
animal.meogamehay.com/wp-content/uploads/2023/12/ 11 KB
11 KB 61ms
61ms Image
image/jpeg 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animal.meogamehay.com/wp-content/uploads/2023/12/sneakers-for-office-wear-390x220.jpg
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6dee243e3a4adad667bb95f88237bf7dfabf3dfeaee96eca04ad69b73a97d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176531
alt-svc: h3=":443"; ma=86400
content-length: 10843
last-modified: Mon, 25 Dec 2023 07:19:01 GMT
server: cloudflare
etag: "2a5b-65892ce5-17feb6;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CAUd4sqms2tAtTzST30xgm7LjHNqMm8%2FhrjD5l5Y59JLIGPpuGOaCQIHU4JllyPhZOOeEJElm1SAX65%2FUiBtiosaRLHE1OQeXGi4uMtO4VjyioTy0%2BbiMliM1kYKiT5RSzWOoyBtl08ohSNN0%2Bu0Rppz2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83c725557b6ada87-MIA
expires: Tue, 02 Jan 2024 03:41:51 GMT

GET
H3 200 dolphins-depth-chart-390x220.jpg
animal.meogamehay.com/wp-content/uploads/2023/12/ 27 KB
28 KB 90ms
90ms Image
image/jpeg 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animal.meogamehay.com/wp-content/uploads/2023/12/dolphins-depth-chart-390x220.jpg
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0988eed26a2cefe5ad967b9362e853d490196b9041614b8729b54138cd1bf57

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176530
alt-svc: h3=":443"; ma=86400
content-length: 27802
last-modified: Mon, 25 Dec 2023 07:15:38 GMT
server: cloudflare
etag: "6c9a-65892c1a-17feb0;;;"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gmy70HMfjen9eXfF1rcuZVdIAR6H3590c5M8mZb%2FHVx6HUMW0VRzfMflMKHnhO6Lkdr%2BHX6bglI1vaHudtC%2F8j%2Fz8lVu5YYCqs%2FJ8EuObHGuVK9xT2nCbTnZx9x%2B1rwK%2BRXlAscNTUYjn0tTZev%2F%2FPqrf6k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 83c725557b6dda87-MIA
expires: Tue, 02 Jan 2024 03:41:51 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1/ 13 KB
6 KB 198ms
64ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:59:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 139460
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 13:59:43 GMT

GET
H3 200 wp-emoji-release.min.js Show response
animal.meogamehay.com/wp-includes/js/ 18 KB
5 KB 42ms
41ms Script
application/x-javascript 2606:4700:3033::ac43:85d1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://animal.meogamehay.com/wp-includes/js/wp-emoji-release.min.js?ver=6.4.2
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:85d1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Dec 2023 02:26:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 176566
etag: W/"4904-6588e868-1809fa;gz"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S%2BgdZ0qTjd3cUDq%2BCJrBVrihDO1ImnFGYVSNrLOAwsIDXaa%2F7rtZN2iPayDE4rv0XB7B5Ck2cvbgrSdeHCZtmWOaHWw5s5iRWQgSq9a6sDm1bid0qlJP9ccDji0mCLXzZ8qa8XOQ6hyqL6vYxFMJcYt6MAM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
cf-ray: 83c72555ec0ada87-MIA
alt-svc: h3=":443"; ma=86400
expires: Tue, 02 Jan 2024 03:41:16 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 241ms
114ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5431908161009251

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:03 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137916
x-xss-protection: 0
server: cafe
etag: 1916131603004031834
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:03 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 2B1B 9 KB
4 KB 197ms
63ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5431908161009251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 11926
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 01:25:17 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 01:25:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
902 B 212ms
78ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

188d321da52decd5b8a5c92b29c10badb5c8ded9b9f45f802ee6b64bd8d6a564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 03:58:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:44:03 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 196ms
63ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://animal.meogamehay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 10:01:47 GMT
x-content-type-options: nosniff
age: 67336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8000
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 10:01:47 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 8 KB
8 KB 203ms
71ms Font
font/woff2 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,regular&subset=latin&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://animal.meogamehay.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:58:03 GMT
x-content-type-options: nosniff
age: 121560
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 18:58:03 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2545 573 KB
108 KB 1226ms
1225ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5431908161009251&output=html&adk=2969136045&adf=3689892565&lmt=1703738643&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_l%7C188x810_r&format=0x0&url=https%3A%2F%2Fanimal.meogamehay.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703738642973&bpp=3&bdt=361&idt=395&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=319231132275&frm=20&pv=2&ga_vid=1658447084.1703738643&ga_sid=1703738643&ga_hid=700892302&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079758%2C31079980%2C95320884&oid=2&pvsid=3490638409845107&tmod=553644559&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=416

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99cd3d17e58005e404aaf93de2e832fa6ae1e8776a339099ea1174ae410fde6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 110619
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:04 GMT
expires: Thu, 28 Dec 2023 04:44:04 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 96ms
95ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a566ffa5bea2d58775d52faf7982f2a312ed26c9e668c1320486b0bc01cb0b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12288
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 114ms
113ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56000
x-xss-protection: 0
server: cafe
etag: 5801105394885294221
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:04 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 298ms
159ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame F79B 9 KB
4 KB 64ms
64ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 5CAF 9 KB
4 KB 64ms
64ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame AF4B 9 KB
4 KB 64ms
64ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 291E 9 KB
4 KB 68ms
68ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 2567
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:01:17 GMT
etag: 5585625838579639069
expires: Thu, 11 Jan 2024 04:01:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame F79B 4 KB
767 B 80ms
79ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 03:51:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F79B 205 B
520 B 216ms
80ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:34:59 GMT
x-content-type-options: nosniff
age: 122946
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 25 Dec 2024 18:34:59 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F79B 604 B
695 B 258ms
123ms Image
image/png 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 06:13:40 GMT
x-content-type-options: nosniff
age: 81025
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 26 Dec 2024 06:13:40 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F79B 16 KB
7 KB 70ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:54:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10165
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:54:40 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame F79B 22 KB
9 KB 75ms
69ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:20:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 20:20:02 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 5CAF 9 KB
4 KB 187ms
80ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 21:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 21:56:15 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame 5CAF 11 KB
5 KB 253ms
147ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 13:05:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5CAF 14 KB
1 KB 80ms
78ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 04:11:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5CAF 2 KB
903 B 109ms
107ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 5CAF 23 KB
9 KB 109ms
108ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5CAF 3 KB
1 KB 121ms
119ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5CAF 20 KB
8 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 14:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 14:00:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5CAF 203 KB
65 KB 238ms
101ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 5CAF 37 KB
15 KB 227ms
123ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 13:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 13:35:33 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame AF4B 9 KB
4 KB 242ms
141ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 21:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110870
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 21:56:15 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame AF4B 11 KB
5 KB 256ms
155ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:05:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 25 Mar 2024 13:05:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AF4B 14 KB
1 KB 88ms
87ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 04:30:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AF4B 2 KB
856 B 151ms
149ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame AF4B 23 KB
9 KB 151ms
150ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AF4B 3 KB
1 KB 163ms
162ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame AF4B 20 KB
8 KB 119ms
118ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 14:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 14:00:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AF4B 203 KB
64 KB 394ms
262ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame AF4B 37 KB
15 KB 260ms
161ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 13:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 13:35:33 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D8CB 624 B
246 B 92ms
90ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARis1cbbATAB&v=APEucNWK4cS-NlYfTmj8GjtQcg5-E9SLwkgf3QAFSPVA1ci63wVxjYza7BQrIpiOOyA-ANFWl-vcvkKwFWEehwa5hjkGPFRDSA

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
expires: Thu, 28 Dec 2023 04:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 886E 89 KB
31 KB 115ms
114ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1278205/67951302/xbbe/creative/ Frame 886E 264 KB
80 KB 193ms
63ms Script
application/javascript 72.44.46.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1278205/67951302/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFaPevS7e680YqKGaZXthZL67uxU8GLwnn-TIFPJ-SlAeinQn9qR_bssv9AoZjjtPPvQX3uOzH0XQtN8ovk-Xg1L1qFxtdpk6hqj4SyRUAoCZ_4NNxbI1-XiwvPsypqd88OT6TrWeneaKbr0YZS3srPZIvM0MRH97aDiLoKaJikc8kh5SbVAMtU10V_Vfz8GgCYLIJMmRnVqzBRNQaIulVD8lEPuSpiJ891Ul2SSA9icURqq6LINz1SRphuqyhNsLcPxKKNZD1p3q3SIlQHt7HooNa6cUZLP6LjBajKpdRe3Tj957Iaamc7oIvsN58-DhJ_-A7y6RzAJj6d4ueHjMUkAfDlCdwGdsmNSbp_yJCugddpZOa7OXnelOEhmZm4xmO4u4WR1JUAnAfcY4e8gGi7qgUw2y0XJoN0C0fSBCAcp1IeFGRTM5Ds6XyHwZJ0jTyuVBxfeBaPBisXcufVycc8itTVEa23o1Ay3i_xNam7l-kyD-8mYiHAkduJKt-sfmNfpTNimzhnvw8sPX_PUzN58uO13RRsivbtdKdZpCnUC40EL23rnr-HxInHxIOg7O06-hSgV5YBKaOpPUWzf1lXGIzqIHAM7-GzEfXE2oY-7bYazmgjvDVDlNYtvBhx3sIc-c8LDpCK4gRQxxg-nl1ZDNQYQsth7uXwkgzKgBIpPEvwdtNfFWldtaO7oOGiP2VJeJ0P58DW_PfWBEB9X0H_t3zSxyZbQtuigcAKuQfmfjzZqSQgJcV0otXgNRqj5CDcJXkczPHHYJ68nn76jqWOUp1uxab8Hf9xpjv6oU-IET0S0Do7oD4Z_c-WBLgOX_NLb-q59mQW8qt661SXfgAQu_dDfsZ3P5wSfYTK5Y-ndUsz-BjEIza3s9--I-YvtvfVMXXn-8rbhJXjCgJ1mY-VkNfm1gfj-hcMQowmLKahGVTXNh021Am5vrE5xgr2wIi-3JRT2qJWEcATIY_hGn0527l28syA_Uoia9-_PAQ2lQDIxMrBEJ3FoqJPDKA4FwfsuumNRTueHEMRu1Ib09YIdDGnkm1M-7TK7rxcxnqIECAiiESb1uVsdK2GVKlGTJ5yaRbKzmnQmANVnEM6aWQ-tcrTrZQuTDzs6Q7cKU8U4yDcLuu6ZdA1lm4f948L9jtEof1TwfxWMnYk28Flg0VPlWQjOOfbXvwgejdCoP3dymLDC58-n3BByzZG28ubvb4y_rLcJDHzsT3JL0051fznapGRCDel6equMmhxpvqpoKyAG4deUkeEFHwmgOgDwRRlGqWMZUQGQVmEPMculvl-9FyF2pBnTQtUg4V-AadjWPS09X6sC0YlZyQlkew1LbHZHWr_-BnJzKH0uwQQSe8vsaB3HQHRgCtQ0SMi3SzJeiNdG4MgfqAdBXHsmYcw3hZaRFiRuTgnOIzvr2qmuQA69SgQzM5UPL9Pf8vVh7pV4p2ncs-kaEod41DMOZPiqVaqtkDOKp9zgivWGAfmB4BiPehXrHoKa4EeX9oPKqfZyTfN9-zuhLS3E24piGSsKYwczRWUfLCno91IkQcTtXgtSfHtiDLzSX-9Tn81WzVk_MJ_ABBAODD8TyHvQJubvjUTyv8V80GBmWJH5zXBBz6l_mNn67fcEqjQbhqyfiHuSbyj02sgP3ZShZI1UyJMcZW0lzod-2qN5UacnL6Vhlz6tZYN87E3BoF3KA_HiYHBcyZSszn8xYKVOd_utvpEtmeYq7EhNqmE3RJHOEHXXESLcZAEGpPt2S8L7t6-3tTDcoEwN8GOrp3avDrEct05lbpycAjVqA6p9RNv8BoUJuNIfNLynpbCqwl-Z6NC2en0ars68eW488-43iumtDGH3gtdyQd-VCKPDrLOgGybQIrDcVQj6florkzVi1RJ2t6ebQEX5uR5WpWg5luLMC_wiDXDSyY3qypumUEUAoAky-Ii4F77Hy-mPARMB5COxzDrdbrThpUWnkfc_CA85wsnAoFkDXvHIOmQ5DqA7DUKXwVnrt5Lv2j2zEgMILjezIOiyTWXRHjPLSDFSQzVV2YDe3vLlKZkWsCS4vEdPb6LhRBMQicyVqs8ZGoFYxQt_5_OAqdf0rSiaRsC7g6IU2rJNpVDWc5Qb1MLibXaLuUv2fQNB3bSfeyRc4so3N6ttv5YQ2ANTPHRki0JXt6MB03A8ypTdWlcnkS9R540Fyvg46P1v82kaR8KLifjFw0FKKs0M0AxLagdZGJi-PgjdA19IekqmDXvHewwKd6yPo9iF-zF32ZLcPt3tax8BD1kClAG_WpftUiu1LQBW7VOtJlpRcsc2KfYmpJj25flN2of-_rzbYKV2jnYZ5PU5R9QCeRap4kHARzfCtS7x1AQz0_2vQWZBMAPvG9RFNngvrFjXgd1iquWNhtOzvm7uNNL-wY8EL1QadclEmqfPteqGLE4DWRJE1C-NDHaoY-WZnT3bpDIW1EQWbDVDGEEOUdA-7fJs8hoQydU0QMNPkbo4mM_zcZLexR0FJV_uA5z4lQjCeXlHoCbGn_-3AHHikyDNZDSwrdFHwWP-kwmaJPDIm-60fcKtwVl3t3qg1a8J8CFqmkzrqPAiXzPDW4W-j7qWJ-1-IvtECFhdQR8U9oPsicS4B7TcmVwiKIT37qd_RCtTlnB8olLafldxSYPh_ASTLcGX5E5TJeTG1MmXJAcyn3kHGZber8Zb28Q6e9bXOEMY8fSzIWuhMFQDGCGVhIhxYiSD6XGOLCF6ZOMTd9sj7tJ-yxrQ-b-mGUINKprSO-grIydBoAHxFnUweEB7iUYinYRqqfhej3ooRSLdZAaxGtFAzHWEFqY23u1i_mVbGW79mvY_tN8H1Yx8O2zOKtpOSWiYgG6e5OEPzTlmloIV4jyAxY4DHMbM7ZtdOqBGly6KbEMfSdvrmabuCPh92ZRY_zoRJNbB_EvtGBUl_fFWTYQMQmAA2UiFq38MwqPhPVoKz0FBq9ejFXB1e9Ab-xZM8w1gypcuKtiPXF6D6WrEaZRIV4QvDZj5wJSFO75lEhQ8uM5j_NzMH7BbvFhEpT4UA0qNcWFJ-pRwNvBpSWDv3aQ6YSDJz46pFZYNfYJyBJoeYl5RL7MIdxj2So-LE1tG-RfaGvIKXJuIkia6bt_cHqU_K714wtdK_BvnQ217L44TNHBeW7MkxL8KapVDoKgBZnsG3qrTrIzsv7lAXTcpi3k2ngTE-9qI6r_uXDYR6Qslt74VO7EwCr1FBtY8tfD3XDZZeYfa0emO-ceFJgPowEDh1fe-eejd__JXcTb_Mz2BYz9vjhlbsePKLQJLQfiio4IX4CAdX-RNpoqcWqmVNRAtRMuEQyYMnx_iq8w62fdq8zA6L4G09iWjHZSEsREuwxEiYvpkFpLye3o_p8vtSSjRvXnQaYb7G_N6ZyFSJjXuHUUU6JRHFfato4S-GPQJq55IQM9uxZCDnQkO4cBdsFArsaOar8JNOZfOUjgM2whrzX9nHkp6lPwPmS7Ya-QZNKccVUI4aF9E7AHngEROUhOOCeMvVR08e9pvTkXDFBMmS9ojl-zyTQgKrZ6B4YHPy5_-Aplq5p8OGtDqSaXNKLAlu_BuYhBaccU0RAyGYJs9ftE7HUwndUWgqdP-vEDwtpcqaMgd0aNm2CUdXH5WlKimTTz4rxZItBUHLSIqUj5VqllJd9iwQpriMUojDcxFKX5Vjj8slFTWnhfjhBz5o2xgOhAF2T4E7HesClRmQhpxBSFYiDwKMcp1vaKSVvzEwBiFZ4sv7n4B74LjvHZTl0APO3NN6NTj6oGlUIBBJPAC8eF__8jLv_X3nq0NwjicYPWOYcEhZXMZy7kw7jJFB1cN0G5s79-0eqem3HtsCoML3YuNkFFVVbD1S8VMqHHCk6sGjk85KzzkOoUNPjdxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1009767980&ias_pubId=pub-5431908161009251&ias_chanId=1&ias_placementId=19085213996&bidurl=https://animal.meogamehay.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h3Fbt4fsN7birSGx97chXz
Requested by: Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.44.46.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-72-44-46-92.compute-1.amazonaws.com
Software: /
Resource Hash: 5d48f9597d53ef2d2cfdf6fa413dd2b5f14bb6b14492b82f4b5792349ccf4737

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 886E 3 KB
1 KB 149ms
147ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 886E 20 KB
8 KB 121ms
120ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 14:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 14:00:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 886E 203 KB
64 KB 389ms
273ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 886E 42 B
63 B 83ms
83ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AMBLd-sDt7uGqWkO8FmjAE2y2lTkqrQRvNLpDtBwNo2oN-O2HMhCguYKVI-xpV96O_Go4END9b0vLrrC_g1SerS4QV8MGcsyyosXjdj693QWL3LDc

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 838C 14 KB
1 KB 80ms
80ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 03:17:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 838C 2 KB
856 B 98ms
98ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 838C 23 KB
9 KB 99ms
98ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39E4 143 B
166 B 65ms
63ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:23:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 838C 3 KB
1 KB 111ms
110ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 16:11:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45136
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 16:11:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 838C 20 KB
8 KB 105ms
104ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 14:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53017
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 14:00:28 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 838C 203 KB
64 KB 273ms
211ms Script
text/javascript 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65731
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Dec 2023 04:44:05 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 838C 37 KB
16 KB 92ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 13:35:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54512
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 26 Mar 2024 13:35:33 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D8CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1

43 B
772 B

90ms
90ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARis1cbbATAB&v=APEucNWK4cS-NlYfTmj8GjtQcg5-E9SLwkgf3QAFSPVA1ci63wVxjYza7BQrIpiOOyA-ANFWl-vcvkKwFWEehwa5hjkGPFRDSA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLyjHAxGmXbRA%2BZT6GDN63sTtuO95KWHbkaJEb8qjnU8gHez211miQZWJkXL%2FhdMQKnoFPBcEkvtvQ9NIA9ewtFk%2B8ngHHvILYP4gOYmVqt6np14iTKUDDGF5CAVQF%2BLN39ZmxaWzWp2ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c72565be06dae1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D8CB
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZYz9FaCOJTIqdPUcV5UuvQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1

43 B
741 B

74ms
74ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARis1cbbATAB&v=APEucNWK4cS-NlYfTmj8GjtQcg5-E9SLwkgf3QAFSPVA1ci63wVxjYza7BQrIpiOOyA-ANFWl-vcvkKwFWEehwa5hjkGPFRDSA
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BuYlA6AQQjW%2FD%2FtRfovDsMSO6ShDNZI1bcUUJb5YMvvJGV4wuT2aFs%2FU0Herg9P%2BUWi7iXtI%2BtFkrkj9TVr%2BVJ0ThBFsnfQZUQuJTTHPCwqE5tEAnbMPVYUvYIrgbYv65%2FUnIQNqkaowew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83c725669f1ddae1-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHrdgru1iuukc4xfLVr6k-s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame D8CB
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHvvHadYmvngmkV3rgfKumI&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHvvHadYmvngmkV3rgfKumI%26google_cver%3D1

43 B
889 B

78ms
78ms

Image
image/gif

68.67.160.137
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHvvHadYmvngmkV3rgfKumI%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICj_QEQvcn-ARis1cbbATAB&v=APEucNWK4cS-NlYfTmj8GjtQcg5-E9SLwkgf3QAFSPVA1ci63wVxjYza7BQrIpiOOyA-ANFWl-vcvkKwFWEehwa5hjkGPFRDSA

Protocol

Server

68.67.160.137 Jersey City, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
an-x-request-uuid: 5aed2150-24a7-4702-983f-65807910f3aa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 38.132.118.69; 38.132.118.69; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
an-x-request-uuid: 3570bed2-9c81-4f8a-aebe-c25304ff1f30
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEHvvHadYmvngmkV3rgfKumI%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.69; 38.132.118.69; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D8CB
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDI5MjQ3NDYxMzc0NTI4OA%3D%3D

170 B
243 B

78ms
77ms

Image
image/png

142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDI5MjQ3NDYxMzc0NTI4OA%3D%3D

Requested by

Protocol

Server

142.251.32.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
an-x-request-uuid: 9cf550ca-78dd-4e86-80a2-05c39c4e2444
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY5NDI5MjQ3NDYxMzc0NTI4OA%3D%3D
x-proxy-origin: 38.132.118.69; 38.132.118.69; 639.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 886E 0
20 B 83ms
83ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6775140540902&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 886E 0
20 B 84ms
83ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6775140540902&version=m202309260101&ct=76&x=1&cor=4281261926723072000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 886E 16 KB
12 KB 111ms
111ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3EC-OULa8qxDkV9cdjnbyNLsFXZSRXddazjVEp_izn2mf-UtkbsQv0tZJVhwjUQTuCSvf0Ugnj8YjGVKX13dmVpsbPKFAm30WlLIEGcL1vjJelqxc9E57HWfVDceWiIIoOWTR6IlhfCTneyt2O8A5ZZFmQO3Mnk6NTJhxaOMCPAbh07k&cry=1&dbm_d=AKAmf-Cmq4Vl-PWpH9u9UAoHiiOlUICS22ZrKFspvEp2JKVdQaRinX3HGQaVMRgSqSWDzLTJWYWfZ3OO7wt4xg5l_qTArTDKY0h_1A6C6Ig30jl3lqS1aeCT2MMjpobZ4NbTQn8miQiLsgPAbmFnbOabH6rCicJglQs3tNGgGDHfC89POkVmf20vRIgO2C2YHRtDjDChYDhshYe6oym3mBiur64zRgurkZVDAE_BwTApeLh5e3-MDoa68mknwnH8LIt26PkuqtKdiS7Jf6G9aG_1syR0AciIGMhWbaN-9W0DegJvqLkKtnn7KbbbeY9q7C_6vD405LpDofAYJRTZwYC4AjZQvGSu0RTuY7EYEdqJ3sdeGhm10hYifHhhj-ptK6HyDu3UYtyt_ybupiZgQDPE4jGxyioKgAAcNIVnW5Y9w7IDq08pCexR5VLfn3ASRjTmzVSD5G-qODqwmJ3kfPG-6MZcPnm8p3DjEXIVjLeQ_qBML7Sj0tLOI8vRJcQAnIpKrThQM8bUtNeRoihbuHRNG7pbcTI6tNbLHUEM7u85XEUCtXwnaNQ3mKfcIPgkKFccGHCXqaJQaKgu5akxincHjVipxr7aAAq8I6FTQur06SBjZX-CgaEUptzCNJyeUTucCrGHlGjAlE605FqmEi6WQDaq_tIbrIuBoWxGKQ6jEu4cKcuvHPWWRPvykbBq4YcMgF7FtTcVOgj9qBvr3TvPxxu-WkZzFVpBfYVIXUHAmHNWhSECbTJri68WUzPgF_lp6lVn2fKpb1j6CwGOWqNt0Tnda0NC_GA0505RrGa4f2yhsV8ValNXp-TSpdXoACZYaDJDp_WRsYBAufNL2zI3pKFznGHqFQ69YER4NVdfXtxNywOUiyGpYY0-Hjb1-cGctQwQ_-8PWoup-6gRS1V4RCjw9Djhhg4W0J0BaD9Op5bJNn3DKCfUehqVlj691aPzXpDzK4AT83pUs8zAo4Noen2SZc2oB-_AndP2sY91zOR8KWH1TiAThFIm0oYn8_ENmRjM6lZWuqYcMiqRK5s6BQtHZlxtwHVz6CECLmsltYVjVYht4xb9lzWtZcExSBZGGDksqhM_d8W4Poy_14EWG2RdiSMU_bHZtjeC-HUYe9MljJPpyLQikwSTQ11NbzO912RqQb0OSnjrG0uoQKo9sRlUVoM0-TF1R6vMd9GZ4U85AP1XdigtMvGs-9K_Z7Bvc7k9E5HmOkEfPwZ23zBgZvr0GFz2_hpjp5Mf2kXGprNXaiB_4iq67H1V8V043qU-9-NkX0pegYCkkgznd_w4qi9a7kdWMeq10dxmk77jjb5-RdSzARSONT0qAAZPasWiJJHHNz-hmEQPe_GA_ltJYSqGEuqgqNJhzFtmwG0O0jMkn2mPrQfla-rnJkY2Eh_qMBvD_YvFsr5pQHnsiw6aElKHeKGorImgldIpy_PZjx9F28Q7n4zeqf7KaCqMSyZWRHYuKQwWUudWdtzJjyvkycoFrF2Vo7IokC4lNdX_SweTaTRHIkJWaYIgREnIDBe8qUTBMVxXlM_cp9zlpUQ0Lmt1PNjWSdRRFLzHVN6FWFF7sAHS5JXkQ6l3pN_tWqtq1ShQUZbRtaSmKqVLH0mMA_rHkrGCM4iIHw1nlTDx0sDfh3y9rAMd7KUO6u7N3I80zle0sB82iLjc7kYFIrOaHO85nVdfL1RaNy1fWtLaRm5cXKfbWeBSioZCMUWyqgOhy0rjddmFEzmeJcZgKtBwvE8GVEfOjzMgqEtLkuhjxqld33jJCHbVYgs7MRVf_9F3hv6tQl8SOYugjFrxt8HbgkEDBiqe4X56u_Jtu2ru9w4QtByo2AaoMcKfdt_C9c1P6AfV-zXVXPp35xULnjT57Rj7SeruwvhHKNgG-Tbg4obFtUXmvI1MK3_8JzqHmSmk6qF_3SbVpWqMWClsu8fyPDqFilMyxwVRAXwMT-Cbjb5ld7nmkpn8-Ko5PxvXqGc_DtT6RiX5Tn26QYIfAcCOCbnG5qnvFVEfJaVjOga1T53Z0Z1GwHD4QlqYSe9BcNFn2p8rfdiMwSLwqzggtHY6vPwNLBz3w_izNDC9BkOGTnpzabbtQRJA7fs1jROFPBWd4DVvAZ6TtFsbw98dV4pCwfJzJzOPFuv2yN9wzW4mNXclvZcfdoyCoINg0OSX56EJw-06dem1HR8Voup9KEsgx8PwoVWX7fGLTHZVBW_hIFUTYuL0YHI1nKabNfOzPt495LhruovlOy-_MfxtqCbM_gAoyqdNYeXVwHXz1tgC2rx7pSo7tu1ry5Rncus60wxoQx1ug2E1abKLgX1XZ3sw7UEkZZvoBubwpW-yIdQ3jvBUJCQB1pkBwXZ83cx4_16V3VBzwyY8mYg1TQbDcUUhPw3eVmBgqv7MIdBPDEY2ad1JQGvdeWn0-N7SV-Ya_AXkCCAF91-5LxHZzVVvXEXWlJxy4v0bi-V01vr2sQo8dyOpOsg5xI_srQtfDUu0MLYJt4T4Qc0r1OASc500ZB0GqEPRwMZzExHw-JFTaVbaQzw2_j9pL4PAaVr3W1GBVfb_mo8nYRDRS9p-6-gmBmbZX3PS1Y_JnKOv2U6dTR6ZJ64pLme29ryWGBAXMbh_sftykNK2nR7KKByoY8zdOyL67NxZjdGt-sTnshf6j1AcJiVPX5ojvhgOcqKpa86O5IJwC4lqyJjsHZ-trqbyLnurZOe9yx5ZDpj-8eHehXWoKYDHY3Rtbvu2em4Ad1gLj_2k2Fq8K3slScFTlcTKc1QqBpqp6fq2nLr9-xeyVBNQllaSVx_OAmjhr5g3_TlGdJoTBzvnFuFjVAz29MDVYPSMdDbEAWl6UL9Z7K7kJK_hMqV7FnUMjAYWmIHPudI6yE4JheXWu7lzG9NHVcyJ_tVrN9Xex_FY_h_ES5jLud-knUZn3mSg26SghLGNRuzVnt-gxyVYa02cHieqjZIvNcPPpQLwNVTpjS4FkauVC3NbwLQ4O9MMWsAlwxiDrUgRDzhV29rqDxiiryOCqNBPwxjZ5R7-KBydb4kYGEUvfQr8L0ZTx5SQOVhDfRaLN81QBuq_rsJ-UUxfTEXXGvqVdoiMYT4QizUqnlnDZ59dT3P9NKNH60tUyIcOfOPLTJzbY5Dc449DDcH5IiBvSUDae4wL2nbF6T31_-FNTVjSononQh2KbC8YvkB57tVTRM6-tjdozH-g2buW-982cM5etzp8pf0rUUkfgwa78R0zIyWCkuiZ2M2OG2aVd-q56T_I8wi1ubbOtp35vaPntyA8utdMh_olmZCzH6I8NHgKE62rZlA2M5PhZZ8_xaUfuMcogWPrFcG06NKD&cid=CAQSTwAvHhf__Iy7_1956tDcI4nGD1jmHBIWVzGcu5MO4yRQdXDdBubO_ftHqnptx7bAqDC92LjZBRVVWw9UvFTKhxwpOrBo5POSs85DqFDT43cYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fanimal.meogamehay.com%2F&ds=l&xdt=1&iif=1&cor=4281261926723072000&adk=1726166463&idt=122&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8598779b58cab55c8480a89099ea2ee8e4d86163f9fe1e08f8c14f9a60ff162

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12258
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EF06 13 KB
5 KB 67ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 53022
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Dec 2023 14:00:23 GMT
expires: Thu, 26 Dec 2024 14:00:23 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A352 829 B
1 KB 220ms
82ms Document
text/html 2607:f8b0:4006:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e26ea2ffecb46340f7350da7a86ab7e168361201ae85edef59ff96f41c136120

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VOhSWyoTLvtdjqzwF9jjsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://animal.meogamehay.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VOhSWyoTLvtdjqzwF9jjsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
expires: Thu, 28 Dec 2023 04:44:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 39E4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

79ms
78ms

Document
text/html

2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
expires: Thu, 28 Dec 2023 04:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame EF06 39 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 20:10:39 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 886E 41 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3EC-OULa8qxDkV9cdjnbyNLsFXZSRXddazjVEp_izn2mf-UtkbsQv0tZJVhwjUQTuCSvf0Ugnj8YjGVKX13dmVpsbPKFAm30WlLIEGcL1vjJelqxc9E57HWfVDceWiIIoOWTR6IlhfCTneyt2O8A5ZZFmQO3Mnk6NTJhxaOMCPAbh07k&cry=1&dbm_d=AKAmf-Cmq4Vl-PWpH9u9UAoHiiOlUICS22ZrKFspvEp2JKVdQaRinX3HGQaVMRgSqSWDzLTJWYWfZ3OO7wt4xg5l_qTArTDKY0h_1A6C6Ig30jl3lqS1aeCT2MMjpobZ4NbTQn8miQiLsgPAbmFnbOabH6rCicJglQs3tNGgGDHfC89POkVmf20vRIgO2C2YHRtDjDChYDhshYe6oym3mBiur64zRgurkZVDAE_BwTApeLh5e3-MDoa68mknwnH8LIt26PkuqtKdiS7Jf6G9aG_1syR0AciIGMhWbaN-9W0DegJvqLkKtnn7KbbbeY9q7C_6vD405LpDofAYJRTZwYC4AjZQvGSu0RTuY7EYEdqJ3sdeGhm10hYifHhhj-ptK6HyDu3UYtyt_ybupiZgQDPE4jGxyioKgAAcNIVnW5Y9w7IDq08pCexR5VLfn3ASRjTmzVSD5G-qODqwmJ3kfPG-6MZcPnm8p3DjEXIVjLeQ_qBML7Sj0tLOI8vRJcQAnIpKrThQM8bUtNeRoihbuHRNG7pbcTI6tNbLHUEM7u85XEUCtXwnaNQ3mKfcIPgkKFccGHCXqaJQaKgu5akxincHjVipxr7aAAq8I6FTQur06SBjZX-CgaEUptzCNJyeUTucCrGHlGjAlE605FqmEi6WQDaq_tIbrIuBoWxGKQ6jEu4cKcuvHPWWRPvykbBq4YcMgF7FtTcVOgj9qBvr3TvPxxu-WkZzFVpBfYVIXUHAmHNWhSECbTJri68WUzPgF_lp6lVn2fKpb1j6CwGOWqNt0Tnda0NC_GA0505RrGa4f2yhsV8ValNXp-TSpdXoACZYaDJDp_WRsYBAufNL2zI3pKFznGHqFQ69YER4NVdfXtxNywOUiyGpYY0-Hjb1-cGctQwQ_-8PWoup-6gRS1V4RCjw9Djhhg4W0J0BaD9Op5bJNn3DKCfUehqVlj691aPzXpDzK4AT83pUs8zAo4Noen2SZc2oB-_AndP2sY91zOR8KWH1TiAThFIm0oYn8_ENmRjM6lZWuqYcMiqRK5s6BQtHZlxtwHVz6CECLmsltYVjVYht4xb9lzWtZcExSBZGGDksqhM_d8W4Poy_14EWG2RdiSMU_bHZtjeC-HUYe9MljJPpyLQikwSTQ11NbzO912RqQb0OSnjrG0uoQKo9sRlUVoM0-TF1R6vMd9GZ4U85AP1XdigtMvGs-9K_Z7Bvc7k9E5HmOkEfPwZ23zBgZvr0GFz2_hpjp5Mf2kXGprNXaiB_4iq67H1V8V043qU-9-NkX0pegYCkkgznd_w4qi9a7kdWMeq10dxmk77jjb5-RdSzARSONT0qAAZPasWiJJHHNz-hmEQPe_GA_ltJYSqGEuqgqNJhzFtmwG0O0jMkn2mPrQfla-rnJkY2Eh_qMBvD_YvFsr5pQHnsiw6aElKHeKGorImgldIpy_PZjx9F28Q7n4zeqf7KaCqMSyZWRHYuKQwWUudWdtzJjyvkycoFrF2Vo7IokC4lNdX_SweTaTRHIkJWaYIgREnIDBe8qUTBMVxXlM_cp9zlpUQ0Lmt1PNjWSdRRFLzHVN6FWFF7sAHS5JXkQ6l3pN_tWqtq1ShQUZbRtaSmKqVLH0mMA_rHkrGCM4iIHw1nlTDx0sDfh3y9rAMd7KUO6u7N3I80zle0sB82iLjc7kYFIrOaHO85nVdfL1RaNy1fWtLaRm5cXKfbWeBSioZCMUWyqgOhy0rjddmFEzmeJcZgKtBwvE8GVEfOjzMgqEtLkuhjxqld33jJCHbVYgs7MRVf_9F3hv6tQl8SOYugjFrxt8HbgkEDBiqe4X56u_Jtu2ru9w4QtByo2AaoMcKfdt_C9c1P6AfV-zXVXPp35xULnjT57Rj7SeruwvhHKNgG-Tbg4obFtUXmvI1MK3_8JzqHmSmk6qF_3SbVpWqMWClsu8fyPDqFilMyxwVRAXwMT-Cbjb5ld7nmkpn8-Ko5PxvXqGc_DtT6RiX5Tn26QYIfAcCOCbnG5qnvFVEfJaVjOga1T53Z0Z1GwHD4QlqYSe9BcNFn2p8rfdiMwSLwqzggtHY6vPwNLBz3w_izNDC9BkOGTnpzabbtQRJA7fs1jROFPBWd4DVvAZ6TtFsbw98dV4pCwfJzJzOPFuv2yN9wzW4mNXclvZcfdoyCoINg0OSX56EJw-06dem1HR8Voup9KEsgx8PwoVWX7fGLTHZVBW_hIFUTYuL0YHI1nKabNfOzPt495LhruovlOy-_MfxtqCbM_gAoyqdNYeXVwHXz1tgC2rx7pSo7tu1ry5Rncus60wxoQx1ug2E1abKLgX1XZ3sw7UEkZZvoBubwpW-yIdQ3jvBUJCQB1pkBwXZ83cx4_16V3VBzwyY8mYg1TQbDcUUhPw3eVmBgqv7MIdBPDEY2ad1JQGvdeWn0-N7SV-Ya_AXkCCAF91-5LxHZzVVvXEXWlJxy4v0bi-V01vr2sQo8dyOpOsg5xI_srQtfDUu0MLYJt4T4Qc0r1OASc500ZB0GqEPRwMZzExHw-JFTaVbaQzw2_j9pL4PAaVr3W1GBVfb_mo8nYRDRS9p-6-gmBmbZX3PS1Y_JnKOv2U6dTR6ZJ64pLme29ryWGBAXMbh_sftykNK2nR7KKByoY8zdOyL67NxZjdGt-sTnshf6j1AcJiVPX5ojvhgOcqKpa86O5IJwC4lqyJjsHZ-trqbyLnurZOe9yx5ZDpj-8eHehXWoKYDHY3Rtbvu2em4Ad1gLj_2k2Fq8K3slScFTlcTKc1QqBpqp6fq2nLr9-xeyVBNQllaSVx_OAmjhr5g3_TlGdJoTBzvnFuFjVAz29MDVYPSMdDbEAWl6UL9Z7K7kJK_hMqV7FnUMjAYWmIHPudI6yE4JheXWu7lzG9NHVcyJ_tVrN9Xex_FY_h_ES5jLud-knUZn3mSg26SghLGNRuzVnt-gxyVYa02cHieqjZIvNcPPpQLwNVTpjS4FkauVC3NbwLQ4O9MMWsAlwxiDrUgRDzhV29rqDxiiryOCqNBPwxjZ5R7-KBydb4kYGEUvfQr8L0ZTx5SQOVhDfRaLN81QBuq_rsJ-UUxfTEXXGvqVdoiMYT4QizUqnlnDZ59dT3P9NKNH60tUyIcOfOPLTJzbY5Dc449DDcH5IiBvSUDae4wL2nbF6T31_-FNTVjSononQh2KbC8YvkB57tVTRM6-tjdozH-g2buW-982cM5etzp8pf0rUUkfgwa78R0zIyWCkuiZ2M2OG2aVd-q56T_I8wi1ubbOtp35vaPntyA8utdMh_olmZCzH6I8NHgKE62rZlA2M5PhZZ8_xaUfuMcogWPrFcG06NKD&cid=CAQSTwAvHhf__Iy7_1956tDcI4nGD1jmHBIWVzGcu5MO4yRQdXDdBubO_ftHqnptx7bAqDC92LjZBRVVWw9UvFTKhxwpOrBo5POSs85DqFDT43cYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fanimal.meogamehay.com%2F&ds=l&xdt=1&iif=1&cor=4281261926723072000&adk=1726166463&idt=122&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 02:48:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93318
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Dec 2024 02:48:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 79E2 143 B
166 B 64ms
63ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:23:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40A0 143 B
166 B 64ms
64ms Document
text/html 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:23:17 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 886E
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1278205/67951302/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86Rtk...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFa...

75 KB
26 KB

226ms
90ms

Script
text/javascript

172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFaPevS7e680YqKGaZXthZL67uxU8GLwnn-TIFPJ-SlAeinQn9qR_bssv9AoZjjtPPvQX3uOzH0XQtN8ovk-Xg1L1qFxtdpk6hqj4SyRUAoCZ_4NNxbI1-XiwvPsypqd88OT6TrWeneaKbr0YZS3srPZIvM0MRH97aDiLoKaJikc8kh5SbVAMtU10V_Vfz8GgCYLIJMmRnVqzBRNQaIulVD8lEPuSpiJ891Ul2SSA9icURqq6LINz1SRphuqyhNsLcPxKKNZD1p3q3SIlQHt7HooNa6cUZLP6LjBajKpdRe3Tj957Iaamc7oIvsN58-DhJ_-A7y6RzAJj6d4ueHjMUkAfDlCdwGdsmNSbp_yJCugddpZOa7OXnelOEhmZm4xmO4u4WR1JUAnAfcY4e8gGi7qgUw2y0XJoN0C0fSBCAcp1IeFGRTM5Ds6XyHwZJ0jTyuVBxfeBaPBisXcufVycc8itTVEa23o1Ay3i_xNam7l-kyD-8mYiHAkduJKt-sfmNfpTNimzhnvw8sPX_PUzN58uO13RRsivbtdKdZpCnUC40EL23rnr-HxInHxIOg7O06-hSgV5YBKaOpPUWzf1lXGIzqIHAM7-GzEfXE2oY-7bYazmgjvDVDlNYtvBhx3sIc-c8LDpCK4gRQxxg-nl1ZDNQYQsth7uXwkgzKgBIpPEvwdtNfFWldtaO7oOGiP2VJeJ0P58DW_PfWBEB9X0H_t3zSxyZbQtuigcAKuQfmfjzZqSQgJcV0otXgNRqj5CDcJXkczPHHYJ68nn76jqWOUp1uxab8Hf9xpjv6oU-IET0S0Do7oD4Z_c-WBLgOX_NLb-q59mQW8qt661SXfgAQu_dDfsZ3P5wSfYTK5Y-ndUsz-BjEIza3s9--I-YvtvfVMXXn-8rbhJXjCgJ1mY-VkNfm1gfj-hcMQowmLKahGVTXNh021Am5vrE5xgr2wIi-3JRT2qJWEcATIY_hGn0527l28syA_Uoia9-_PAQ2lQDIxMrBEJ3FoqJPDKA4FwfsuumNRTueHEMRu1Ib09YIdDGnkm1M-7TK7rxcxnqIECAiiESb1uVsdK2GVKlGTJ5yaRbKzmnQmANVnEM6aWQ-tcrTrZQuTDzs6Q7cKU8U4yDcLuu6ZdA1lm4f948L9jtEof1TwfxWMnYk28Flg0VPlWQjOOfbXvwgejdCoP3dymLDC58-n3BByzZG28ubvb4y_rLcJDHzsT3JL0051fznapGRCDel6equMmhxpvqpoKyAG4deUkeEFHwmgOgDwRRlGqWMZUQGQVmEPMculvl-9FyF2pBnTQtUg4V-AadjWPS09X6sC0YlZyQlkew1LbHZHWr_-BnJzKH0uwQQSe8vsaB3HQHRgCtQ0SMi3SzJeiNdG4MgfqAdBXHsmYcw3hZaRFiRuTgnOIzvr2qmuQA69SgQzM5UPL9Pf8vVh7pV4p2ncs-kaEod41DMOZPiqVaqtkDOKp9zgivWGAfmB4BiPehXrHoKa4EeX9oPKqfZyTfN9-zuhLS3E24piGSsKYwczRWUfLCno91IkQcTtXgtSfHtiDLzSX-9Tn81WzVk_MJ_ABBAODD8TyHvQJubvjUTyv8V80GBmWJH5zXBBz6l_mNn67fcEqjQbhqyfiHuSbyj02sgP3ZShZI1UyJMcZW0lzod-2qN5UacnL6Vhlz6tZYN87E3BoF3KA_HiYHBcyZSszn8xYKVOd_utvpEtmeYq7EhNqmE3RJHOEHXXESLcZAEGpPt2S8L7t6-3tTDcoEwN8GOrp3avDrEct05lbpycAjVqA6p9RNv8BoUJuNIfNLynpbCqwl-Z6NC2en0ars68eW488-43iumtDGH3gtdyQd-VCKPDrLOgGybQIrDcVQj6florkzVi1RJ2t6ebQEX5uR5WpWg5luLMC_wiDXDSyY3qypumUEUAoAky-Ii4F77Hy-mPARMB5COxzDrdbrThpUWnkfc_CA85wsnAoFkDXvHIOmQ5DqA7DUKXwVnrt5Lv2j2zEgMILjezIOiyTWXRHjPLSDFSQzVV2YDe3vLlKZkWsCS4vEdPb6LhRBMQicyVqs8ZGoFYxQt_5_OAqdf0rSiaRsC7g6IU2rJNpVDWc5Qb1MLibXaLuUv2fQNB3bSfeyRc4so3N6ttv5YQ2ANTPHRki0JXt6MB03A8ypTdWlcnkS9R540Fyvg46P1v82kaR8KLifjFw0FKKs0M0AxLagdZGJi-PgjdA19IekqmDXvHewwKd6yPo9iF-zF32ZLcPt3tax8BD1kClAG_WpftUiu1LQBW7VOtJlpRcsc2KfYmpJj25flN2of-_rzbYKV2jnYZ5PU5R9QCeRap4kHARzfCtS7x1AQz0_2vQWZBMAPvG9RFNngvrFjXgd1iquWNhtOzvm7uNNL-wY8EL1QadclEmqfPteqGLE4DWRJE1C-NDHaoY-WZnT3bpDIW1EQWbDVDGEEOUdA-7fJs8hoQydU0QMNPkbo4mM_zcZLexR0FJV_uA5z4lQjCeXlHoCbGn_-3AHHikyDNZDSwrdFHwWP-kwmaJPDIm-60fcKtwVl3t3qg1a8J8CFqmkzrqPAiXzPDW4W-j7qWJ-1-IvtECFhdQR8U9oPsicS4B7TcmVwiKIT37qd_RCtTlnB8olLafldxSYPh_ASTLcGX5E5TJeTG1MmXJAcyn3kHGZber8Zb28Q6e9bXOEMY8fSzIWuhMFQDGCGVhIhxYiSD6XGOLCF6ZOMTd9sj7tJ-yxrQ-b-mGUINKprSO-grIydBoAHxFnUweEB7iUYinYRqqfhej3ooRSLdZAaxGtFAzHWEFqY23u1i_mVbGW79mvY_tN8H1Yx8O2zOKtpOSWiYgG6e5OEPzTlmloIV4jyAxY4DHMbM7ZtdOqBGly6KbEMfSdvrmabuCPh92ZRY_zoRJNbB_EvtGBUl_fFWTYQMQmAA2UiFq38MwqPhPVoKz0FBq9ejFXB1e9Ab-xZM8w1gypcuKtiPXF6D6WrEaZRIV4QvDZj5wJSFO75lEhQ8uM5j_NzMH7BbvFhEpT4UA0qNcWFJ-pRwNvBpSWDv3aQ6YSDJz46pFZYNfYJyBJoeYl5RL7MIdxj2So-LE1tG-RfaGvIKXJuIkia6bt_cHqU_K714wtdK_BvnQ217L44TNHBeW7MkxL8KapVDoKgBZnsG3qrTrIzsv7lAXTcpi3k2ngTE-9qI6r_uXDYR6Qslt74VO7EwCr1FBtY8tfD3XDZZeYfa0emO-ceFJgPowEDh1fe-eejd__JXcTb_Mz2BYz9vjhlbsePKLQJLQfiio4IX4CAdX-RNpoqcWqmVNRAtRMuEQyYMnx_iq8w62fdq8zA6L4G09iWjHZSEsREuwxEiYvpkFpLye3o_p8vtSSjRvXnQaYb7G_N6ZyFSJjXuHUUU6JRHFfato4S-GPQJq55IQM9uxZCDnQkO4cBdsFArsaOar8JNOZfOUjgM2whrzX9nHkp6lPwPmS7Ya-QZNKccVUI4aF9E7AHngEROUhOOCeMvVR08e9pvTkXDFBMmS9ojl-zyTQgKrZ6B4YHPy5_-Aplq5p8OGtDqSaXNKLAlu_BuYhBaccU0RAyGYJs9ftE7HUwndUWgqdP-vEDwtpcqaMgd0aNm2CUdXH5WlKimTTz4rxZItBUHLSIqUj5VqllJd9iwQpriMUojDcxFKX5Vjj8slFTWnhfjhBz5o2xgOhAF2T4E7HesClRmQhpxBSFYiDwKMcp1vaKSVvzEwBiFZ4sv7n4B74LjvHZTl0APO3NN6NTj6oGlUIBBJPAC8eF__8jLv_X3nq0NwjicYPWOYcEhZXMZy7kw7jJFB1cN0G5s79-0eqem3HtsCoML3YuNkFFVVbD1S8VMqHHCk6sGjk85KzzkOoUNPjdxgBYAE&cry=1&bundleId=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

edbfaa14ea3e0446be7b7a869ae57f2adbeec2886deb56460a3639fc37b4c827

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26351
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: nginx
x-server-name: app32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFaPevS7e680YqKGaZXthZL67uxU8GLwnn-TIFPJ-SlAeinQn9qR_bssv9AoZjjtPPvQX3uOzH0XQtN8ovk-Xg1L1qFxtdpk6hqj4SyRUAoCZ_4NNxbI1-XiwvPsypqd88OT6TrWeneaKbr0YZS3srPZIvM0MRH97aDiLoKaJikc8kh5SbVAMtU10V_Vfz8GgCYLIJMmRnVqzBRNQaIulVD8lEPuSpiJ891Ul2SSA9icURqq6LINz1SRphuqyhNsLcPxKKNZD1p3q3SIlQHt7HooNa6cUZLP6LjBajKpdRe3Tj957Iaamc7oIvsN58-DhJ_-A7y6RzAJj6d4ueHjMUkAfDlCdwGdsmNSbp_yJCugddpZOa7OXnelOEhmZm4xmO4u4WR1JUAnAfcY4e8gGi7qgUw2y0XJoN0C0fSBCAcp1IeFGRTM5Ds6XyHwZJ0jTyuVBxfeBaPBisXcufVycc8itTVEa23o1Ay3i_xNam7l-kyD-8mYiHAkduJKt-sfmNfpTNimzhnvw8sPX_PUzN58uO13RRsivbtdKdZpCnUC40EL23rnr-HxInHxIOg7O06-hSgV5YBKaOpPUWzf1lXGIzqIHAM7-GzEfXE2oY-7bYazmgjvDVDlNYtvBhx3sIc-c8LDpCK4gRQxxg-nl1ZDNQYQsth7uXwkgzKgBIpPEvwdtNfFWldtaO7oOGiP2VJeJ0P58DW_PfWBEB9X0H_t3zSxyZbQtuigcAKuQfmfjzZqSQgJcV0otXgNRqj5CDcJXkczPHHYJ68nn76jqWOUp1uxab8Hf9xpjv6oU-IET0S0Do7oD4Z_c-WBLgOX_NLb-q59mQW8qt661SXfgAQu_dDfsZ3P5wSfYTK5Y-ndUsz-BjEIza3s9--I-YvtvfVMXXn-8rbhJXjCgJ1mY-VkNfm1gfj-hcMQowmLKahGVTXNh021Am5vrE5xgr2wIi-3JRT2qJWEcATIY_hGn0527l28syA_Uoia9-_PAQ2lQDIxMrBEJ3FoqJPDKA4FwfsuumNRTueHEMRu1Ib09YIdDGnkm1M-7TK7rxcxnqIECAiiESb1uVsdK2GVKlGTJ5yaRbKzmnQmANVnEM6aWQ-tcrTrZQuTDzs6Q7cKU8U4yDcLuu6ZdA1lm4f948L9jtEof1TwfxWMnYk28Flg0VPlWQjOOfbXvwgejdCoP3dymLDC58-n3BByzZG28ubvb4y_rLcJDHzsT3JL0051fznapGRCDel6equMmhxpvqpoKyAG4deUkeEFHwmgOgDwRRlGqWMZUQGQVmEPMculvl-9FyF2pBnTQtUg4V-AadjWPS09X6sC0YlZyQlkew1LbHZHWr_-BnJzKH0uwQQSe8vsaB3HQHRgCtQ0SMi3SzJeiNdG4MgfqAdBXHsmYcw3hZaRFiRuTgnOIzvr2qmuQA69SgQzM5UPL9Pf8vVh7pV4p2ncs-kaEod41DMOZPiqVaqtkDOKp9zgivWGAfmB4BiPehXrHoKa4EeX9oPKqfZyTfN9-zuhLS3E24piGSsKYwczRWUfLCno91IkQcTtXgtSfHtiDLzSX-9Tn81WzVk_MJ_ABBAODD8TyHvQJubvjUTyv8V80GBmWJH5zXBBz6l_mNn67fcEqjQbhqyfiHuSbyj02sgP3ZShZI1UyJMcZW0lzod-2qN5UacnL6Vhlz6tZYN87E3BoF3KA_HiYHBcyZSszn8xYKVOd_utvpEtmeYq7EhNqmE3RJHOEHXXESLcZAEGpPt2S8L7t6-3tTDcoEwN8GOrp3avDrEct05lbpycAjVqA6p9RNv8BoUJuNIfNLynpbCqwl-Z6NC2en0ars68eW488-43iumtDGH3gtdyQd-VCKPDrLOgGybQIrDcVQj6florkzVi1RJ2t6ebQEX5uR5WpWg5luLMC_wiDXDSyY3qypumUEUAoAky-Ii4F77Hy-mPARMB5COxzDrdbrThpUWnkfc_CA85wsnAoFkDXvHIOmQ5DqA7DUKXwVnrt5Lv2j2zEgMILjezIOiyTWXRHjPLSDFSQzVV2YDe3vLlKZkWsCS4vEdPb6LhRBMQicyVqs8ZGoFYxQt_5_OAqdf0rSiaRsC7g6IU2rJNpVDWc5Qb1MLibXaLuUv2fQNB3bSfeyRc4so3N6ttv5YQ2ANTPHRki0JXt6MB03A8ypTdWlcnkS9R540Fyvg46P1v82kaR8KLifjFw0FKKs0M0AxLagdZGJi-PgjdA19IekqmDXvHewwKd6yPo9iF-zF32ZLcPt3tax8BD1kClAG_WpftUiu1LQBW7VOtJlpRcsc2KfYmpJj25flN2of-_rzbYKV2jnYZ5PU5R9QCeRap4kHARzfCtS7x1AQz0_2vQWZBMAPvG9RFNngvrFjXgd1iquWNhtOzvm7uNNL-wY8EL1QadclEmqfPteqGLE4DWRJE1C-NDHaoY-WZnT3bpDIW1EQWbDVDGEEOUdA-7fJs8hoQydU0QMNPkbo4mM_zcZLexR0FJV_uA5z4lQjCeXlHoCbGn_-3AHHikyDNZDSwrdFHwWP-kwmaJPDIm-60fcKtwVl3t3qg1a8J8CFqmkzrqPAiXzPDW4W-j7qWJ-1-IvtECFhdQR8U9oPsicS4B7TcmVwiKIT37qd_RCtTlnB8olLafldxSYPh_ASTLcGX5E5TJeTG1MmXJAcyn3kHGZber8Zb28Q6e9bXOEMY8fSzIWuhMFQDGCGVhIhxYiSD6XGOLCF6ZOMTd9sj7tJ-yxrQ-b-mGUINKprSO-grIydBoAHxFnUweEB7iUYinYRqqfhej3ooRSLdZAaxGtFAzHWEFqY23u1i_mVbGW79mvY_tN8H1Yx8O2zOKtpOSWiYgG6e5OEPzTlmloIV4jyAxY4DHMbM7ZtdOqBGly6KbEMfSdvrmabuCPh92ZRY_zoRJNbB_EvtGBUl_fFWTYQMQmAA2UiFq38MwqPhPVoKz0FBq9ejFXB1e9Ab-xZM8w1gypcuKtiPXF6D6WrEaZRIV4QvDZj5wJSFO75lEhQ8uM5j_NzMH7BbvFhEpT4UA0qNcWFJ-pRwNvBpSWDv3aQ6YSDJz46pFZYNfYJyBJoeYl5RL7MIdxj2So-LE1tG-RfaGvIKXJuIkia6bt_cHqU_K714wtdK_BvnQ217L44TNHBeW7MkxL8KapVDoKgBZnsG3qrTrIzsv7lAXTcpi3k2ngTE-9qI6r_uXDYR6Qslt74VO7EwCr1FBtY8tfD3XDZZeYfa0emO-ceFJgPowEDh1fe-eejd__JXcTb_Mz2BYz9vjhlbsePKLQJLQfiio4IX4CAdX-RNpoqcWqmVNRAtRMuEQyYMnx_iq8w62fdq8zA6L4G09iWjHZSEsREuwxEiYvpkFpLye3o_p8vtSSjRvXnQaYb7G_N6ZyFSJjXuHUUU6JRHFfato4S-GPQJq55IQM9uxZCDnQkO4cBdsFArsaOar8JNOZfOUjgM2whrzX9nHkp6lPwPmS7Ya-QZNKccVUI4aF9E7AHngEROUhOOCeMvVR08e9pvTkXDFBMmS9ojl-zyTQgKrZ6B4YHPy5_-Aplq5p8OGtDqSaXNKLAlu_BuYhBaccU0RAyGYJs9ftE7HUwndUWgqdP-vEDwtpcqaMgd0aNm2CUdXH5WlKimTTz4rxZItBUHLSIqUj5VqllJd9iwQpriMUojDcxFKX5Vjj8slFTWnhfjhBz5o2xgOhAF2T4E7HesClRmQhpxBSFYiDwKMcp1vaKSVvzEwBiFZ4sv7n4B74LjvHZTl0APO3NN6NTj6oGlUIBBJPAC8eF__8jLv_X3nq0NwjicYPWOYcEhZXMZy7kw7jJFB1cN0G5s79-0eqem3HtsCoML3YuNkFFVVbD1S8VMqHHCk6sGjk85KzzkOoUNPjdxgBYAE&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame BBA3 91 KB
23 KB 241ms
79ms Script
application/javascript 2600:9000:2616:ba00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2616:ba00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 12:59:13 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 15bbb8418d146a7463e6e0b0398eeea6.cloudfront.net (CloudFront)
x-amz-cf-pop: ORD56-P8
age: 10597493
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Hgn6Vz-7NYqaqDBF6HBTfpn_E9xwXmQXRelX-SWUAYLhwvw3S5_NpQ==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 189ms
60ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1ycWg,pingTime:-3,time:77,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:77,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B70~0%5D,as:%5B70~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 182ms
60ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1ycWm,pingTime:-6,time:82,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:82,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B75~0%5D,as:%5B75~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,rmeas:1,rend:0,renddet:IMG.us,siq:33%7D&tpiLookup=ao:animal.meogamehay.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 558C 38 KB
13 KB 64ms
63ms Document
text/html 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 176093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Dec 2023 03:49:12 GMT
expires: Wed, 25 Dec 2024 03:49:12 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
216 B 127ms
59ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1ycXh,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:391,beZ:392,mfA:396,cmA:397,inA:397,inZ:401,prA:401,prZ:419,si:424,poA:426,poZ:454,cmZ:454,mfZ:454,loA:473,loZ:476,ltA:530,ltZ:530%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:139,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B132~0%5D,as:%5B132~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:33,sinceFw:104,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:05 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 79E2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

86ms
85ms

Document
text/html

2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
expires: Thu, 28 Dec 2023 04:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 40A0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

85ms
84ms

Document
text/html

2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
expires: Thu, 28 Dec 2023 04:44:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame C27D 51 KB
19 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 18:40:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A352 0
0 91ms
90ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=3490638409845107&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 68C9 51 KB
19 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 18:40:50 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EF06 0
10 B 63ms
63ms Image
text/plain 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?spjpqQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:05 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 558C 39 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30806
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 20:10:39 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 886E 172 KB
61 KB 201ms
64ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:44:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 20:44:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 886E 11 KB
4 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1278205/67951302/xbbe/creative/adj?p=APEucNUJGOk56WPt1BN4gDKfJ2zMbRis8Riw7p7s-8zRUjTQGCE4cVA&d=CokBAKAmf-AevE1VBTqZxWnzuZgryEq9-Sj-OuUd5L2Hdex484Rp6t4Iie86RtkG1aWsnqUS4tHLREo6_Ets5UZFaPevS7e680YqKGaZXthZL67uxU8GLwnn-TIFPJ-SlAeinQn9qR_bssv9AoZjjtPPvQX3uOzH0XQtN8ovk-Xg1L1qFxtdpk6hqj4SyRUAoCZ_4NNxbI1-XiwvPsypqd88OT6TrWeneaKbr0YZS3srPZIvM0MRH97aDiLoKaJikc8kh5SbVAMtU10V_Vfz8GgCYLIJMmRnVqzBRNQaIulVD8lEPuSpiJ891Ul2SSA9icURqq6LINz1SRphuqyhNsLcPxKKNZD1p3q3SIlQHt7HooNa6cUZLP6LjBajKpdRe3Tj957Iaamc7oIvsN58-DhJ_-A7y6RzAJj6d4ueHjMUkAfDlCdwGdsmNSbp_yJCugddpZOa7OXnelOEhmZm4xmO4u4WR1JUAnAfcY4e8gGi7qgUw2y0XJoN0C0fSBCAcp1IeFGRTM5Ds6XyHwZJ0jTyuVBxfeBaPBisXcufVycc8itTVEa23o1Ay3i_xNam7l-kyD-8mYiHAkduJKt-sfmNfpTNimzhnvw8sPX_PUzN58uO13RRsivbtdKdZpCnUC40EL23rnr-HxInHxIOg7O06-hSgV5YBKaOpPUWzf1lXGIzqIHAM7-GzEfXE2oY-7bYazmgjvDVDlNYtvBhx3sIc-c8LDpCK4gRQxxg-nl1ZDNQYQsth7uXwkgzKgBIpPEvwdtNfFWldtaO7oOGiP2VJeJ0P58DW_PfWBEB9X0H_t3zSxyZbQtuigcAKuQfmfjzZqSQgJcV0otXgNRqj5CDcJXkczPHHYJ68nn76jqWOUp1uxab8Hf9xpjv6oU-IET0S0Do7oD4Z_c-WBLgOX_NLb-q59mQW8qt661SXfgAQu_dDfsZ3P5wSfYTK5Y-ndUsz-BjEIza3s9--I-YvtvfVMXXn-8rbhJXjCgJ1mY-VkNfm1gfj-hcMQowmLKahGVTXNh021Am5vrE5xgr2wIi-3JRT2qJWEcATIY_hGn0527l28syA_Uoia9-_PAQ2lQDIxMrBEJ3FoqJPDKA4FwfsuumNRTueHEMRu1Ib09YIdDGnkm1M-7TK7rxcxnqIECAiiESb1uVsdK2GVKlGTJ5yaRbKzmnQmANVnEM6aWQ-tcrTrZQuTDzs6Q7cKU8U4yDcLuu6ZdA1lm4f948L9jtEof1TwfxWMnYk28Flg0VPlWQjOOfbXvwgejdCoP3dymLDC58-n3BByzZG28ubvb4y_rLcJDHzsT3JL0051fznapGRCDel6equMmhxpvqpoKyAG4deUkeEFHwmgOgDwRRlGqWMZUQGQVmEPMculvl-9FyF2pBnTQtUg4V-AadjWPS09X6sC0YlZyQlkew1LbHZHWr_-BnJzKH0uwQQSe8vsaB3HQHRgCtQ0SMi3SzJeiNdG4MgfqAdBXHsmYcw3hZaRFiRuTgnOIzvr2qmuQA69SgQzM5UPL9Pf8vVh7pV4p2ncs-kaEod41DMOZPiqVaqtkDOKp9zgivWGAfmB4BiPehXrHoKa4EeX9oPKqfZyTfN9-zuhLS3E24piGSsKYwczRWUfLCno91IkQcTtXgtSfHtiDLzSX-9Tn81WzVk_MJ_ABBAODD8TyHvQJubvjUTyv8V80GBmWJH5zXBBz6l_mNn67fcEqjQbhqyfiHuSbyj02sgP3ZShZI1UyJMcZW0lzod-2qN5UacnL6Vhlz6tZYN87E3BoF3KA_HiYHBcyZSszn8xYKVOd_utvpEtmeYq7EhNqmE3RJHOEHXXESLcZAEGpPt2S8L7t6-3tTDcoEwN8GOrp3avDrEct05lbpycAjVqA6p9RNv8BoUJuNIfNLynpbCqwl-Z6NC2en0ars68eW488-43iumtDGH3gtdyQd-VCKPDrLOgGybQIrDcVQj6florkzVi1RJ2t6ebQEX5uR5WpWg5luLMC_wiDXDSyY3qypumUEUAoAky-Ii4F77Hy-mPARMB5COxzDrdbrThpUWnkfc_CA85wsnAoFkDXvHIOmQ5DqA7DUKXwVnrt5Lv2j2zEgMILjezIOiyTWXRHjPLSDFSQzVV2YDe3vLlKZkWsCS4vEdPb6LhRBMQicyVqs8ZGoFYxQt_5_OAqdf0rSiaRsC7g6IU2rJNpVDWc5Qb1MLibXaLuUv2fQNB3bSfeyRc4so3N6ttv5YQ2ANTPHRki0JXt6MB03A8ypTdWlcnkS9R540Fyvg46P1v82kaR8KLifjFw0FKKs0M0AxLagdZGJi-PgjdA19IekqmDXvHewwKd6yPo9iF-zF32ZLcPt3tax8BD1kClAG_WpftUiu1LQBW7VOtJlpRcsc2KfYmpJj25flN2of-_rzbYKV2jnYZ5PU5R9QCeRap4kHARzfCtS7x1AQz0_2vQWZBMAPvG9RFNngvrFjXgd1iquWNhtOzvm7uNNL-wY8EL1QadclEmqfPteqGLE4DWRJE1C-NDHaoY-WZnT3bpDIW1EQWbDVDGEEOUdA-7fJs8hoQydU0QMNPkbo4mM_zcZLexR0FJV_uA5z4lQjCeXlHoCbGn_-3AHHikyDNZDSwrdFHwWP-kwmaJPDIm-60fcKtwVl3t3qg1a8J8CFqmkzrqPAiXzPDW4W-j7qWJ-1-IvtECFhdQR8U9oPsicS4B7TcmVwiKIT37qd_RCtTlnB8olLafldxSYPh_ASTLcGX5E5TJeTG1MmXJAcyn3kHGZber8Zb28Q6e9bXOEMY8fSzIWuhMFQDGCGVhIhxYiSD6XGOLCF6ZOMTd9sj7tJ-yxrQ-b-mGUINKprSO-grIydBoAHxFnUweEB7iUYinYRqqfhej3ooRSLdZAaxGtFAzHWEFqY23u1i_mVbGW79mvY_tN8H1Yx8O2zOKtpOSWiYgG6e5OEPzTlmloIV4jyAxY4DHMbM7ZtdOqBGly6KbEMfSdvrmabuCPh92ZRY_zoRJNbB_EvtGBUl_fFWTYQMQmAA2UiFq38MwqPhPVoKz0FBq9ejFXB1e9Ab-xZM8w1gypcuKtiPXF6D6WrEaZRIV4QvDZj5wJSFO75lEhQ8uM5j_NzMH7BbvFhEpT4UA0qNcWFJ-pRwNvBpSWDv3aQ6YSDJz46pFZYNfYJyBJoeYl5RL7MIdxj2So-LE1tG-RfaGvIKXJuIkia6bt_cHqU_K714wtdK_BvnQ217L44TNHBeW7MkxL8KapVDoKgBZnsG3qrTrIzsv7lAXTcpi3k2ngTE-9qI6r_uXDYR6Qslt74VO7EwCr1FBtY8tfD3XDZZeYfa0emO-ceFJgPowEDh1fe-eejd__JXcTb_Mz2BYz9vjhlbsePKLQJLQfiio4IX4CAdX-RNpoqcWqmVNRAtRMuEQyYMnx_iq8w62fdq8zA6L4G09iWjHZSEsREuwxEiYvpkFpLye3o_p8vtSSjRvXnQaYb7G_N6ZyFSJjXuHUUU6JRHFfato4S-GPQJq55IQM9uxZCDnQkO4cBdsFArsaOar8JNOZfOUjgM2whrzX9nHkp6lPwPmS7Ya-QZNKccVUI4aF9E7AHngEROUhOOCeMvVR08e9pvTkXDFBMmS9ojl-zyTQgKrZ6B4YHPy5_-Aplq5p8OGtDqSaXNKLAlu_BuYhBaccU0RAyGYJs9ftE7HUwndUWgqdP-vEDwtpcqaMgd0aNm2CUdXH5WlKimTTz4rxZItBUHLSIqUj5VqllJd9iwQpriMUojDcxFKX5Vjj8slFTWnhfjhBz5o2xgOhAF2T4E7HesClRmQhpxBSFYiDwKMcp1vaKSVvzEwBiFZ4sv7n4B74LjvHZTl0APO3NN6NTj6oGlUIBBJPAC8eF__8jLv_X3nq0NwjicYPWOYcEhZXMZy7kw7jJFB1cN0G5s79-0eqem3HtsCoML3YuNkFFVVbD1S8VMqHHCk6sGjk85KzzkOoUNPjdxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1009767980&ias_pubId=pub-5431908161009251&ias_chanId=1&ias_placementId=19085213996&bidurl=https://animal.meogamehay.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0h3Fbt4fsN7birSGx97chXz&adsafe_url=https%3A%2F%2Fanimal.meogamehay.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fanimal.meogamehay.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231207%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-3-%26adk%3D2969136041%26client%3Dca-pub-5431908161009251%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D3&adsafe_type=be&adsafe_jsinfo=,id:398d6bfa-75e1-5f17-4f55-cf558df56221,c:y1ycVy,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-8m6kw,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1,mtim:4,mot:0,app:0,maw:0,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:33,oid:bae3d24d-a53b-11ee-bbb5-96eeee45282b,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 23:13:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19846
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 14415875674906819925
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 23:13:19 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 886E 31 KB
12 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 01:52:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10278
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11872
x-xss-protection: 0
server: cafe
etag: 16225921609732785849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 01:52:47 GMT

GET
DATA 200
OK truncated
/ Frame 886E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cc4227ca340ec3590e493c7c1623b2f7d0c2979294cfca03aa2ef39c19c9424

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame DE22 51 KB
19 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 18:40:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 122595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 25 Dec 2024 18:40:50 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 59ms
58ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1yd5z,time:653,type:e,im:%7Bpci:%7Btdr:512%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:653,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B646~0%5D,as:%5B646~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:132,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:33,sis:479%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:06 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 558C 0
20 B 86ms
86ms Image
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BDObsFf2MZY2aD4rWoPMP47SayA8AAAAAOAHgBAI&bg=!mpmlmdbNAAY3kmNgF5I7ADQBe5WfONO-whD1ay31cOnBI40ncJZ4XrVm2TE6REMSRlvztg53ev5hlXGUdkZuYlCllUPcAgAAANlSAAAABGgBB5kDNoWQYoIFxT4OiAULGsYwztXIUjafqyPjHdn_abgcf8PkAY5RZSe1_cw_3udgqVrD-TpPhZX4gJGHVR-OjpnMD9wVM3TDaUISpLz--d4xXpiml9HQr_Vq2JkfRvXhUU0LiH3hjQElTAJo4s_q8mbgM9Jk9lAQ4xEC1puPuSkdn1bW5PJjwj3fiS9MBYCxkW7yyCTSt1sE54E4nkSXmWNg46df1a1O54K3vzBrK-GSCOv_X7WEgWVhc1EbcCqmsw7TCYX-ybQqRBF3D2q0Yzkg-czpziLRPwJjJjwKOmlmruzr_jGnH9c4yaoTm3AoPFWaLYR48lu9f-d8_EE7PWTEY0mHy-qr6ULcHkd6D6GPvdpiIU_pAp2deJxLrC4UW04qQzoOw6m0_AqED-Hkwq5kMIp-sQypH7e1ErnmhCuy6-n0xhrcj_yD9Je_2BIvNvGA05crRttSEdTu6uFLF3a9dYcTpO6ljhLFt1LtKZNAtqlyXjBrQcsT9Te_jQgJrgRZ-SjJ8TMZrrd2lrEUuopGQPk6BKcgT63Icb7HdOtumQs4oFv2iMeirV57Xzbw2vLgXFpdy3pteA8K7BQnqtuqbEjLjg5Z6VVbtAaD0EpfCqQESqDAzC7qumLEpv-pr8BI2qkbXqcgHA4bNg9IEixQGzuKIUXjhkIx0vOLMFezwZKf08nEGVM5l2ZkKn-2Uvi-5rqq_afENJwHspiZe-FCUg4kuSCK-WwAAORx6Jj46GKaQ9_2QCsGHTiN_ylL5_dAFP-qr94DsMDIjqZhqDRzstvZdTtfmO9lC-iP2c2ReDt0OxYubfDJGQdwm5oPZEeOdDUndc9SwyHkMgQiOIvMMN-706OrjLFXMu5tXYRDAC9naFeB7-nvrNA1MdDWtbJUrMyQ7yx4opQpZXj5sXd3BWxT3PdYFYsnZK8PxaJh4ne1BLsfLPVL7OP6B7x5Nz9hNifFJmyq7gpbJquv0Ghpfv_owDrO1cL6jwtusFEjCx9ISEDaa642LW8dlTfN-8I-qjtSWoDouj4VM3ZA9xDnddswwTibfGSzKY3v0wkMiam42o56XujiTPxzlabI1Ab-NQy4aEDTvw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 61ms
60ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1yd6E,pingTime:-10,time:720,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703738646160%7C%7C0004842803c8889a75e474813dde4d99%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7C28198e66f5d4fa94f3b70fde01fe1eaa%7C%7C98175bb00ebcedc5f1305c653f34fb2a%7C%7C6c2323dab13c9644037f17bfb0e0b972%7C%7Cdead77b318d627688fc364c7e5631e76%7C%7C0a8cb735cee6cced5cb4ee21cbd527ba%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:06 GMT
server: nginx
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=3490638409845107&bg=!fn2lfTLNAAY3kmNgF5I7ADQBe5WfOOhx0SxuZ1szNXCVbJNb_BqVsxf8uSUKV9yjF_uSC7xmn5RO72VoWsvla0bO-l-wAgAAAUpSAAAABWgBB5kC9IhQVnTW_C1_Me6hgK6ta_F2Wv8jwGR3-kIdxYVVSbiOtZC0Nso_3PRtYI3KvkQiB3U9E8tBmdveFolLFtd6WovXx_YJFtmGsgdlHJgTNPqernAPGqO8Mj52CDjh9xuaAz7Vr9nU76HgzMuwlTosZ9uwHsMSvG9wlbpwlpZMkeOJ-iHMqR_K3ANjjK1-9jdATMFS-fiyqUwDBaKADL4KmXjgvFaChpcS_fTJubEft-5yqPdIjdgghjwlGX9I1yN0fsFX1ZaxgSbT7wgqascHhyjeqKI1Q1rIX9xdsJrnHQToGk66JS84qqGCZuou00WdZdLZeupLzXPO2Suip1OB-mFlwVt7JjCIycZhCFB3qU2UTi6E5qbQejbG4YjO_7cvBBc_Bys6JyItHBQ-cPQQcww-D2cT6kHwzFKnLbAWIzyVW8rQV_F5k8Rafk-qS4H1jYAWY4h4X7U2b1YAI0Ukg5Ex93xoAHFOdE6NS75YMgmh4IGi-ywvAgmAs6dPaRA1baoQ2LWnphjI0FcGH8gOLOjnpPuUlWyOHG68_CvBD8TCGaNqe1v1gP5pklu_39K8cNtIsHCVSAWmy4yculSyGJAszID6E5Dz9k4eyQlNcGi2NTO34Idziq-Yz1ILcN6Y1bzTi9lQCFFqKNv4N-wlNXjc2_Q4fh_z6mD3g4aKdDHRyE1wg65ESd0gT2Aa1nzxghm28g_niODjr-I6m4CeTXw42voMEWgouRqA9zjC4zOtlHAz84wnvp5qNIaF50US3tg44u5ydkrpOxFan5tRfgDB3Pl0rf7Xd1br_QasVR28toywd_dYORqTdPhPODcDVIW-m59SVUWgooaf_Yy4_09NMTTc6Khwb-ZaCvHs9wRpI3vfOhBErFnc9VJsIC4bgSIzsTDspewHVZ8xtcexjf7N2GYTxbVTYugE8kZCfNcZRXMZRZR6DpRI7Mkp2z9_p-IENaVA5CUFxhOXkthGAeYRPRKrsOFhG_QqSNINwu3Ar4Rj6g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://animal.meogamehay.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 2 KB
664 B 198ms
70ms Document
text/html 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30f06ce60c69f38abc0ef7cccc11d68b570e67210de8da0a56b49c99665b68c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 635
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 28 Dec 2023 04:44:06 GMT
expires: Fri, 27 Dec 2024 04:44:06 GMT
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 886E 0
0 234ms
93ms Fetch
image/gif 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstOSieMhH0dxfKXYaocPkvGIyaC8NUPsgs7HZ-RXOQuqqHHNKwk6XT19bJSMAwI_p3Kn0rdsS7DTJabalARfJe1Srq01dS7msEvgH-926fzjtpnZMl0FnPWIz_SK2Mmw6rea7_-ymFmKJrRuiOJayztUT2ZzTL4w0mg4TA550KF-lXLYLHsOEmjmK_B5eXr8wXi-zE9nixwt15RFM1LUMmt&sai=AMfl-YS1cFJ39Rjik1gTVcO9qT4z_kmijaqtJtcVAUBLiaTujFTFPe7aKEwSZAdA0P6yVDH712HXBSQrmeeeJ8lriyWfyPInilfvoPoJYd5sV3bnGVAMr0e_5GFS0ZUFQihwchPLLzUXnS91pMnR&sig=Cg0ArKJSzI_o74CWHdVVEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9qZWVwLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=331&cbvp=1&cstd=321&cisv=r20231207.85398&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 74408
stags.bluekai.com/site/ Frame 886E 62 B
596 B 337ms
174ms Image
image/gif 23.47.69.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/74408?phint=event%3Dimp&phint=cid%3D29045561&phint=dcmsite%3D5176513&phint=placement%3D353970027&phint=crid%3D206387144&phint=adversion%3D574495578
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.47.69.85 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-69-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 28 Dec 2023 04:44:06 GMT
content-length: 62
bk-server: c4d2
content-type: image/gif

GET
H2 200 view
tpt.mediaplex.com/event/etc/ Frame 886E 43 B
323 B 276ms
156ms Image
image/gif 2606:ae80:1471:17::1080
VALUECLICK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpt.mediaplex.com/event/etc/view?vndr%5Fid=2522&vndr%5Fname=Stellantis%20-%20Mediaplex&comp%5Fid=80602&campaign%5Fid=100828&dvc%5Fid=&ggl%5Fplay%5Fid=&idfa=&advid=9149668&bid=29045561&sid=5176513&pid=353970027&adid=574495578&cid=206387144&cachebuster=[timestamp]%22style=%22width:1px
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2606:ae80:1471:17::1080 , United States, ASN25751 (VALUECLICK, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:06 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
content-type: image/gif
cache-control: no-cache, private, max-age=0, no-store
content-length: 43
expires: 0

GET
H3 200 main.css
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 6 KB
3 KB 68ms
66ms Stylesheet
text/css 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7fe6c8ec8742563f2f0be85bcd03af184a9654bf06f933d73370eedd34d23d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 14:26:50 GMT
date: Tue, 26 Dec 2023 14:26:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137836
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2568
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame F9ED 120 KB
41 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 21:58:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 21:58:16 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame F9ED 57 KB
23 KB 123ms
122ms Script
text/javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Dec 2023 04:44:06 GMT

GET
H3 200 main.js Show response
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 24 KB
7 KB 95ms
94ms Script
application/x-javascript 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

737cfa243d39d5d6c267a5a49b0d46666b47a1b8a250b078ae539e264a29548b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 20:33:59 GMT
date: Tue, 26 Dec 2023 20:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115807
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6809
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 all.png
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 35 KB
35 KB 64ms
64ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/all.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b07f1ee6a5431293e74ad9f1ee07ab1f750b31c8eb56072eb0b36fed56d4b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 17:36:20 GMT
date: Tue, 26 Dec 2023 17:36:20 GMT
x-content-type-options: nosniff
age: 126466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36216
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 886E 0
0 92ms
92ms Fetch
image/gif 142.251.40.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstOSieMhH0dxfKXYaocPkvGIyaC8NUPsgs7HZ-RXOQuqqHHNKwk6XT19bJSMAwI_p3Kn0rdsS7DTJabalARfJe1Srq01dS7msEvgH-926fzjtpnZMl0FnPWIz_SK2Mmw6rea7_-ymFmKJrRuiOJayztUT2ZzTL4w0mg4TA550KF-lXLYLHsOEmjmK_B5eXr8wXi-zE9nixwt15RFM1LUMmt&sai=AMfl-YS1cFJ39Rjik1gTVcO9qT4z_kmijaqtJtcVAUBLiaTujFTFPe7aKEwSZAdA0P6yVDH712HXBSQrmeeeJ8lriyWfyPInilfvoPoJYd5sV3bnGVAMr0e_5GFS0ZUFQihwchPLLzUXnS91pMnR&sig=Cg0ArKJSzI_o74CWHdVVEAE&uach_m=%5BUACH%5D&crd=aHR0cHM6Ly9qZWVwLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=701&vt=11&dtpt=370&dett=3&cstd=321&cisv=r20231207.85398&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: animal.meogamehay.com
URL: https://animal.meogamehay.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F9ED 8 KB
6 KB 89ms
89ms XHR
application/json 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c13bbf27f7f5f2a0f0a359a871317635ee07abed903e8d2cfbb3a59264e8fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5814
x-xss-protection: 0

GET
H3 200 bg.jpg
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 39 KB
39 KB 73ms
72ms Image
image/jpeg 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/bg.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00446093a959bc34a958314f7800f585421f0b3480b6963c3ec88f954cbcd90a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 01:14:42 GMT
date: Wed, 27 Dec 2023 01:14:42 GMT
x-content-type-options: nosniff
age: 98964
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39521
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 all.png
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 35 KB
35 KB 64ms
63ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/all.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b07f1ee6a5431293e74ad9f1ee07ab1f750b31c8eb56072eb0b36fed56d4b2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 17:36:20 GMT
date: Tue, 26 Dec 2023 17:36:20 GMT
x-content-type-options: nosniff
age: 126466
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36216
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 map.png
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 131 KB
131 KB 83ms
82ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/map.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6885343168781b0fc57e389a45f26ad41c5b8c29ff2220204992dc65abf60fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Thu, 26 Dec 2024 02:42:31 GMT
date: Wed, 27 Dec 2023 02:42:31 GMT
x-content-type-options: nosniff
age: 93695
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133834
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/9846698582102778740/ Frame F9ED 4 KB
4 KB 81ms
80ms Image
image/png 2607:f8b0:4006:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9846698582102778740/cta.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2006 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2316c9db805c41e4ac6b9d140bb4a8630ca34344e094434aaee0ee49449d30b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9846698582102778740/index.html?e=69&leftOffset=0&topOffset=0&c=4vAHZTKuLn&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Wed, 25 Dec 2024 23:58:47 GMT
date: Tue, 26 Dec 2023 23:58:47 GMT
x-content-type-options: nosniff
age: 103519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3968
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 15:21:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame F9ED 1015 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 067d0bd30358c7a31e4f42ded3dfa16e316004889d0df81ce5288f36e52ade72

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F9ED 17 KB
6 KB 88ms
88ms Script
text/javascript 2607:f8b0:4006:80d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 04:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 28 Dec 2023 04:44:06 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 96C3 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 20:10:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30807
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 26 Dec 2024 20:10:39 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 886E 42 B
64 B 87ms
87ms Fetch
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu9JbHBnlmtl9K_-79pf9zSTT-eDtiRoHafDOtkC-DG5it8vweW4kp_nFdcicOdQ7u0QDg9vAspPlVybnFRH9R_b1yJBFpnUSeYKG-01T79a3aDX6cYgOzAbaMtJK85DhCSVESsh6Qlv7uTFyRhWNSEjxmj&sai=AMfl-YSgnsmrK1oQOcxag7zxkEXgsZxVIyZhXKwlWUbuul0DMkp9ceyAo8u3dfZb0aSAjjo77Bzy2GCPiBJXDQ92xDPgrDmCFsKNtQlOXR0LdKxQoz5DecGn_DAr6g5jlneNroRy11CoWxDcD2vLmaeFrw&sig=Cg0ArKJSzE2iDwU8sWnHEAE&cid=CAQSTwAvHhf__Iy7_1956tDcI4nGD1jmHBIWVzGcu5MO4yRQdXDdBubO_ftHqnptx7bAqDC92LjZBRVVWw9UvFTKhxwpOrBo5POSs85DqFDT43cYAQ&id=lidar2&mcvt=1009&p=0,0,90,728&mtos=989,1009,1009,1009,1009&tos=989,20,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2969136041&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703738645049&rpt=888&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 61ms
60ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1ydmy,pingTime:1,time:1706,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:663%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1043,o:663,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B656~0%5D,as:%5B656~728.90%5D%7D%7D,%7Bsl:i,t:663,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1043~100%5D,as:%5B1043~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:68,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:33,sis:479%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:07 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 59ms
59ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1ydmz,pingTime:1,time:1707,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:663%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1044,o:663,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B656~0%5D,as:%5B656~728.90%5D%7D%7D,%7Bsl:i,t:663,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1044~100%5D,as:%5B1044~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:68,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:33,sis:479%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:07 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 886E 43 B
215 B 61ms
60ms Image
image/gif 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1278205&asId=398d6bfa-75e1-5f17-4f55-cf558df56221&tv=%7Bc:y1ydmz,pingTime:1,time:1707,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:32%7D,%7Bpiv:100,vs:i,r:,t:663%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1044,o:663,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:32,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B656~0%5D,as:%5B656~728.90%5D%7D%7D,%7Bsl:i,t:663,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1044~100%5D,as:%5B1044~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:68,fm:tZHPJ9C+11%7C12%7C1311%7C141%7C151%7C161*.1278205-67951302%7C1611%7C171%7C18,idMap:161*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:33,sis:479,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:9b2a:61a7:aac6:a228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:07 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 886E 0
20 B 83ms
83ms Ping
image/gif 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6775140540902&version=m202309260101&ct=76&x=1&cor=4281261926723072000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 04:44:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-21 02:51:38	Name: IDE Value: AHWqTUkRWq3Hp1Oc5CUal1f_ecEhz7PtJIqONai29PmEhwlE3_hQ5DjNp_v9Zvog
.meogamehay.com/	1970-01-21 02:37:14	Name: __gads Value: ID=c5a7b95ebbe9f5be:T=1703738643:RT=1703738643:S=ALNI_MZMdH9Ij8EkynBC6dbtU73U5DDFug
.meogamehay.com/	1970-01-21 02:37:14	Name: __gpi Value: UID=00000dae8dbf0ffd:T=1703738643:RT=1703738643:S=ALNI_MaQOLq-I9wiWK4DFjZ1aBaOgOoRig
.casalemedia.com/	1970-01-21 02:01:14	Name: CMID Value: ZYz9FaCOJTIqdPUcV5UuvQAA
.casalemedia.com/	1970-01-20 19:25:14	Name: CMPS Value: 1650
.casalemedia.com/	1970-01-20 19:25:14	Name: CMPRO Value: 1650
.doubleclick.net/	1970-01-20 21:34:50	Name: APC Value: AfxxVi4kOErK9heGHnAAnLDugGS6h7ahdHcF6su9ho5zpdj5K_Zbqg
.adnxs.com/	1970-01-20 19:25:14	Name: uuid2 Value: 7400494933674180928
.doubleclick.net/	1970-01-20 17:15:42	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 19:25:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVQgS__<!]tbPl1M>e)ZlrFUfJ+tGXxo3Aidhm<s?lFCD%P7UzTzPV[nNOZsljmW*Jq=3If)y3KL9D3I?-9+(Sy.
.mediaplex.com/	1970-01-21 02:41:33	Name: svid Value: 896907371257243212
.bluekai.com/	1970-01-20 21:34:50	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 21:34:50	Name: bkpa Value: KJyNMAWmy091OadEUZBisXmCb3D4ixYokQoaYzgfuyx2f3ht+1rCnuNYOm8jlNgS/8to+OrIBB4f/WaMpbLcRgjZyCM0BK6asfaLzwnbtDnvxTs1UQOVIRFtRxvnEQpHhaLX6lfG+N004LDpidLOA0yFx9==
.bluekai.com/	1970-01-20 21:34:50	Name: bku Value: 3Y/O9Oq2MsPivtXN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ajax.googleapis.com
animal.meogamehay.com
bid.g.doubleclick.net
cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
stags.bluekai.com
static.adsafeprotected.com
tpc.googlesyndication.com
tpt.mediaplex.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
142.251.32.98
142.251.40.166
172.253.115.156
23.47.69.85
2600:1f18:1aca:4282:9b2a:61a7:aac6:a228
2600:9000:2616:ba00:8:48e:53c0:93a1
2606:4700:3033::ac43:85d1
2606:ae80:1471:17::1080
2607:f8b0:4006:809::200a
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80b::2006
2607:f8b0:4006:80d::2001
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80f::2004
2607:f8b0:4006:816::2002
2607:f8b0:4006:81c::2002
2607:f8b0:4006:822::200a
68.67.160.137
72.44.46.92
00446093a959bc34a958314f7800f585421f0b3480b6963c3ec88f954cbcd90a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
067d0bd30358c7a31e4f42ded3dfa16e316004889d0df81ce5288f36e52ade72
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
0f79c64f686102f8cc72db584b52c51dbd0720d7ade9a3284a3520bd91dc5328
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
188d321da52decd5b8a5c92b29c10badb5c8ded9b9f45f802ee6b64bd8d6a564
1b6dee243e3a4adad667bb95f88237bf7dfabf3dfeaee96eca04ad69b73a97d8
1cc4227ca340ec3590e493c7c1623b2f7d0c2979294cfca03aa2ef39c19c9424
1ee96157035ca2c12237752548ca5b28ecc4f3f83c4dad483e5333bfbf289010
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
300c2a57d0ed169063b3daaff0550227cf8be6e702a58ab79f40a351df655243
30f06ce60c69f38abc0ef7cccc11d68b570e67210de8da0a56b49c99665b68c9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31a8dbe7c39cf4ffa9fe214267bc1aa73dca7304f689437bd4bb257066fa4b04
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a566ffa5bea2d58775d52faf7982f2a312ed26c9e668c1320486b0bc01cb0b9
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4879dcab21b2218432075c33aff13cea89de4f392f749eaef3df339f3f694c72
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5b07f1ee6a5431293e74ad9f1ee07ab1f750b31c8eb56072eb0b36fed56d4b2d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d48f9597d53ef2d2cfdf6fa413dd2b5f14bb6b14492b82f4b5792349ccf4737
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6885343168781b0fc57e389a45f26ad41c5b8c29ff2220204992dc65abf60fde
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6efda48e80b2f1710bea21e24048d2b7175905403d026a9cda5f3b8130663d5c
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
737cfa243d39d5d6c267a5a49b0d46666b47a1b8a250b078ae539e264a29548b
7462bdf789a89db34e26ce9deeb27e2d532113145d71bb560aad30c67dceaf88
7b07bffbf21142fa51120eb03293d0d27d8e76099c8f55bb23d951ceca89bc31
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e92ad6a7a03dec0e576421a7ba475217ab9821c800109899767f80f5ce82d35
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
99cd3d17e58005e404aaf93de2e832fa6ae1e8776a339099ea1174ae410fde6c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a739d1355b8e33556dab1c870268a5a85016ead0e43541bdaa84c8828ce7ab2c
a7fe6c8ec8742563f2f0be85bcd03af184a9654bf06f933d73370eedd34d23d4
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aae68d7418f7820c7267d6dc0ec4f3f0935d15e965d5dfd0730ee15265cb932e
aaf322520dd7c047b7201891400f94981878ee788f5026df32d27e95065b6041
aba848a7cdbe0240e1fdf0b540d3dff72daa9df5b4502e311b3f27a9c85e5759
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4e54900492e7fa37b1da9dfb701b52ce20eb8709219e48f9db66b9fd547c429
bec5d335ab398f4a684db704b24663ddb703e982df3f0548ba2ba9c707f07200
c13bbf27f7f5f2a0f0a359a871317635ee07abed903e8d2cfbb3a59264e8fd6b
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
d90a92a7cfa091e8b08b8a24572b8c67d1aa35d4e2a9b09887cfb412acc3adfc
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e26ea2ffecb46340f7350da7a86ab7e168361201ae85edef59ff96f41c136120
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
edbfaa14ea3e0446be7b7a869ae57f2adbeec2886deb56460a3639fc37b4c827
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd5ad608d8f3603b3eb9ca9f2c65ed45d7ca18acd0296fe5fc24b150eb4c4e9
f0988eed26a2cefe5ad967b9362e853d490196b9041614b8729b54138cd1bf57
f2316c9db805c41e4ac6b9d140bb4a8630ca34344e094434aaee0ee49449d30b
f38f91caae9d8ce4142ac627dba2f52d3cc848d13665f63221b3a55c56457635
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f8598779b58cab55c8480a89099ea2ee8e4d86163f9fe1e08f8c14f9a60ff162
fe6bd5ed8e4b90a17e5ee59bc5949f68bad22de5c5fa236ee97c25faa56d40f6

animal.meogamehay.com Open in urlscan Pro 2606:4700:3033::ac43:85d1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

134 Requests

96 %HTTPS

65 %IPv6

13 Domains

21 Subdomains

21 IPs

2 Countries

1850 kBTransfer

5095 kBSize

14 Cookies

1 Outgoing links

Redirected requests

134 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

animal.meogamehay.com Open in urlscan Pro
2606:4700:3033::ac43:85d1 Public Scan

Screenshot
Live screenshot

Full Image

134
Requests

96 %
HTTPS

65 %
IPv6

13
Domains

21
Subdomains

21
IPs

2
Countries

1850 kB
Transfer

5095 kB
Size

14
Cookies

134 HTTP transactions
2 data transactions