odga.me. Open in urlscan Pro
2606:4700:3035::681c:1e24 Public Scan

URL:
http://odga.me./
Submission: On October 23 via manual (October 23rd 2020, 11:10:19 am UTC) from DK

Summary HTTP 87 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 3 countries across 14 domains to perform 87 HTTP transactions. The main IP is 2606:4700:3035::681c:1e24, located in United States and belongs to CLOUDFLARENET, US. The main domain is odga.me..

This is the only time odga.me. was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3035::681c:1e24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:303... 2606:4700:3033::681c:121f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c09::84	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
15	2606:4700:303... 2606:4700:3036::ac43:a96e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
87	23

13 2606:4700:3035::681c:1e24 (United States)

ASN13335 (CLOUDFLARENET, US)

odga.me.	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::681c:121f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

us2.centcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c09::84 (Brussels, Belgium)

ASN15169 (GOOGLE, US)

7b40fff237fdc297f14cf078da389628.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3036::ac43:a96e (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.marketjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com 7b40fff237fdc297f14cf078da389628.safeframe.googlesyndication.com tpc.googlesyndication.com	233 KB
15	marketjs.net cdn.marketjs.net	181 KB
13	me. odga.me.	304 KB
10	ampproject.org cdn.ampproject.org	212 KB
10	doubleclick.net 1 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net	131 KB
4	gstatic.com fonts.gstatic.com	44 KB
4	google-analytics.com www.google-analytics.com	19 KB
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	110 KB
2	google.de www.google.de adservice.google.de	996 B
2	google.com www.google.com adservice.google.com	938 B
2	centcount.com 1 redirects us2.centcount.com	1 KB
1	addtoany.com static.addtoany.com	27 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	googletagmanager.com www.googletagmanager.com	37 KB
87	14

	Domain	Requested by
15	cdn.marketjs.net	odga.me.
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net odga.me. cdn.ampproject.org pagead2.googlesyndication.com tpc.googlesyndication.com
13	odga.me.	odga.me.
10	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	odga.me. pagead2.googlesyndication.com
5	securepubads.g.doubleclick.net	odga.me. securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com odga.me.
2	ad.doubleclick.net	1 redirects odga.me.
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	us2.centcount.com	1 redirects odga.me.
1	7b40fff237fdc297f14cf078da389628.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.addtoany.com	odga.me.
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.de	odga.me.
1	www.google.com	odga.me.
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	odga.me.
1	imasdk.googleapis.com	odga.me.
87	22

This site contains links to these domains. Also see Links.

Domain
www.addtoany.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-17` - `2021-08-17`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh

This page contains 6 frames:

Primary Page: http://odga.me./
Frame ID: AB7CC49418330E17E786C0CADF4219FE
Requests: 53 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html
Frame ID: CCE02346D4F5ACE8D57644F94FEE0D91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6930420709377674&output=html&adk=1812271804&adf=3025194257&lmt=1603079561&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fodga.me.%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603451400064&bpp=14&bdt=111&idt=70&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7237232886668&frm=20&pv=2&ga_vid=1108126005.1603451400&ga_sid=1603451400&ga_hid=232044186&ga_fc=0&iag=0&icsg=2106027&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067213%2C21066922%2C21067494&oid=3&pvsid=4179080747389734&pem=974&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=89
Frame ID: A1DDB6B4AC1CAA3ACFA231948208FDE2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js
Frame ID: 8211E9C9DFB8BA2B3CA1D223A91D3CC6
Requests: 19 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js
Frame ID: 2E0EDE449A5820ADB508F37B8D807E61
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html
Frame ID: C9DE63284F9B4A4F4EA4DF9D40BB47B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

87
Requests

84 %
HTTPS

91 %
IPv6

14
Domains

22
Subdomains

23
IPs

3
Countries

1327 kB
Transfer

3566 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addtoany.com/share#url=http%3A%2F%2Fodga.me.%2F&title=odGameBox%20%7C%20Free%20H5%20Games%20Online

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

http://us2.centcount.com/ca.php?sid=2005070000002001&ct=1603451400016 HTTP 301
https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1603451400016

Request Chain 49

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B23632513.273199220;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B23632513.273199220;dc_pre=CO-_g_rJyuwCFc_FuwgdwG8PqA;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

87 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
odga.me./ 8 KB
3 KB 385ms
357ms Document
text/html 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33aefdea266e6ae29c963fb377c573187febb0f335bbf7f5e58e46c414b23067

Request headers

Host: odga.me.
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 11:09:59 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d2b9c88c089508ee7b8930dc9872293741603451399; expires=Sun, 22-Nov-20 11:09:59 GMT; path=/; domain=.odga.me; HttpOnly; SameSite=Lax
X-GUploader-UploadID: ABg5-UyRHusSGvHkQOSz2G-xEVQemrK9Yt6IA8whwqPHqxAkKsaRHOH2hQ0UuLczKq2cYXhMfYBL74r5J0tlrqtJta11hB0dNg
Expires: Fri, 23 Oct 2020 12:09:59 GMT
Cache-Control: public, max-age=3600
Last-Modified: Mon, 19 Oct 2020 03:52:41 GMT
x-goog-generation: 1603079561608452
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2172
x-goog-hash: crc32c=6hxlaw== md5=oSxFxpJ87X//bMDTzqkf6Q==
x-goog-storage-class: STANDARD
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
cf-request-id: 05f6bfc59d0000bf14dcac2000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=m8Q6x5BbaenZ5vTVqTHzaJYYxIIddc7Up%2FD4Fdk6SOSsNqxCiXmPSQDIXkXO0Lsg3zMRzpGFEOlxJFV3DvZ4k5FuSAjzSmKYw%2FRz9SVKVTZFLRQlhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5e6b024f5998bf14-FRA
Content-Encoding: gzip

GET
H/1.1 200
OK 44a8dd753ac2d7d4c767.js Show response
odga.me./_nuxt/ 3 KB
3 KB 353ms
352ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/44a8dd753ac2d7d4c767.js
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc842aaaa39762b9742ea74c256fa520c6b1a33fec019ca68810bd380b868d3

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=LkoKVg==, md5=CN8LhXyz8DzSCte3OhgboA==
Date: Fri, 23 Oct 2020 11:10:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UyBf8hXyEvRKc6n3u-Q_QX9073nNJ7Ay-rrRHjxrjOY0PcryvY6vaBSFRFq22TU4biNHLvG5jCAn9McgNypLFsGkSlGzw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 1369
cf-request-id: 05f6bfc7190000bf14eaa02000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "08df0b857cb3f03cd20ad7b73a181ba0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1GCYFTishTwivb0BKdfFnPiDodhzFGODYsJJPzuKJZUVBBy%2BIjRq0VV3Z1hLQ3vP3fEROgG4J0XnCC2FHUK9AIMASMuEqb1guupxSKBfKStncVKakg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562107619
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 1369
Accept-Ranges: bytes
CF-RAY: 5e6b0251cb95bf14-FRA
Expires: Fri, 23 Oct 2020 12:10:00 GMT

GET
H/1.1 200
OK 0b4d0fc8227d1f66ec5e.js Show response
odga.me./_nuxt/ 177 KB
61 KB 807ms
801ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/0b4d0fc8227d1f66ec5e.js
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef313570c17f7edd6249161275d1c21b30d9749d3b5ab7da7d9370b05aa9f90e

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=beBgCw==, md5=nyYmRMEv6gVbhOsS7QVGPw==
Date: Fri, 23 Oct 2020 11:10:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UzV3xrfzFjL6w4PMymAP5Beiv2RiXW0ki7XAjocq6g9dCPPSdHyV9lCPqnzTMwM3Zd3wP1Kw3Pdly5IxqHRSu3lOuicrQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 61566
cf-request-id: 05f6bfc71e0000dfdf14aaf000000001
Last-Modified: Mon, 19 Oct 2020 03:52:41 GMT
Server: cloudflare
ETag: "9f262644c12fea055b84eb12ed05463f"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WnYRXK3FZo5oEWH9fbhv1IPmUPoGR8EKKEIChDHPx0aroE4XCpFVazFisjF7wJ7VZW4ItN18GDjoTGOk3%2B0H9unEiJK%2Fw7AwE0R10Ci4Ri4XOtSQag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079561836665
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 61566
Accept-Ranges: bytes
CF-RAY: 5e6b0251cccfdfdf-FRA
Expires: Fri, 23 Oct 2020 12:10:00 GMT

GET
H/1.1 200
OK 704ba4b1bcdbe612e93b.js Show response
odga.me./_nuxt/ 280 KB
84 KB 599ms
592ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/704ba4b1bcdbe612e93b.js
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e070a6198ceb8b72b426505461f38a76c7460c9c75f7be1a3db7643d40c384e8

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=+Ufn+Q==, md5=fg5GDsoCqugYLjk7yfo+Ng==
Date: Fri, 23 Oct 2020 11:10:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UxKnA7TwV5E6yCsuJdL4pDRZgINcqi8PG0DfLZe6iJKszCfBtO6MFu_QHr99tyDxNEZ_p-pJioRcuPj_hTPXEC4hoEE_Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 84454
cf-request-id: 05f6bfc71f0000c3039b810000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "7e0e460eca02aae8182e393bc9fa3e36"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451401"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562779213
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 84454
Accept-Ranges: bytes
CF-RAY: 5e6b0251ca7fc303-FRA
Expires: Fri, 23 Oct 2020 12:10:00 GMT

GET
H/1.1 200
OK 87b058757107d97ec195.js Show response
odga.me./_nuxt/ 58 KB
19 KB 612ms
606ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/87b058757107d97ec195.js
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b7b4256f6aa3b8b3f9dc277dcdf0b6badc82b0b01b7dc06718a189bbe4ed535

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=1vBpYA==, md5=nsEQtPfJTVS0BPYSOMoEuw==
Date: Fri, 23 Oct 2020 11:10:00 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UwIdtX8R31RSpwfifMaVbYO_wHY-zYLHP-hHUqExHBs5DgBuP4zOoRJbPhewDzePB8vNfRrgYEE0T2RyyeO5ahbwR6l4Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 17803
cf-request-id: 05f6bfc71e000005ccc4b26000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "9ec110b4f7c94d54b404f61238ca04bb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451401"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562172445
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 17803
Accept-Ranges: bytes
CF-RAY: 5e6b0251cf9805cc-FRA
Expires: Fri, 23 Oct 2020 12:10:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 69ms
44ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

6c856f691afe5052bf8c0732d931e96efbf4d02e731db63a320766daf3426bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "671 / 689 of 1000 / last-modified: 1603446107"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17635
x-xss-protection: 0
expires: Fri, 23 Oct 2020 11:10:00 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 314 KB
108 KB 21ms
13ms Script
text/javascript 2a00:1450:4001:81b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b7e8ee7026c28c6af585571475a9e491974754d1cf1a174d4d0a4d779a32196

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 23 Oct 2020 11:09:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 110626
X-XSS-Protection: 0
Expires: Fri, 23 Oct 2020 11:09:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
45 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15ef3bdcf9b61756713a5d64761b0d8c7e04f2be45bc87701e725451b911fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:09:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45803
x-xss-protection: 0
server: cafe
etag: 337378925373862909
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Oct 2020 11:09:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 136 KB
37 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N8DWVKJ

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56ab8ebec18d69dbd457b16f30cb32ab13a1309ca2ff3d922dc15f5f83b0c8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:09:59 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38026
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Oct 2020 11:09:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N8DWVKJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6852
date: Fri, 23 Oct 2020 09:15:48 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 23 Oct 2020 11:15:48 GMT

GET
H2

200

ca.php Show response
us2.centcount.com/
Redirect Chain

http://us2.centcount.com/ca.php?sid=2005070000002001&ct=1603451400016
https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1603451400016

58 B
578 B

222ms
203ms

Script
application/javascript

2606:4700:3033::681c:121f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1603451400016
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::681c:121f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 116987e74e82d9e7a849b3f1af0ec3a4e32598f23157a9508e42fdddaaabd1cf

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451400"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cf-ray: 5e6b0252af352bca-FRA
cf-request-id: 05f6bfc7ac00002bca8c0d3000000001

Redirect headers

Date: Fri, 23 Oct 2020 11:10:00 GMT
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0oZugVEwo0uZ24y8JLescucvN%2FHO28xiigknwWgeLs9WYWBAq7Xuvrw0QmH0rMaaE4eomb0n3gCfcXvy9jPmaovtiNZR5G1xE1chN0PkJx1RbZZkiSOX8T63l9nzrw%3D%3D"}],"group":"cf-nel","max_age":604800}
Location: https://us2.centcount.com/ca.php?sid=2005070000002001&ct=1603451400016
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
CF-RAY: 5e6b02523e2cdfc3-FRA
cf-request-id: 05f6bfc7630000dfc3db0df000000001
Expires: Fri, 23 Oct 2020 12:10:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 39ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=232044186&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me.%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=398261805&gjid=1267340707&cid=1108126005.1603451400&tid=UA-38246441-7&_gid=43107134.1603451400&_r=1&gtm=2wgae1N8DWVKJ&z=1794193187

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://odga.me.
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
403 B 34ms
12ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=232044186&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me.%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=536773308&gjid=1054651157&cid=1108126005.1603451400&tid=UA-38246441-9&_gid=43107134.1603451400&_r=1&_slc=1&z=1695939230

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: http://odga.me.
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/ 230 KB
87 KB 51ms
36ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88452
x-xss-protection: 0
server: cafe
etag: 16783570891068550005
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 23 Oct 2020 11:10:00 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/ Frame CCE0 0
0 7ms
6ms Document
text/html 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201021/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201021/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me./
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me./

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 22 Oct 2020 12:16:25 GMT
expires: Thu, 05 Nov 2020 12:16:25 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 82415
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 pubads_impl_2020101901.js Show response
securepubads.g.doubleclick.net/gpt/ 274 KB
96 KB 63ms
49ms Script
text/javascript 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

sffe /

Resource Hash

426706009141ad5502475bac13c268944bc54a6e772d44bf48f653f711d5915d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Oct 2020 08:41:04 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98358
x-xss-protection: 0
expires: Fri, 23 Oct 2020 11:10:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
82 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-38246441-7&cid=1108126005.1603451400&jid=398261805&gjid=1267340707&_gid=43107134.1603451400&_u=YEBAAEAAAAAAAC~&z=1783776364

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 23 Oct 2020 11:10:00 GMT
status: 200
content-type: text/plain
access-control-allow-origin: http://odga.me.
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
106 B 21ms
20ms Image
image/gif 2a00:1450:4001:803::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-38246441-7&cid=1108126005.1603451400&jid=398261805&_u=YEBAAEAAAAAAAC~&z=737572372

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 17ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-38246441-7&cid=1108126005.1603451400&jid=398261805&_u=YEBAAEAAAAAAAC~&z=737572372

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=odga.me.

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 38ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=odga.me.

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame A1DD 0
0 28ms
27ms Document
text/html 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6930420709377674&output=html&adk=1812271804&adf=3025194257&lmt=1603079561&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fodga.me.%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603451400064&bpp=14&bdt=111&idt=70&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7237232886668&frm=20&pv=2&ga_vid=1108126005.1603451400&ga_sid=1603451400&ga_hid=232044186&ga_fc=0&iag=0&icsg=2106027&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067213%2C21066922%2C21067494&oid=3&pvsid=4179080747389734&pem=974&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=89

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-6930420709377674&output=html&adk=1812271804&adf=3025194257&lmt=1603079561&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fodga.me.%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1603451400064&bpp=14&bdt=111&idt=70&shv=r20201021&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7237232886668&frm=20&pv=2&ga_vid=1108126005.1603451400&ga_sid=1603451400&ga_hid=232044186&ga_fc=0&iag=0&icsg=2106027&dssz=24&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067213%2C21066922%2C21067494&oid=3&pvsid=4179080747389734&pem=974&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=0&uci=a!0&fsb=1&dtd=89
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me./
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me./

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 23 Oct 2020 11:10:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 23-Oct-2020 11:25:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:814::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603280362352039"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27607
x-xss-protection: 0
expires: Fri, 23 Oct 2020 11:10:00 GMT

GET
H/1.1 200
OK d37a699ba6db1890c813.js Show response
odga.me./_nuxt/ 4 KB
3 KB 867ms
867ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/d37a699ba6db1890c813.js
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/44a8dd753ac2d7d4c767.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5563c720385dce141b6ae5b86b2675711b4e676249d3cf67a872ccb361abe2a2

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=J5hjIQ==, md5=vTpy9EC9LDamqkFk6Qp0vg==
Date: Fri, 23 Oct 2020 11:10:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UwOTx457Wni7HIRDGtAvxc_pvGuIrwQFig-Hbph0Z2omEkVk95CN2rQRBs818RGi--R6NT-uGO9AIK1QzPL6TE
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 1737
cf-request-id: 05f6bfca5d0000dfdf1bb2b000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "bd3a72f440bd2c36a6aa4164e90a74be"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B0Tys%2BKuTBVOnfy0uAcd1%2F7nnn%2BZu43oyOFXFaDyV%2FLxDwVW%2B57DtDLHEN8IO8Uc%2BInuL01c4sqi5V7SXUkdydhlzbLhP0XwfRekl94Cmvp7l3TcBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562115567
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 1737
Accept-Ranges: bytes
CF-RAY: 5e6b0256f8f9dfdf-FRA
Expires: Fri, 23 Oct 2020 12:10:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
5ms Image
image/gif 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=232044186&t=pageview&_s=1&dl=http%3A%2F%2Fodga.me.%2F&ul=en-us&de=UTF-8&dt=odGamebox&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1108126005.1603451400&tid=UA-38246441-7&_gid=43107134.1603451400&gtm=2wgae1N8DWVKJ&z=646927528

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 22 Oct 2020 11:15:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 86051
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ed018e708870be50788b.js Show response
odga.me./_nuxt/ 276 KB
70 KB 335ms
335ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/ed018e708870be50788b.js
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/44a8dd753ac2d7d4c767.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c5fe3078b5c30e800d7b3b55945df13af8107578351bc8187f614f1fa0eac7d

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=PekNuw==, md5=mUwOVzD/iiEJiuNAypLcYQ==
Date: Fri, 23 Oct 2020 11:10:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-Uz4HGlPNNGD7Xc3kYUkU64pY-AyHNXpGaWhj1wLMHLEAjKbuqATBLcD0lbPBpucnTmIRoPhQqW9_cSi958VMW0
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 70131
cf-request-id: 05f6bfca70000005cc9ea16000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "994c0e5730ff8a21098ae340ca92dc61"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451401"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562500237
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 70131
Accept-Ranges: bytes
CF-RAY: 5e6b02571f9f05cc-FRA
Expires: Fri, 23 Oct 2020 12:10:00 GMT

GET
H/1.1 200
OK 06c101c7c9bad8a3058c.js Show response
odga.me./_nuxt/ 91 KB
21 KB 582ms
582ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/44a8dd753ac2d7d4c767.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6f304421d6090a8cab0903ac0eb2cb2b34a5fc98f7932f9119a28a61819cd67

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=Mls76Q==, md5=AWWnKV/0U7n6vSHWrE6ryw==
Date: Fri, 23 Oct 2020 11:10:01 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-Ux6EzlWrZgCbzK-d1kirFePITMxPjBZbeXAmfHOmsNovBk7ouaNGBOzdLXvPU1h2-tpuocCScGyG6iVJeFmfTr1jYOzrg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 20225
cf-request-id: 05f6bfca700000c30391287000000001
Last-Modified: Mon, 19 Oct 2020 03:52:41 GMT
Server: cloudflare
ETag: "0165a7295ff453b9fabd21d6ac4eabcb"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451401"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079561682065
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 20225
Accept-Ranges: bytes
CF-RAY: 5e6b02571e62c303-FRA
Expires: Fri, 23 Oct 2020 12:10:01 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
27 KB 70ms
51ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: odga.me.
URL: http://odga.me./_nuxt/0b4d0fc8227d1f66ec5e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:01 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 40394
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
status: 200
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 05f6bfcce40000c2c78838c000000001
last-modified: Thu, 08 Oct 2020 23:55:07 GMT
server: cloudflare
etag: W/"146c7-5b1318fce2e58"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 5e6b025af867c2c7-FRA
cf-bgj: minify

GET
H/1.1 200
OK b30affd.png
odga.me./_nuxt/img/ 4 KB
5 KB 876ms
876ms Image
image/png 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://odga.me./_nuxt/img/b30affd.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f261d4d2edc82ed95903ec71dee4f56f050c6c91556a92d5646c888e3c634f8

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=ZPfyXw==, md5=swr/125LpVlhAVDg71EvvA==
Date: Fri, 23 Oct 2020 11:10:02 GMT
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UzUDfmTk_IewSU36jgBQUiHTTkUfzEmHlLe6FUTorOYFwOTBMG0k0zCa642PNlI-z1wQx-oVIUIC6Mpi8AUOJTW2Sv6Yg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Type: image/png
Content-Length: 4008
cf-request-id: 05f6bfccce0000c303d4957000000001
Last-Modified: Mon, 19 Oct 2020 03:52:43 GMT
Server: cloudflare
ETag: "b30affd76e4ba559610150e0ef512fbc"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451402"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079563060232
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 4008
Accept-Ranges: bytes
CF-RAY: 5e6b025aeed0c303-FRA
Expires: Fri, 23 Oct 2020 12:10:01 GMT

GET
H/1.1 200
OK list.json Show response
odga.me./data/ 58 KB
10 KB 873ms
873ms XHR
application/json 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./data/list.json
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/0b4d0fc8227d1f66ec5e.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9d2c776341ad61e5dd232ce16112d6adc64247456322c1b674a95d56a6a3fb

Request headers

Accept: application/json, text/plain, */*
Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=uVtMEQ==, md5=JV+vvPwlbCU3sEBbJMCyrg==
Date: Fri, 23 Oct 2020 11:10:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UwAn72dI4qMiHAIYqi8Wsl4szpU4vcVnwrbElvMbwpPfyqmAsdB0AF_AbTHby-T3GaW7SvWF4KpAW4w55MbQlc
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 8847
cf-request-id: 05f6bfcce0000005cc7094f000000001
Last-Modified: Mon, 19 Oct 2020 03:52:43 GMT
Server: cloudflare
ETag: "255fafbcfc256c2537b0405b24c0b2ae"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1603451402"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079563132289
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 8847
Accept-Ranges: bytes
CF-RAY: 5e6b025afbcf05cc-FRA
Expires: Fri, 23 Oct 2020 12:10:01 GMT

GET
H/1.1 200
OK list.json Show response
odga.me./data/ 58 KB
10 KB 575ms
575ms XHR
application/json 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./data/list.json
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/0b4d0fc8227d1f66ec5e.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9d2c776341ad61e5dd232ce16112d6adc64247456322c1b674a95d56a6a3fb

Request headers

Accept: application/json, text/plain, */*
Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=uVtMEQ==, md5=JV+vvPwlbCU3sEBbJMCyrg==
Date: Fri, 23 Oct 2020 11:10:02 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UyCGbqFPPvwLikpAV3dok0mL3pz6jjCBr9AXar-QqOUctC76B8HTBdq7urymEeW0hwfM58N7BVgSHsuWpvofEb6Z_AmnQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 8847
cf-request-id: 05f6bfcce20000bf1426343000000001
Last-Modified: Mon, 19 Oct 2020 03:52:43 GMT
Server: cloudflare
ETag: "255fafbcfc256c2537b0405b24c0b2ae"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=e0cZIFL1%2FsgA44wvovAbvb60ZTxNmHwnCdvrifsjYAQvfHCPyHC4G0rpwzluIAzhT%2B4bslSeApSNDtCYT9BgCtURPw6Gsj7WGo1d1snrp%2BiV1Wo9MA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079563132289
Cache-Control: public, max-age=3600
x-goog-stored-content-length: 8847
Accept-Ranges: bytes
CF-RAY: 5e6b025b09f8bf14-FRA
Expires: Fri, 23 Oct 2020 12:10:01 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 100 KB
15 KB 873ms
872ms XHR
text/plain 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4179080747389734&correlator=547038233528743&output=ldjh&impl=fifs&adsid=NT&eid=21067119%2C21064169%2C21067753%2C21068030%2C21067494&vrg=2020101901&guci=1.2.0.0.2.2.0.0&sc=0&sfv=1-0-37&ecs=20201023&iu_parts=114727985%2Codmediagroup.com%2COdgamebox.com_300x250_01_self%2COdgamebox.com_300x250_02_self&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3&prev_iu_szs=300x250%2C300x250&cust_params=URL%3Dhttp%253A%252F%252Fhk.odgamebox.com%252F&cookie_enabled=1&bc=23&abxe=1&lmt=1603079561&dt=1603451401441&dlt=1603451399953&idt=294&frm=20&biw=1600&bih=1200&oid=3&adxs=650%2C650&adys=89%2C467&adks=3028240730%2C1802995339&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fodga.me.%2F&dssz=32&icsg=171944179967&std=0&vis=1&scr_x=0&scr_y=0&psz=700x267%7C700x267&msz=300x266%7C300x266&ga_vid=1108126005.1603451400&ga_sid=1603451400&ga_hid=232044186&fws=4%2C4&ohw=1600%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s12-in-f34.1e100.net

Software

cafe /

Resource Hash

529022faed21cbe36e3feadc72b4318af940e20542977a115695dab791de5892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15131
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://odga.me.
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7b40fff237fdc297f14cf078da389628.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 60ms
19ms Other
text/html 2a00:1450:400c:c09::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7b40fff237fdc297f14cf078da389628.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::84 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 128x128.png
cdn.marketjs.net/games/escape-from-aztec/localization/en/media/graphics/promo/icons/ 4 KB
4 KB 141ms
112ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/escape-from-aztec/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc0c87755b5d764f5967162554f41322f60fedda40806c4e77eba2c559c6540

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 2d469870f5a756385a1eb37325629a1f.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 3670
cf-request-id: 05f6bfd0230000176e47201000000001
last-modified: Fri, 22 Sep 2017 18:14:04 GMT
server: cloudflare
etag: "caa0c2b8cf0ba26a9630ed42d1c90067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FfiJy8%2BtdFgr8S1bdf72SVH75eH98xaAgovqSIo%2FZeZ2G8cLv0QsIDU7XhE%2FMCYmIJD3X6bIjm0TI%2FbMGlMkwuMED8WJrx0pajkbUmkGfLbCH9H8fVT93EjI9xZ7"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b0260396f176e-FRA
x-amz-cf-id: XpobG5DwxD9qfVMXzgUqE8sFi9t1UXQ5mQBlDsHpqd7ID80WQa-Mfg==

GET
H/1.1 200
OK 9489556d24b9908276a9.js Show response
odga.me./_nuxt/ 21 KB
8 KB 656ms
655ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/9489556d24b9908276a9.js
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/44a8dd753ac2d7d4c767.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7725af00ca47ca6f4677e469f84a201e285221af5cfcf762a015c632a9f2eb51

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=PGpQHA==, md5=kNMY0iWPDCV3CtEXXq0Jeg==
Date: Fri, 23 Oct 2020 11:10:02 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UwS_slPSXuZWr3myqVg3B9ifnN9Aj6UEzl6jEBzQbVbErtr42iv5madvOxzW6qLrYIuICD0PhBJOC6FuN3UpQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 7038
cf-request-id: 05f6bfd0190000bf14dd9f0000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "90d318d2258f0c25770ad1175ead097a"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=z8ZQVLyjyKZuuKiDH%2Flq2dJ6N3PsbJG81i9y5naAQjgHh%2Bq4R%2F5SCua7jT0o8nrFa5hstEOga3lpWinT86xn4Z85w1O0PxUt12aSvyT%2BDZMYkf5JKg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562126137
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 7038
Accept-Ranges: bytes
CF-RAY: 5e6b02602ceabf14-FRA
Expires: Fri, 23 Oct 2020 12:10:02 GMT

GET
H/1.1 200
OK 99e440a4e2130debd7e1.js Show response
odga.me./_nuxt/ 23 KB
8 KB 864ms
863ms Script
application/javascript 2606:4700:3035::681c:1e24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://odga.me./_nuxt/99e440a4e2130debd7e1.js
Requested by: Host: odga.me.
URL: http://odga.me./_nuxt/44a8dd753ac2d7d4c767.js
Protocol: HTTP/1.1
Server: 2606:4700:3035::681c:1e24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4839f633298f2690e3817eb9030325482dc333ed4b2105ed79672f97e0ecf4

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=r+T4NQ==, md5=iev91js3iQr0qHeHe56e8A==
Date: Fri, 23 Oct 2020 11:10:03 GMT
Content-Encoding: gzip
CF-Cache-Status: MISS
NEL: {"report_to":"cf-nel","max_age":604800}
X-GUploader-UploadID: ABg5-UwcquUxJfkbcv5ZjJo5tp_R--N-JFcWwjqSS7HydyY3qBT1VicULupxKzKQmBpaXkGXqtI2YF0tcRULZsxS-5yUq1Ft8g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 7098
cf-request-id: 05f6bfd0180000dfdff91dd000000001
Last-Modified: Mon, 19 Oct 2020 03:52:42 GMT
Server: cloudflare
ETag: "89ebfdd63b37890af4a877877b9e9ef0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=H539GerGNp1%2B1N%2BoUfIX60gdmzUP9b9h3GuTxOaWVoa4PKhZpp4hT5m6hbqIE%2FyZEIdyDKYQ54R25q6mh5bdEhXadPT1bddnE%2B37MpNdDnk2gfzSqw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1603079562132711
Cache-Control: public, max-age=14400
x-goog-stored-content-length: 7098
Accept-Ranges: bytes
CF-RAY: 5e6b02602fb4dfdf-FRA
Expires: Fri, 23 Oct 2020 12:10:02 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032010200130000/ Frame 8211 204 KB
56 KB 33ms
5ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f82deb937ea24f4c8da63d99b72f793c0c9629b5658f1a8f240444e02f2aee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56823
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2d9f0b71c42b98cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 8211 14 KB
5 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 8211 96 KB
29 KB 44ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 8211 4 KB
2 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 200470
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 03:28:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 03:28:52 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 8211 45 KB
14 KB 41ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8211 7 KB
833 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 10:04:38 GMT
server: ESF
date: Fri, 23 Oct 2020 11:10:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Oct 2020 11:10:02 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/725943358254240732/ Frame 8211 55 KB
55 KB 32ms
16ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/725943358254240732/2076313506083323656

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51369bf755571ff3624ff4da7f62f218a55d7eea3e62352c95c04ccaf534c24e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 03:52:07 GMT
x-content-type-options: nosniff
age: 26275
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56003
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 14:40:48 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Oct 2021 03:52:07 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14447728421755608141/ Frame 8211 2 KB
3 KB 34ms
19ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14447728421755608141/downsize_200k_v1?w=300&h=300

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cc675124e67b60125947867eb0dbf8fe0adf77859804f83789bd4c186f6e6ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 21 Oct 2020 03:01:05 GMT
x-content-type-options: nosniff
age: 202137
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2550
x-xss-protection: 0
last-modified: Thu, 28 Nov 2019 17:51:29 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 03:01:05 GMT

GET
DATA 200
OK truncated
/ Frame 8211 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 661515cce0c9d6b11f139b8b5975fed15c0d1ffabb7aefd0ea58d9eca79c6817

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 8211 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f54d4295d44cd6c942385d12be0c8a77b5e635bba6dbfd6f53c31d1b7b7e697

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8211 2 KB
3 KB 24ms
13ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 64
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8211 295 B
388 B 26ms
13ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 45481
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Oct 2020 22:32:01 GMT

GET
H3-Q050

200

B23632513.273199220;dc_pre=CO-_g_rJyuwCFc_FuwgdwG8PqA;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/ Frame 8211
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B23632513.273199220;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B23632513.273199220;dc_pre=CO-_g_rJyuwCFc_FuwgdwG8PqA;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rd...

42 B
504 B

51ms
32ms

Image
image/gif

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B23632513.273199220;dc_pre=CO-_g_rJyuwCFc_FuwgdwG8PqA;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:02 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 302
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N5295.134426.GOOGLEDISPLAYNETWOR/B23632513.273199220;dc_pre=CO-_g_rJyuwCFc_FuwgdwG8PqA;dc_trk_aid=466483569;dc_trk_cid=127822063;ord=4180783104;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8211 0
0 20ms
19ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CvnI6CbqSX-KWHtaAjuwPxOOEKNjk5txf8Oq9vY0Mr4G649cCEAEg3MPuJmCV-vCBjAegAZPsu_cCyAEJ4AIAqAMByAMKqgTeAU_QKpB6xaYMwYP-EGkxjK1Dc5Nqe_2TxB0vWw2RzGh0dbDzF4ybVzYMqX-2keekhsnHGqflEhYeFyISE4yJ5MnNTE_ZmzS5nOQZDxy2Qc3lqzGRnVjXKaoI6jZyoZhoO-ank_QoPWNhEfX3cNGSkyqI33ZoDNUSGf2K5pY_zFjnfDsrUN6IE_GYnNvsVhUUs8ecGohAF2Q_smH6Il0jcy-JovHuePqEseuRCV8QrbrDpsC55hsfjjzwLz-DzYNO2fib9khmR2cADP-FTwpdsheRWItK697o-4fs8ertgMAEmOG-1ZAC4AQBkgUECAQYAZIFBAgFGASgBi6AB8X_oHOoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwUQve2JAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tOTYyMDA0MTk5MjEzMDkyOYAKA8gLAbIMFHB1Yi04OTc3MTA5NTUyNjA3MzYxwgwCCAHYEwKIFAGYFgE&sigh=J-jMkajDTYg&template_id=484&tpd=AGWhJmst_pGK062N2K0wpyVtVZCU9cpLiy-fmP2hW_V9HIMIPA
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/032010200130000/ Frame 2E0E 204 KB
56 KB 29ms
19ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3f82deb937ea24f4c8da63d99b72f793c0c9629b5658f1a8f240444e02f2aee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56823
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2d9f0b71c42b98cb"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 2E0E 14 KB
5 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5337
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "daa4412bcb5a8fd6"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 2E0E 96 KB
29 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29527
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f91dfcaf1b61c8c5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 2E0E 4 KB
2 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 200470
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1792
x-xss-protection: 0
server: sffe
date: Wed, 21 Oct 2020 03:28:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2c1d882225e4ba30"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Oct 2021 03:28:52 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/032010200130000/v0/ Frame 2E0E 45 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032010200130000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 224015
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14145
x-xss-protection: 0
server: sffe
date: Tue, 20 Oct 2020 20:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "88dc985411e715a7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Oct 2021 20:56:27 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 2E0E 7 KB
1 KB 39ms
22ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 23 Oct 2020 10:00:38 GMT
server: ESF
date: Fri, 23 Oct 2020 11:10:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 23 Oct 2020 11:10:02 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2E0E 2 KB
2 KB 12ms
11ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 64
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2E0E 295 B
319 B 12ms
11ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 45481
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 2076313506083323656
tpc.googlesyndication.com/simgad/17562954907998698654/ Frame 2E0E 12 KB
12 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17562954907998698654/2076313506083323656

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7fb76e8156ddc1aa4c4f6eb37634c9605b73f9f14d3a23435ce0f1d7a073a81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 09:20:31 GMT
x-content-type-options: nosniff
age: 352171
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12040
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 17:11:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Oct 2021 09:20:31 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4950302887712745140/ Frame 2E0E 7 KB
7 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4950302887712745140/downsize_200k_v1?w=300&h=300

Requested by

Host: odga.me.
URL: http://odga.me./

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a104ebac59566f50ff66646a451f7121233fb9ba0d232513fe5f054ee7802eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 22 Oct 2020 22:58:43 GMT
x-content-type-options: nosniff
age: 43879
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6781
x-xss-protection: 0
last-modified: Fri, 27 Mar 2020 17:11:00 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Oct 2021 22:58:43 GMT

GET
DATA 200
OK truncated
/ Frame 2E0E 218 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2E0E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2e929d3f4a4843bd071f42491b055dfce5dff094e723e8fc5bf8e848db60012

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2E0E 0
0 29ms
25ms Image
text/html 216.58.208.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C1jumCbqSX-OWHtaAjuwPxOOEKP_x7rFd-4vW9L8Lw4uo3pwOEAEg3MPuJmCV-vCBjAegAcvi4oQDyAEJ4AIAqAMByAMKqgThAU_Qy5F457s7RP92fEkLo6pncOQU3ZwYZnndE5wV47z-YQhVVLajnVOte64qC6upYGJktxatXhDtweVM45w9Vgo76eM3_XS9h2aL7Ptt4z0OIqyroBBAW-RJJHr4lLkn0Wnyoq8B7PS1b8_Eahp9N9AHS2Liv3WbI7ZZD6U-PaBbXZsedfX9wB4MqecxCmDd2ZxU74-QAcNmZpiW1JC29duYqmuxlpspH2z45Qc_QwqZCsl98eZVkpJJ15JTqLPocwF4c9qXfqbvYJCsX6rJ-C1Y_fCiVijX97PjbjXp_ATsNcAEgJ_myfsC4AQBkgUECAQYAZIFBAgFGASgBi6AB52dnXuoB47OG6gH1ckbqAeT2BuoB7oGqAfw2RuoB_LZG6gHpr4bqAfs1RvYBwDyBwQQgrkw0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi05NjIwMDQxOTkyMTMwOTI5gAoDyAsBsgwUcHViLTg5NzcxMDk1NTI2MDczNjHCDAIIAdgTAg&sigh=WZYdBRZG0os&template_id=484&tpd=AGWhJmvOAulvD-SNwGPhDRWgnYDmWY2j7Bk1X_YXyRdc9bk0Lg
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s12-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8211 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://odga.me.
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 20:01:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 313734
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 19 Oct 2021 20:01:08 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 8211 11 KB
11 KB 15ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://odga.me.
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 02:30:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 31192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 23 Oct 2021 02:30:10 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2E0E 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://odga.me.
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 19 Oct 2020 20:01:08 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 313734
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 19 Oct 2021 20:01:08 GMT

GET
H3-Q050 200 KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 2E0E 11 KB
11 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://odga.me.
Referer: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 02:30:10 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:52 GMT
server: sffe
age: 31192
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11180
x-xss-protection: 0
expires: Sat, 23 Oct 2021 02:30:10 GMT

GET
H2 200 128x128.png
cdn.marketjs.net/games/penalty-kick-game/localization/en/media/graphics/promo/icons/ 12 KB
13 KB 226ms
220ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/penalty-kick-game/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6b085e7f396e07e9d9f3541cc481e6bcfa645fd5975f9519f7658e49805ce01

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
status: 200
content-length: 12604
cf-request-id: 05f6bfd0e70000176e27a84000000001
last-modified: Sat, 10 Nov 2018 07:38:38 GMT
server: cloudflare
etag: "a3bfddc442c3f715cc77ec721f736ef5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=By%2FKpUdrnCSXW40P%2BA%2BQaUSXnc6VS59MxMURNIMvsOZbsVrYoLmfCDBeMmbWx0RV5k0v4wq3JQe9S3M0eNqqRY1swWYnp9NQcbcBipZ4FOrQQuUlKaUqqthyFn%2Bs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616be9176e-FRA
x-amz-cf-id: EKwLUB2tOhvyISjXwHKZgoXqkIE9DrHZrYXY_4Xrte3Szjw8RVn1aw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/feed-the-grandma/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 57ms
52ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/feed-the-grandma/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63df1849eebd7cfa2e52c94c3558229e580d4aff108961cfdc494a1a88828ebc

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 1b85b70d3076f639e39cb6d3bd427e80.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C3
x-cache: Miss from cloudfront
status: 200
content-length: 9072
cf-request-id: 05f6bfd0e50000176e5fb09000000001
last-modified: Tue, 06 Mar 2018 11:44:57 GMT
server: cloudflare
etag: "3b077259105aa33aa8f56c1d3977bb9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jzbwSkS9Wy1yJhDtOgGSRatdIkrMJ5%2BQu5H0%2BK2coaQesD8DNKrFkI07r9hmFjT1RY5pOGzynwlqAnrw6rOPtfuiy1wgXZ5zHnDWqvtOREPoFq5LAgWn8Qt0bVB1"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bed176e-FRA
x-amz-cf-id: RRrUpFidiwTYJL24p8QVO1bReALD9AFIs_8HJQ_B7AYSUpvq_RU_EQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/hogie-the-globehopper-adventure-puzzle/localization/en/media/graphics/promo/icons/ 6 KB
7 KB 68ms
63ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/hogie-the-globehopper-adventure-puzzle/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccfe8000ff4deac516c11ed594d66714eaad8644e7a06ba72d9ed227a9ebb79f

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 6c61cea6f371b1744d3b5315a0029062.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MXP64-C3
x-cache: Hit from cloudfront
status: 200
content-length: 6509
cf-request-id: 05f6bfd0e50000176e78214000000001
last-modified: Tue, 11 Jun 2019 17:58:51 GMT
server: cloudflare
etag: "5b9b1eea5a060b0be5218aceeddc12f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2B52AbdnLyiQklmiHrEXxkLqEoaQWWeL2psNVO23zIAnu%2B%2BtaBh9XZNX7Suqns%2BM9x%2FZOdIn80D0xBGtkZE9tdRu8lb7Fxy%2Bgzahja8hNDXSQkZLR71QgoIUXeVdZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bee176e-FRA
x-amz-cf-id: KVAOpBFL_LH9Bck9kFgCU3i3DJuHwagXwxvafkL3AJ206aArb9Mcbw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/kitten-bounce/localization/en/media/graphics/promo/icons/ 9 KB
10 KB 70ms
66ms Image
application/octet-stream 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/kitten-bounce/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cc45e8e7bb933831c32e9e161fb094b95fc13d06fc8609569820519a33fa113

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 23d92aa442d5ae9ed0313643d8764687.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA54
x-cache: Hit from cloudfront
status: 200
content-length: 9308
cf-request-id: 05f6bfd0e50000176e5624f000000001
last-modified: Sun, 12 Nov 2017 06:50:58 GMT
server: cloudflare
etag: "ea74e607e52d4024838a328762f14b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w662Jgh3SExdY2FemVeRZ%2Bls8J4Zwyh%2Bb1McxGQLeTK8K2AwtUCqSqUe1UMAFpYq4VUHbj0iNUuU6LG%2BGYrctsFXkQU5eZIEBVAzeg0umIJsTGnjzG5GQ2e0QYqh"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bef176e-FRA
x-amz-cf-id: lXyoEn5VT4JM2AFqWYvj5b30blIZdQ3u8HQkFSGsNBIM1uhVcPLaEg==

GET
H2 200 128x128.png
cdn.marketjs.net/games/word-finder/localization/en/media/graphics/promo/icons/ 10 KB
11 KB 70ms
66ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/word-finder/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0212545d020d3df95c056bf33e8d1a86f13ac13048b44667eef72365a72f8919

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 10203
cf-request-id: 05f6bfd0e60000176e27069000000001
last-modified: Thu, 02 Apr 2020 06:13:40 GMT
server: cloudflare
etag: "d40cc8e06bf705367b4923cce2a43fa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W2ksWHxSXHAbIANnMFF%2BlayUwSqZqP1TmRZlfgGTr6oVqxBjmBHgYlma9fJL8SORPr71bzG2Gxov%2F1gW4nsqTPBFR7wLjodLoIcM4DZH%2B6W%2BXETmqCYOZA%2BDs0N%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bf2176e-FRA
x-amz-cf-id: YvMDWKNuc7-YydgFHkzfDUBI-LSEeptt0giuty5Yf-yconj5cHuqtg==

GET
H2 200 128x128.png
cdn.marketjs.net/games/monsters-and-cake/localization/en/media/graphics/promo/icons/ 19 KB
19 KB 19ms
15ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/monsters-and-cake/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c36515cabe9d924ee1db2d90614e66df3c28333d354e5ea4269b4500c0de33

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 f7cdc3b68cccfc0698290f9c3be53118.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2943
x-cache: Hit from cloudfront
status: 200
content-length: 19057
cf-request-id: 05f6bfd0e60000176e7ead9000000001
last-modified: Tue, 07 Apr 2020 12:37:16 GMT
server: cloudflare
etag: "77dad185edaa9aab2a8b2a4367f1616a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=797ZMKIaNnxl5I1LNsdL3RWXGKve4Bbmyw5Q3%2FZLYTf%2BakJNKHU1d5JexpR%2FTSVNdfwuMVleJT6HsmecScpSjae9g5VPCRAa761A9rMjhgTtV0%2BB7sPay%2FqTYTs9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: MXP64-C3
accept-ranges: bytes
cf-ray: 5e6b02616bf3176e-FRA
x-amz-cf-id: UVcF-kK-uVfkwtb5IEOT28lPO7E1KgmJYNPhkdCgreeVzAGdhYXR6g==

GET
H2 200 128x128.png
cdn.marketjs.net/games/happy-hour/localization/en/media/graphics/promo/icons/ 6 KB
6 KB 126ms
122ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/happy-hour/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48a69c11c9ac775530ba968c7b24caaabd5a721b5b947e2744d687952ef0ebb1

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
status: 200
content-length: 5882
cf-request-id: 05f6bfd0e60000176e4cba5000000001
last-modified: Wed, 21 Aug 2019 11:51:37 GMT
server: cloudflare
etag: "045c508dced56550b07148f9adedd5f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=La1%2Fi5%2Bn7bP6Nr1ZlUBCOe1EeXbRQ%2BxgELWI%2BV28sjpn6Y2vSrur403CMsT28yVEoTGKtedyX1W1ncdA1n97E06knDwPxXJazj9Njh%2BTGpIMMN8demlVazUJuf0s"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bf5176e-FRA
x-amz-cf-id: qv1odajfQFtMV_3CyGO8jU7cGXEoFH3ih779YIcIaiYiR3I8pUefiw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/spidey-swing/localization/en/media/graphics/promo/icons/ 9 KB
9 KB 62ms
58ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/spidey-swing/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185f9ce7706fdb5bb1b050f71ab86eb2a048f5db0e8431ae713aeb84f9001c9f

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 47b2ce4c0cbd550c326fba9b552b2177.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 8940
cf-request-id: 05f6bfd0e70000176e750dc000000001
last-modified: Fri, 20 Mar 2020 08:46:09 GMT
server: cloudflare
etag: "7df5dcf2c932942df56774e0d4c2853c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g3VHO3Pn7JvS0JIBt15X6XF5F2n6Xf2bX14TgmFv8JdfoRORTWRKuhWU8Sxk67ufLf2z1cFR6WfbWc%2F54YuOQS6gWt6epfTwHTyowKwZVTOQx4IQPvpnEkYz9brF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bf7176e-FRA
x-amz-cf-id: gSX3mYzoLsSoG2Gc1n0FyRAmsw4t5cDtlqHV3Al9WsF1ZjkcdFbgWQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/monster-mahjong/localization/en/media/graphics/promo/icons/ 32 KB
32 KB 124ms
121ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/monster-mahjong/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a6e7ccdfa9942be5d0ce08e1753318a7ebbd5a722313fb5cbd4e59bcfc0b0ceb

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 32363
cf-request-id: 05f6bfd0ec0000176e5d1f3000000001
last-modified: Fri, 20 Mar 2020 08:09:51 GMT
server: cloudflare
etag: "b778dc5a7644e7ee7e6347f6aa2ea75b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Z3CsQnOQeduTPH1DGJyI05dCVGxDWwwK6bweK9s%2FCPQ%2FK7eGpnYtSrByvgUgjnPeaJ2mebELcQRmhaEU%2BPO%2F5oJOmGlMJVVZ738%2FLRNFIyahfvHreWxklr6dlNUN"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616bf8176e-FRA
x-amz-cf-id: TgbLJ13NNiIVCsRC-HEFoa5uJsU620qPc2jIpOVylUTJh66osoqXzw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/taxi-pickup/localization/en/media/graphics/promo/icons/ 15 KB
16 KB 85ms
82ms Image
application/octet-stream 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/taxi-pickup/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99f78060455ee67eebd99ed271aef7bc64d61d46aa31a51fe6fdab6192a75064

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
status: 200
content-length: 15542
cf-request-id: 05f6bfd0ec0000176e56250000000001
last-modified: Sun, 12 Nov 2017 07:02:38 GMT
server: cloudflare
etag: "504bb0bc8b399533854be9d0f030db62"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5fG%2B1tWpCU2m%2FgE%2BNaZFKXtOtGwk5b2e9wp6VcmROaPK8NL6plaWqQoeYK%2Bu5fGyVPQs%2F6GK2ji7b4waJ10ucS3KUF6Tmy%2FwLg0USG99iP%2FQ3bW3w718W2EiU692"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616c07176e-FRA
x-amz-cf-id: tyqNZv7VDdiZzNvhdfbh7iUks1dePjHl9e144M9U0pSoiVRzB7GtAA==

GET
H2 200 128x128.png
cdn.marketjs.net/games/hardest-game-on-earth/localization/en/media/graphics/promo/icons/ 22 KB
22 KB 25ms
22ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/hardest-game-on-earth/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e29d616a841bcbdba5191240a055054c50873f3e3d6f4a52d91f9ea88f02e610

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 15735b6dcadf5dbe5de1549729298caa.cloudfront.net (CloudFront)
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2475
x-cache: Miss from cloudfront
status: 200
content-length: 22527
cf-request-id: 05f6bfd0ed0000176e7a83b000000001
last-modified: Fri, 20 Mar 2020 07:57:52 GMT
server: cloudflare
etag: "d89f957240255b1b8811fd713d86c339"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NkIHdNt9NCbhL9w22jZB8uLBu2urtcBb6jS1JYmMZQbbwLwlJ0joo37QG%2BJv9KswfKWjhlYlyQAQ%2BFbVeGz3N%2BIp0nOvCC1P2d%2F9MbE1OxuLCyKBJGb9pLdOBrJZ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
x-amz-cf-pop: MXP64-C3
accept-ranges: bytes
cf-ray: 5e6b02616c08176e-FRA
x-amz-cf-id: vJ_y1kMGHC2AyuJEUCOWLuQby7hRz6r-h2vIb7o96EcLHdzVSBxKXA==

GET
H2 200 128x128.png
cdn.marketjs.net/games/flick-basketball/localization/en/media/graphics/promo/icons/ 6 KB
6 KB 94ms
91ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/flick-basketball/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb20d12d14cd28343fceff62f8aa61d12d89bbc328de840482b15490751e89a3

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 7ede51d8c775deaef83b54a3beafab3c.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 6101
cf-request-id: 05f6bfd0ed0000176e50272000000001
last-modified: Mon, 23 Mar 2020 09:13:37 GMT
server: cloudflare
etag: "8866df7d11e08ef8004505e7ec875bfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4CKK1IwxVOqpAjFUTcRJk36YxDoVLeR3vi7pK2jGfcrW7%2FSiRMIbUCt0NgnwtHFSKFKo%2B%2FPNWKacHD4f1Y0nI8aoxTjpXTtCEqsbwa2jn2X0YdM0GvLgD1E3cNF2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616c0a176e-FRA
x-amz-cf-id: fgEEVaklh9tRJwkodF6yZVoyAB8HMYhgTdYcrKw0b-oVoTVNWZ_ETQ==

GET
H2 200 128x128.png
cdn.marketjs.net/games/stickman-swing/localization/en/media/graphics/promo/icons/ 5 KB
6 KB 67ms
65ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/stickman-swing/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b96d507d1320b17b6117bcc916968dc8d697d30a12e8e34e828fa1dd687a0e34

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
status: 200
content-length: 5377
cf-request-id: 05f6bfd0ed0000176e47213000000001
last-modified: Fri, 31 May 2019 08:00:22 GMT
server: cloudflare
etag: "ce36417ca0deca3db6ed2f8cea7757d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JqaYeBvuX0J2ceiJQmsEY%2BBR1kTdJ%2B%2Fo0geEUOfvihC87HuY7uWtgQvZYO6ljMThf2FWgwF4VV8gT1lx6rD5XZkJ8gDGlbE2qrTW73OfCNH5RlcC3Kp0d%2FSoGtDD"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616c0c176e-FRA
x-amz-cf-id: KtnKD-CD579PJaSfWq4Zt0foWVzpMskupYNDcoHJ1yxPKkrINziYsw==

GET
H2 200 128x128.png
cdn.marketjs.net/games/married-to-a-prince/localization/en/media/graphics/promo/icons/ 10 KB
11 KB 105ms
103ms Image
image/png 2606:4700:3036::ac43:a96e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.marketjs.net/games/married-to-a-prince/localization/en/media/graphics/promo/icons/128x128.png
Requested by: Host: odga.me.
URL: http://odga.me./
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:a96e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 456067363d6dfce2026c2c0bb8f5e2c7ce0e98b1f2aee9c86e2fa3798360247d

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:02 GMT
via: 1.1 c4c822c878c22be90d0bb70ab49a395a.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: MUC50-C1
x-cache: Hit from cloudfront
status: 200
content-length: 10314
cf-request-id: 05f6bfd0ee0000176e96376000000001
last-modified: Tue, 31 Mar 2020 05:23:04 GMT
server: cloudflare
etag: "0237037784d7f6025c466960d278d73f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xf0yIDhAvhUs0p1NzE2K3pSxVlK8fkvETqqYgOTP3NCy2RI27gavzVY473X6lN4eXcnXDNB2VUSlxQrMfYGlcx9bsD6FspinKvsIINvApAp1zoqdY2JNUF5GMw3h"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 5e6b02616c0d176e-FRA
x-amz-cf-id: Qj_2xB5yjSrsCMelp-JwSaNQeILQMppKEttcSpimoCYXMkRghAQntQ==

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8211 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 64
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8211 295 B
319 B 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 45481
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2E0E 2 KB
2 KB 8ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 64
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 24 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2E0E 295 B
319 B 8ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 22 Oct 2020 22:32:01 GMT
x-content-type-options: nosniff
server: cafe
age: 45481
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 23 Oct 2020 22:32:01 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
25ms XHR
application/json 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201021&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

337d3f1a91e7c3b7fd3e12366b270a120aa1b2d0eedb0472dc73af78d74b3045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Oct 2020 11:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6422
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201021/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 23 Oct 2020 11:10:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601937181905197"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6302
x-xss-protection: 0
expires: Fri, 23 Oct 2020 11:10:03 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/218/ Frame C9DE 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/218/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/218/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://odga.me./
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://odga.me./

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Fri, 23 Oct 2020 10:50:22 GMT
expires: Sat, 23 Oct 2021 10:50:22 GMT
last-modified: Fri, 25 Sep 2020 19:26:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1181
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
110 B 16ms
15ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=218&t=2&li=gda_r20201021&jk=4179080747389734&bg=!EhGlETHNAAUZK2QAGVg0gUwVMFN8rQIAAABDUgAAAAoKAM1OzBAPZJLirAt-GHO93cpzn7AVqWFPhAeyu_IOcQkQnzrb7CxRA9_nvjawOeKUl1ilidxJVfhkh3P4K0awe0kRG9ZBRit7-Y-L-n1Q0GvM7LWGwbVi9CRg64SxQRmqUqsNTSs9eyCZnLshjjS4n1u4R6OeibVUTtHI709Vfo58UhLxQmdp1IskbiDivfHnwkpKr_0qeCeHFxuESqjURd48epbXmhrYao1yWfz6jGOjGDNDkwMSaFjrxhUYyDBsvkoGmSYBMOXFzbwLn61WmQGgMskYoNOvF6LHTasV6fAQbyY8tHcSCJpGL0qwRckYfEO71MAzM4Qnrmr6NMscrmQQjLXZ6YIQ_XRq8vxPSX9s8sVRWjtg6RlTirl3l9x1HJ2ig3Ww8t3VRu0BpoulnQawg-4uP8-Jm_qGLlADq0_jd4TuqMVNoS7sMWVK0xdWRF8WjGibe7BN_sAWg-qMN2z5aNt85yN9t_bUvuiqCIt0H2WDWHNZbiCf0qUYHvVoCnXC7vqbaHjDzKE7m-WsqhPBKANWFcY9arIwfPDQld8QTpaw_BFyUiHKM-95CVNcTISSd32KPQLMBHD5AC8N96kZS18ZNmnWt8XJ5NfOiwdEHzRoKBRm2V1XGvWAEdmn2zlu-6ggRKR5lRizUFakmadQZfA5-nN_G3bB3sG-pHtg63r8EgA4-F6JnMbAkRStkUIJSeYzN5d4Xk6dQvKQgs3SxQNYammhLyN1CXyQwIkkupxmb33dpsrg30KFGGnkSkT9ExzaQlBP6QO5sqnCGR6kJTXUWaJ5hFJXrO_ZKvFGJwYdwyYNMArGdRsDpR-24mw

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8211 42 B
70 B 47ms
46ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssD8EcGnePq7fCgWOF4HhNrOsPgwlbVTRlE1QKSNkFFxhjFk1fgtG-iSxXYBsOTto9jUaofD7eJ6lAs6riuXWqLZxneIuhmkkzSGWym6wCiQeJzm14upFlvJmzLgE-dFmeZYJJ0egZ67HNsF2thWkqD&sai=AMfl-YRqqeJnOShNwhPmr0zpRf6q2QMdnqVpCEto9kSIRoGc9AvYPa7z78qp25Cu7D_xmDo9CxkUmLgKNEtEJ7QnHic3-nT4bSM5AJh9OPeM3NOJZz0mQ8Jo_DJJsXM&sig=Cg0ArKJSzIHb78Wz1jbuEAE&cid=CAASF-RoqppXdIuD5-G5EmRxLpc_O_7YRcAv&id=ampim&o=650,88&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=115&tls=1115&g=100&h=100&tt=1115&r=v&avms=ampa&adk=3028240730

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://odga.me./
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Oct 2020 11:10:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 22:45:47	Name: IDE Value: AHWqTUnRKEnRv40EWNdUDs53gAUv2bicpCQyQ8aZX7i0dopHcmyJZ3gGUbcNc9pP
.odga.me./	1970-01-19 13:24:11	Name: _gat_clientTracker0 Value: 1
.odga.me./	1970-01-19 13:24:11	Name: _gat_UA-38246441-7 Value: 1
.odga.me./	1970-01-19 13:25:37	Name: _gid Value: GA1.3.43107134.1603451400
.odga.me./	1970-01-20 06:55:23	Name: _ga Value: GA1.3.1108126005.1603451400

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 4) Message: init custom ga
console-api	warning	URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js(Line 221) Message: AdSense head tag doesn't support data-n-head attribute.
console-api	log	(Line 2) Message: define block
console-api	log	(Line 1) Message: render block
console-api	log	URL: http://odga.me./_nuxt/87b058757107d97ec195.js(Line 1) Message: custom [object Object]
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: is client asyncData
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: getData 1603451401416
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: adLogic 1603451401417
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: this.$refs.homeSecond [object HTMLDivElement]
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: renderAds [object Object],[object Object]
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: define home block [object Object]
console-api	log	URL: http://odga.me./_nuxt/06c101c7c9bad8a3058c.js(Line 1) Message: getData 1603451401430
console-api	info	URL: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 http://odga.me./
console-api	info	URL: https://cdn.ampproject.org/rtv/032010200130000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010200130000 http://odga.me./

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7b40fff237fdc297f14cf078da389628.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
cdn.ampproject.org
cdn.marketjs.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imasdk.googleapis.com
odga.me.
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
static.addtoany.com
stats.g.doubleclick.net
tpc.googlesyndication.com
us2.centcount.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
142.250.74.198
216.58.208.34
2606:4700:10::6816:47c5
2606:4700:3033::681c:121f
2606:4700:3035::681c:1e24
2606:4700:3036::ac43:a96e
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:803::2004
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:814::2002
2a00:1450:4001:815::2002
2a00:1450:4001:816::2001
2a00:1450:4001:81b::200a
2a00:1450:4001:81f::2003
2a00:1450:4001:824::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c09::84
2a00:1450:400c:c0c::9d
0212545d020d3df95c056bf33e8d1a86f13ac13048b44667eef72365a72f8919
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0b9d2c776341ad61e5dd232ce16112d6adc64247456322c1b674a95d56a6a3fb
0cc45e8e7bb933831c32e9e161fb094b95fc13d06fc8609569820519a33fa113
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
116987e74e82d9e7a849b3f1af0ec3a4e32598f23157a9508e42fdddaaabd1cf
15ef3bdcf9b61756713a5d64761b0d8c7e04f2be45bc87701e725451b911fd6b
185f9ce7706fdb5bb1b050f71ab86eb2a048f5db0e8431ae713aeb84f9001c9f
23c36515cabe9d924ee1db2d90614e66df3c28333d354e5ea4269b4500c0de33
2b7b4256f6aa3b8b3f9dc277dcdf0b6badc82b0b01b7dc06718a189bbe4ed535
2b7e8ee7026c28c6af585571475a9e491974754d1cf1a174d4d0a4d779a32196
337d3f1a91e7c3b7fd3e12366b270a120aa1b2d0eedb0472dc73af78d74b3045
33aefdea266e6ae29c963fb377c573187febb0f335bbf7f5e58e46c414b23067
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3fc0c87755b5d764f5967162554f41322f60fedda40806c4e77eba2c559c6540
426706009141ad5502475bac13c268944bc54a6e772d44bf48f653f711d5915d
456067363d6dfce2026c2c0bb8f5e2c7ce0e98b1f2aee9c86e2fa3798360247d
4653687f2f0571ecaf6723d7743f92edf52159c03a8181763cb73031ad8a64bf
48a69c11c9ac775530ba968c7b24caaabd5a721b5b947e2744d687952ef0ebb1
51369bf755571ff3624ff4da7f62f218a55d7eea3e62352c95c04ccaf534c24e
529022faed21cbe36e3feadc72b4318af940e20542977a115695dab791de5892
5563c720385dce141b6ae5b86b2675711b4e676249d3cf67a872ccb361abe2a2
56ab8ebec18d69dbd457b16f30cb32ab13a1309ca2ff3d922dc15f5f83b0c8a3
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
63df1849eebd7cfa2e52c94c3558229e580d4aff108961cfdc494a1a88828ebc
661515cce0c9d6b11f139b8b5975fed15c0d1ffabb7aefd0ea58d9eca79c6817
6c856f691afe5052bf8c0732d931e96efbf4d02e731db63a320766daf3426bee
6f54d4295d44cd6c942385d12be0c8a77b5e635bba6dbfd6f53c31d1b7b7e697
7725af00ca47ca6f4677e469f84a201e285221af5cfcf762a015c632a9f2eb51
7b4839f633298f2690e3817eb9030325482dc333ed4b2105ed79672f97e0ecf4
7c5fe3078b5c30e800d7b3b55945df13af8107578351bc8187f614f1fa0eac7d
7d8865bb32d3ba618981090df05f9de09607c1f65764a7434016926de0a8fbcd
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8cc675124e67b60125947867eb0dbf8fe0adf77859804f83789bd4c186f6e6ea
92606bd38901e67d069f2ef883715b6e5ae07d72ae3bead3ad92346528374afc
99f78060455ee67eebd99ed271aef7bc64d61d46aa31a51fe6fdab6192a75064
9bbd49454237351594bd41e1a6194677be17eccc8ebce4eb60045e7d51ebcabc
9f261d4d2edc82ed95903ec71dee4f56f050c6c91556a92d5646c888e3c634f8
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a104ebac59566f50ff66646a451f7121233fb9ba0d232513fe5f054ee7802eac
a32b89473df6ced5953684278e431ae4a01141364fab23812960a0d69c5ab3ee
a6e7ccdfa9942be5d0ce08e1753318a7ebbd5a722313fb5cbd4e59bcfc0b0ceb
b93041c86419712e621598adda1d9749ce2855af2fd4d952873ef00905922730
b96d507d1320b17b6117bcc916968dc8d697d30a12e8e34e828fa1dd687a0e34
c799c0a055898234d3692565188b828d2d41b3056cf5bbd2584e729968829b72
cb20d12d14cd28343fceff62f8aa61d12d89bbc328de840482b15490751e89a3
ccfe8000ff4deac516c11ed594d66714eaad8644e7a06ba72d9ed227a9ebb79f
d0cbfb1ab0f94123834567e32df7ec74a1c210793f797368d41a4b4c2732d4a0
d2e929d3f4a4843bd071f42491b055dfce5dff094e723e8fc5bf8e848db60012
d7fb76e8156ddc1aa4c4f6eb37634c9605b73f9f14d3a23435ce0f1d7a073a81
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e070a6198ceb8b72b426505461f38a76c7460c9c75f7be1a3db7643d40c384e8
e29d616a841bcbdba5191240a055054c50873f3e3d6f4a52d91f9ea88f02e610
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c41077aafced98067ed5bad36d0518235b45963f432237d11d8b89c8d00873
ecc842aaaa39762b9742ea74c256fa520c6b1a33fec019ca68810bd380b868d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef313570c17f7edd6249161275d1c21b30d9749d3b5ab7da7d9370b05aa9f90e
f3f82deb937ea24f4c8da63d99b72f793c0c9629b5658f1a8f240444e02f2aee
f6b085e7f396e07e9d9f3541cc481e6bcfa645fd5975f9519f7658e49805ce01
f6c6a084d20419521fdd0a581b80e41c5d73aeafd60a0224e7776a6826060625
f6f304421d6090a8cab0903ac0eb2cb2b34a5fc98f7932f9119a28a61819cd67
fca1cecbb79ec1a111a8704840209211403a227b6d36818224dd490926077583

odga.me. Open in urlscan Pro 2606:4700:3035::681c:1e24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

87 Requests

84 %HTTPS

91 %IPv6

14 Domains

22 Subdomains

23 IPs

3 Countries

1327 kBTransfer

3566 kBSize

5 Cookies

2 Outgoing links

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

odga.me. Open in urlscan Pro
2606:4700:3035::681c:1e24 Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

84 %
HTTPS

91 %
IPv6

14
Domains

22
Subdomains

23
IPs

3
Countries

1327 kB
Transfer

3566 kB
Size

5
Cookies

87 HTTP transactions
5 data transactions