urlscan.io logo urlscan.io
SecurityTrails logo

morningrainblock07.cezmal.workers.dev Open in urlscan Pro
104.21.96.1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://morningrainblock07.cezmal.workers.dev/
Effective URL: https://morningrainblock07.cezmal.workers.dev/
Submission: On January 09 via api from US — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 8 countries across 33 domains to perform 155 HTTP transactions. The main IP is 104.21.96.1, located in and belongs to CLOUDFLARENET, US. The main domain is morningrainblock07.cezmal.workers.dev.
TLS certificate: Issued by WE1 on November 30th 2024. Valid for: 3 months.
This is the only time morningrainblock07.cezmal.workers.dev was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
9 104.21.96.1 13335 (CLOUDFLAR...)
1 2600:1415:3c0... 20940 (AKAMAI-AS...)
20 2a04:4e42:600... 54113 (FASTLY)
1 2600:9000:221... 16509 (AMAZON-02)
2 108.158.12.153 16509 (AMAZON-02)
2 2404:6800:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 2406:2600:7:1... 55569 (CRITEO-AS...)
2 182.161.73.136 55569 (CRITEO-AS...)
2 141.95.33.120 16276 (OVH OVH SAS)
1 34.238.92.28 14618 (AMAZON-AES)
36 142.251.221.66 15169 (GOOGLE)
1 54.236.128.166 14618 (AMAZON-AES)
1 23.48.247.235 20940 (AKAMAI-AS...)
1 2 3.105.148.211 16509 (AMAZON-02)
3 2600:9000:277... 16509 (AMAZON-02)
2 4 18.67.93.123 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 54.225.224.75 14618 (AMAZON-AES)
2 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 142.251.221.67 15169 (GOOGLE)
1 18.67.93.103 16509 (AMAZON-02)
1 54.66.83.57 16509 (AMAZON-02)
8 9 54.68.98.107 16509 (AMAZON-02)
1 107.23.230.104 14618 (AMAZON-AES)
1 162.19.138.83 16276 (OVH OVH SAS)
10 52.221.158.172 16509 (AMAZON-02)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2406:2600:7:1... 55569 (CRITEO-AS...)
1 35.186.253.211 15169 (GOOGLE)
2 3 104.254.151.36 29990 (ASN-APPNEX)
1 207.65.33.78 62713 (AS-PUBMATIC)
5 13.250.54.29 16509 (AMAZON-02)
5 2602:803:c006... 26667 (RUBICONPR...)
1 104.18.26.193 13335 (CLOUDFLAR...)
1 2600:9000:277... 16509 (AMAZON-02)
1 1 142.250.66.194 15169 (GOOGLE)
1 1 18.67.110.38 16509 (AMAZON-02)
1 1 15.197.193.217 16509 (AMAZON-02)
2 2 35.79.218.36 16509 (AMAZON-02)
1 1 18.232.18.89 14618 (AMAZON-AES)
2 2 13.237.11.119 16509 (AMAZON-02)
1 34.229.3.43 14618 (AMAZON-AES)
1 2404:6800:400... 15169 (GOOGLE)
2 2406:2600:7:1... 55569 (CRITEO-AS...)
15 2404:6800:400... 15169 (GOOGLE)
1 23.221.132.242 16625 (AKAMAI-AS)
1 2 35.244.159.8 396982 (GOOGLE-CL...)
1 23.50.217.157 20940 (AKAMAI-AS...)
1 104.18.25.18 13335 (CLOUDFLAR...)
1 23.46.179.27 20940 (AKAMAI-AS...)
155 47
9    104.21.96.1 (None, )

ASN13335 (CLOUDFLARENET, US)
morningrainblock07.cezmal.workers.dev
1    2600:1415:3c00::17d6:589a (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
cdn.ziffstatic.com
20    2a04:4e42:600::731 (United States)

ASN54113 (FASTLY, US)
b.cdnst.net
1    2600:9000:2215:a400:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    108.158.12.153 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-12-153.syd62.r.cloudfront.net
c.amazon-adsystem.com
2    2404:6800:4006:810::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700::6811:1fae (United States)

ASN13335 (CLOUDFLARENET, US)
diffuser-cdn.app-us1.com
prism.app-us1.com
2    2406:2600:7:100::9 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
2    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
mug.criteo.com
2    141.95.33.120 (Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns3203256.ip-141-95-33.eu
id5-sync.com
1    34.238.92.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-92-28.compute-1.amazonaws.com
idx.liadm.com
36    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
1    54.236.128.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-128-166.compute-1.amazonaws.com
i.liadm.com
1    23.48.247.235 (United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-48-247-235.deploy.static.akamaitechnologies.com
cdn.static.zdbb.net
2    3.105.148.211 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-105-148-211.ap-southeast-2.compute.amazonaws.com
secure-us.imrworldwide.com
3    2600:9000:277c:6200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
4    18.67.93.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-123.syd62.r.cloudfront.net
sb.scorecardresearch.com
1    2600:1f18:730:b120:136b:414c:557b:5fda (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    54.225.224.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-224-75.compute-1.amazonaws.com
rp4.liadm.com
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2404:6800:4003:c1c::9c (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4006:814::2002 (Sydney, Australia)

ASN15169 (GOOGLE, US)
td.doubleclick.net
1    142.251.221.67 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
www.google.co.nz
1    18.67.93.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-103.syd62.r.cloudfront.net
bee.imrworldwide.com
1    54.66.83.57 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-83-57.ap-southeast-2.compute.amazonaws.com
secure-us.imrworldwide.com
9    54.68.98.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-68-98-107.us-west-2.compute.amazonaws.com
zdbb.net
1    107.23.230.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-230-104.compute-1.amazonaws.com
gurgle.zdbb.net
1    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH OVH SAS, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
10    52.221.158.172 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
1    2406:2600:7:100::1b (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    104.254.151.36 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
5    13.250.54.29 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-54-29.ap-southeast-1.compute.amazonaws.com
btlr.sharethrough.com
5    2602:803:c006:158::65 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    104.18.26.193 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    2600:9000:277c:3c00:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-gl.imrworldwide.com
1    142.250.66.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net
cm.g.doubleclick.net
1    18.67.110.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-110-38.syd62.r.cloudfront.net
aa.agkn.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    35.79.218.36 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-79-218-36.ap-northeast-1.compute.amazonaws.com
match.prod.bidr.io
1    18.232.18.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-18-89.compute-1.amazonaws.com
dpm.demdex.net
2    13.237.11.119 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-237-11-119.ap-southeast-2.compute.amazonaws.com
ps.eyeota.net
1    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadus.exelator.com
1    2404:6800:4006:811::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com
2    2406:2600:7:100::1 (Japan)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
15    2404:6800:4006:809::2001 (Sydney, Australia)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    23.221.132.242 (Rehovot, Israel)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-132-242.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ookla-d.openx.net
1    23.50.217.157 (Kuala Lumpur, Malaysia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-50-217-157.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.18.25.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
1    23.46.179.27 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-46-179-27.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
36 googlesyndication.com
5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
233 KB
20 cdnst.net
b.cdnst.net — Cisco Umbrella Rank: 52827
1 MB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
cm.g.doubleclick.net — Cisco Umbrella Rank: 284
241 KB
11 zdbb.net
cdn.static.zdbb.net — Cisco Umbrella Rank: 16080
zdbb.net — Cisco Umbrella Rank: 11534
gurgle.zdbb.net — Cisco Umbrella Rank: 19058
jogger.zdbb.net Failed
51 KB
10 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 2777
2 KB
9 workers.dev
morningrainblock07.cezmal.workers.dev
365 KB
8 imrworldwide.com
secure-us.imrworldwide.com — Cisco Umbrella Rank: 2641
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 4102
bee.imrworldwide.com — Cisco Umbrella Rank: 62656
68 KB
6 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 505
eus.rubiconproject.com — Cisco Umbrella Rank: 616
4 KB
5 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 985
2 KB
5 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 450
mug.criteo.com — Cisco Umbrella Rank: 3746
bidder.criteo.com — Cisco Umbrella Rank: 949
2 KB
5 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 3229
idx.liadm.com — Cisco Umbrella Rank: 1368
i.liadm.com — Cisco Umbrella Rank: 572
rp.liadm.com — Cisco Umbrella Rank: 966
rp4.liadm.com — Cisco Umbrella Rank: 5689
48 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 281
secure.adnxs.com — Cisco Umbrella Rank: 495
acdn.adnxs.com — Cisco Umbrella Rank: 643
3 KB
4 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 186
7 KB
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 552
ookla-d.openx.net — Cisco Umbrella Rank: 73022
707 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 793
31 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1141
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 615
1 KB
2 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 494
ads.pubmatic.com — Cisco Umbrella Rank: 570
129 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 142
www.google.com Failed
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 533
2 KB
2 app-us1.com
diffuser-cdn.app-us1.com — Cisco Umbrella Rank: 9072
prism.app-us1.com — Cisco Umbrella Rank: 9104
8 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
223 KB
2 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 347
89 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 698
1 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 2122
324 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 262
678 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 377
659 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 550
684 B
1 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 496
707 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1005
572 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 946
320 B
1 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 41106
63 B
1 ziffstatic.com
cdn.ziffstatic.com — Cisco Umbrella Rank: 16598
23 KB
155 33
Domain Requested by
20 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
20 b.cdnst.net morningrainblock07.cezmal.workers.dev
16 securepubads.g.doubleclick.net b.cdnst.net
securepubads.g.doubleclick.net
morningrainblock07.cezmal.workers.dev
pagead2.googlesyndication.com
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
10 c2shb.pubgw.yahoo.com b.cdnst.net
9 zdbb.net 8 redirects cdn.static.zdbb.net
9 morningrainblock07.cezmal.workers.dev morningrainblock07.cezmal.workers.dev
b.cdnst.net
5 fastlane.rubiconproject.com b.cdnst.net
5 btlr.sharethrough.com b.cdnst.net
4 sb.scorecardresearch.com 2 redirects morningrainblock07.cezmal.workers.dev
4 cdn-gl.imrworldwide.com morningrainblock07.cezmal.workers.dev
secure-us.imrworldwide.com
cdn-gl.imrworldwide.com
3 secure-us.imrworldwide.com 1 redirects secure-us.imrworldwide.com
morningrainblock07.cezmal.workers.dev
2 ookla-d.openx.net 1 redirects b.cdnst.net
2 static.criteo.net b.cdnst.net
static.criteo.net
2 secure.adnxs.com 2 redirects
2 ps.eyeota.net 2 redirects
2 match.prod.bidr.io 2 redirects
2 analytics.google.com www.googletagmanager.com
2 id5-sync.com b.cdnst.net
2 mug.criteo.com morningrainblock07.cezmal.workers.dev
2 gum.criteo.com 1 redirects
2 www.googletagmanager.com morningrainblock07.cezmal.workers.dev
www.googletagmanager.com
2 c.amazon-adsystem.com b.cdnst.net
c.amazon-adsystem.com
1 acdn.adnxs.com b.cdnst.net
1 js-sec.indexww.com b.cdnst.net
1 eus.rubiconproject.com b.cdnst.net
1 ads.pubmatic.com b.cdnst.net
1 5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 loadus.exelator.com morningrainblock07.cezmal.workers.dev
1 dpm.demdex.net 1 redirects
1 match.adsrvr.org 1 redirects
1 aa.agkn.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 htlb.casalemedia.com b.cdnst.net
1 hbopenbid.pubmatic.com b.cdnst.net
1 ib.adnxs.com b.cdnst.net
1 rtb.openx.net b.cdnst.net
1 bidder.criteo.com b.cdnst.net
1 prebid.media.net b.cdnst.net
1 lb.eu-1-id5-sync.com b.cdnst.net
1 gurgle.zdbb.net cdn.static.zdbb.net
1 bee.imrworldwide.com secure-us.imrworldwide.com
1 www.google.co.nz morningrainblock07.cezmal.workers.dev
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 rp4.liadm.com morningrainblock07.cezmal.workers.dev
1 rp.liadm.com 1 redirects
1 cdn.static.zdbb.net www.googletagmanager.com
1 i.liadm.com b-code.liadm.com
1 idx.liadm.com b.cdnst.net
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 diffuser-cdn.app-us1.com morningrainblock07.cezmal.workers.dev
1 b-code.liadm.com morningrainblock07.cezmal.workers.dev
1 cdn.ziffstatic.com morningrainblock07.cezmal.workers.dev
0 jogger.zdbb.net Failed cdn.static.zdbb.net
0 www.google.com Failed securepubads.g.doubleclick.net
155 56
Subject Issuer Validity Valid
cezmal.workers.dev
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
www.ziffdavis.com
COMODO RSA Organization Validation Secure Server CA		 2024-07-01 -
2025-07-01		 a year crt.sh
*.speedtest.net
GlobalSign Atlas R3 DV TLS CA 2024 Q4		 2024-11-26 -
2025-12-28		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2024-10-31 -
2025-11-28		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M03		 2024-11-19 -
2025-12-18		 a year crt.sh
*.google-analytics.com
WR2		 2024-12-09 -
2025-03-03		 3 months crt.sh
diffuser-cdn.app-us1.com
WE1		 2024-12-30 -
2025-03-30		 3 months crt.sh
prism.app-us1.com
WE1		 2024-12-30 -
2025-03-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-12-03 -
2025-03-03		 3 months crt.sh
id5-sync.com
E6		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.doubleclick.net
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.google.co.nz
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
*.imrworldwide.com
GlobalSign RSA OV SSL CA 2018		 2024-01-02 -
2025-02-02		 a year crt.sh
zdbb.net
Amazon RSA 2048 M02		 2024-10-27 -
2025-11-25		 a year crt.sh
*.zdbb.net
Amazon RSA 2048 M02		 2025-01-03 -
2026-02-01		 a year crt.sh
eu-1-id5-sync.com
R11		 2024-11-11 -
2025-02-09		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2024-09-06 -
2025-03-05		 6 months crt.sh
prebid.media.net
WR3		 2024-12-02 -
2025-03-02		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2024-08-14 -
2025-08-18		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2024-02-14 -
2025-03-16		 a year crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-03-19 -
2025-04-19		 a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-07-15 -
2025-08-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-07-30 -
2025-04-03		 8 months crt.sh
casalemedia.com
E5		 2024-12-11 -
2025-03-11		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-11-29 -
2025-02-25		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-12-02 -
2025-02-24		 3 months crt.sh
indexww.com
WE1		 2024-11-30 -
2025-02-28		 3 months crt.sh
cdn.adnxs.com
R11		 2024-10-31 -
2025-01-29		 3 months crt.sh

This page contains 17 frames:

Primary Page: https://morningrainblock07.cezmal.workers.dev/
Frame ID: 736DBD6AFB6A813E0F4E356EB542D609
Requests: 87 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/b-01lr?duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&euns=0&s=&us_privacy=1YNY&version=v3.6.0&cd=.cezmal.workers.dev&pv=2205df05-3829-45c2-8bf1-68f4d1944759
Frame ID: E3CD712262413DAEB94E2C6A09E7C1BA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-KKLSRK6J1Z&gacid=1340808459.1736388992&gtm=45je5170v879908529z86359835za200zb6359835&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1510666288
Frame ID: 4DB8D42944025DE0F0BDB3468A65E3F8
Requests: 1 HTTP requests in this frame

Frame: https://secure-us.imrworldwide.com/storageframe.html
Frame ID: 1BC9F2BF4B2C5B0D5D66A8940698024E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: 322F4CBCAF459E31F8E6A9C2C574977D
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 200CBD47B3B51EAB29176E5D82F3C236
Requests: 1 HTTP requests in this frame

Frame: https://5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 29BF318F58995EB8C3176767E70EAC25
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSEJV4vyJLVDkkxEUhYopalfERJFyY9lm5RMBeCfhyHtAFOI3IS8flkjgURQ_VqaFBXjxLibG88vTT9n7JMrtAAGfmG45dKoa4fhrciyGuuBe-kplywkIH4o5Zcefk18xmTpNotgOt36TTa9lwpIzROz08G9Pkyi5S021ezyV8FnQJ52mniFcWPHeXd5o9Df9Xt7VS3tHwPyUxG_g44XeiUANHuiNyPKfeLSUvkhIYLBnPxdmMb5BB7rLP6m490z9rj1RQJEYAK9sJpUDVwBzLvCxBDk8q-J_tW1WEIJiswlbwqRJ9JSHPz-Bn3Orj9RYpelWjihj3Ndfx8NKwjUMFaC0ypws8JbufWbjnahLLOlKT14x8HCDTtMObxYOMWc0OrazsRMAVJkLjadvXZsUgqCWY0L8CeZZPuG8_OH7ij91YXW_5cVxxRXzlfYf1rjs3LE0jXSesrJ8kN6SaUA&sai=AMfl-YRYo07xqPjbnool4rpQsphze20RjpDCpfBF-mYunC_NJSHM2o9zNetCRFK02MVXRRsiYYaNTzevu2TJ47UPiEDGh8yHsI6p1e5F1CyLRE1B85PBG5BXLTWRCjvp&sig=Cg0ArKJSzOMR-y5URLyFEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: D36AA58D290ADC8665CF99EC53778C5D
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1HFHpeAFmE_T09Yj92NsS_q5yKyAs_i8fs_MhtwCB9m0X-9o0C5JHG6kHJAUKSALV9CGEOQfs4KYEKHeX2mw_uw-gWz9tL-AEFYmW-hnM7ar8ISGVT1OFyeWfxd-EXu3WRgtC5p0IPUfi9p4XTLP9FVanEg5pQBMqLp_0_5nx-0-WaxgyFQUIQQiZqBPFAsqBCRdiEP-kDsCJ27nYRQN0nekebxLRzGlUfmidUgeHntkfvWX8SOAJ6gx8et8-K_XgRMsyGbFc1hH4R-5mRqQJ9qNTUSdjdvW6vHBB0C8ukiOGYkO6AN-75figwOBL02tNVznvhURGPyE8tE1PnHGF4tsUinq6UOLqQc6yASpwplblWdRmhoecP1coa2rGZT1U8uy0o4H-ukXFOGyCFnaUfIHmRFYrkLBhbhwayiN4vwcuPdULP3fgGLgAznlze4TxYpbco2WTvUYJBz4S&sai=AMfl-YQaCf2731c-gZNKn2sU4-Eiqu1qIWjNJVjeOyG9AC4389sRQT3eyr1FAmp1V7w4hNsgGMSvJA9_EkNzkdPV9LJZS16VhHBHAQvLF_NU3WaDXrotxWPVoe3p5hwo&sig=Cg0ArKJSzL94-fWmF2jnEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 38E030403F9B5839CF2B4360FCC0BFF1
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa3ZEQQaR8zjvBqDs_cYcX2EFYH59_shYv4WbF4fvbrPMP10V4rLRhVb2vp1-nKd0UlGHArX42VA30ohjZA3bjZ56SrUHYftovew1tFxe50BDv07vPrmHrNlOVjaRIdzLyih7nMJ6wdlOvEwISMYv2nXPQnDtDk2rZHdF02vakPPutCnpUArh75EYR-auzBMTbcmanWqFhlgiOFR4TyWbCIWFnYnpWR9XIMP-h9M1glJKBtGoV4EoIqbDvpG9IN9VBZfOWG87hw9kZeoKiwSCH19F_XzPmXeo2_mGLcMFhaZf43gvEvZiAL5uyjdvauR85SeNrFCH0MDGrIsCiYjprYx5yVs8bYV7hDESz3-ozSUF4qwv5IdLbGxR_ukQ8yQVO3SXlmclLhBHN3HvHpVbfTZb_BDoHa4ZTiIK7tN87KtYJrHJvNPzq1KvKeTcErS4Voss2PVYrtAJl-m3jUbm1&sai=AMfl-YQe9k8LK5dle_fLmG4tHWbk75RWA9MOTtVlGxPNzZjE7ivQC4j1mh_LHajMvHsL1vclWPert6L5kwoz8TxNoT9twIT2YSfqG0S1yHZZXKpyApVqJ-5teiW8b0hv&sig=Cg0ArKJSzLWLILok6KkIEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E6851A5BA86D8C63290A06BDF3A7CE6A
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx2dNkotb89ud7BEaYns73iQFS4eRoXnW_nV9hDaVL4TYBLxpkYuYwAUJL75KHyUMQY6Ky8ixt64jVdSCGYctS4HSk_sQTDX6fVjtSDyXsuCQJzcyFKsU7_-IuwhdosVeCC3B4wBSZ3225_KETkIwjfJxRlTYfiUi9YZ-eIT5I9WblwqrY5skgsQwrkwbYBk_x1LZ1EFEJAmJOUPkFxfDJuTFFeyKFAL1CW-cFs0liS5zXyRrXXlw30bLNs70RCDb79XoIMyYPHLkdiQn35Pfyx2UQA6nxNjGiB3frdeWKEfuhoDmFcpO8XQ4emseyCe36i2_aeKqnkTNnsbkhpM29xEKbiI-Do4PPII0s0tp80t15piGQVBmhkqSZAOrTtgfp5GR7JdwqtHQw8ky_x_G44WmzWPlt8ltHNbcyCU1SnqhMJS-8OjzkJwcA0NXyte6SMm4kgI3CuUdJUdywgCpED0ip&sai=AMfl-YR0vpsdhq72NHZ4nFpe6897t7Qlt-TLzHImtkw_Zc8Y_XN3j0gyTDu4sCB-wJzw5KMi59qFrIbyglQ3mP19O8BxSDC1fvmLXKiHx2oI7tRNqs3DT9t_kXapUYpb&sig=Cg0ArKJSzIPsCZHWoxMNEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 830B1FE667591AA3ED12BA3800CD8AB6
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHKgM5rif4--T2qrSs7aIzbbq7NEY_j4d3eDyGGlOdofGxx94iBTbFTqZFTh76yP9e0bPOc1FoWa9uBIjmvcCEbsj2Ki7WoogWI6HBg05bFpa6DRzfwOxb5BjLI2ppfWORd4VfQy1pG9GZtH8CAGRz1u8zDfLbVmfuSQHndXsqg2NG5qqh7Vme0Wewm7Cg_1drxMx3F7rIbDiQjqDABl87ecQ4G0pygeW6sD3EFJu1DXkk1ZqbbsP6LP7YPnn3x9W9_PLDX1XWBMrNThvXmLfQPYhuiomGa8eSiaEj3hRIZ8XT30-CgIB0XJhi4hC4ciy08wA788JTESzVDiV_A2RIgnJMAWu-2GMDmnafCKDGIfH7IFxNR9zt62XbR1bq1NHeGj2hhqJF1x6wNiDHP3VSqzYk9JAIHHBk2zoKUQYs-iRKyCGD5E3mOOsSfV0LeZEXxA2F4wAEYFuJGSg4&sai=AMfl-YT-c1shiyUMKF85sukdh08kwS2boMsKqmFv6qis91o-FW5REwohWbzbqyME8Vu2BdKzZ6DhWcpTtPFDf_pY8UfY2NKYLreydjBBrDfDLZ2BjYVOiY0RT0FxyYue&sig=Cg0ArKJSzGyQk7yn0CfKEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: CA03B82F4C122CBB57B7738DB7A41BFE
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159017&us_privacy=1YNY
Frame ID: C435FA3CCFBCC53D9BDE8E5381296281
Requests: 1 HTTP requests in this frame

Frame: https://ookla-d.openx.net/w/1.0/pd?cc=1&us_privacy=1YNY
Frame ID: E53F8ABCD5EBC52147032825CA0C3DC6
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
Frame ID: AEC504619FB10E1589A62B2543DE2C12
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 57F9EDF9FC8D5945A5A8F7619FBDD600
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: AD3AC5CD7D95C5224BC32C2A30E1011C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Speedtest by Ookla - The Global Broadband Speed Test

Page URL History Show full URLs

  1. http://morningrainblock07.cezmal.workers.dev/ HTTP 307
    https://morningrainblock07.cezmal.workers.dev/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

155
Requests

92 %
HTTPS

32 %
IPv6

33
Domains

56
Subdomains

47
IPs

8
Countries

2814 kB
Transfer

9091 kB
Size

118
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://morningrainblock07.cezmal.workers.dev/ HTTP 307
    https://morningrainblock07.cezmal.workers.dev/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&domain=morningrainblock07.cezmal.workers.dev&cw=1&lsw=1&us_privacy=1YNY HTTP 302
  • https://mug.criteo.com/sid?cpp=Fwidm3w3NlEyWWFFOFBCZzh6Z2o1bmtRQmFYQ0NLMTNGQnl4V2JRQWVtMkNrNFN4Rzg0M29iY01zcXdOQ1JvRkp5dHZxbkVRRzZIVUZld0ErK2lzVmNnU0VKR3BNM0d4QlhiaHJkcXRraVA2U3AyNS9DM2lnMXRGbjJPZDZrcVN0Mko1bk43ZS90ZDJ1Snpwd3dEckd4dmE3WDFiczdSRG5ReFFsOXF6UW5IVmk1bG90SjhLTTIwT1plbVdBcXkwMFpoUzlSRDNHZlRId0tjd01ZREdxM0d5SHQ4ei9oY3NEV2tyYnJHVSt1UThXQm1zWWoyRGhuU3QrQWphY2dJeDl0V3lUeHhDWGxIeU9xdXlKeXkybUF0U2pRT0hkYjBiUEl4TE1sTStQenEzUHp6TT18&cppv=2
Request Chain 42
  • https://secure-us.imrworldwide.com/v60a.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60a.js
Request Chain 43
  • https://sb.scorecardresearch.com/cs/6036202/beacon.js HTTP 302
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Request Chain 45
  • https://rp.liadm.com/j?dtstmp=1736388991884&aid=b-01lr&se=e30&duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&tv=v3.6.0&pu=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.6.0&cd=.cezmal.workers.dev&c=PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNwZWVkdGVzdC5uZXQvIj48dGl0bGU-U3BlZWR0ZXN0IGJ5IE9va2xhIC0gVGhlIEdsb2JhbCBCcm9hZGJhbmQgU3BlZWQgVGVzdDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlVzZSBTcGVlZHRlc3Qgb24gYWxsIHlvdXIgZGV2aWNlcyB3aXRoIG91ciBmcmVlIGRlc2t0b3AgYW5kIG1vYmlsZSBhcHBzLiI-&pv=2205df05-3829-45c2-8bf1-68f4d1944759 HTTP 302
  • https://rp4.liadm.com/j?dtstmp=1736388991884&aid=b-01lr&se=e30&duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&tv=v3.6.0&pu=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.6.0&cd=.cezmal.workers.dev&c=PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNwZWVkdGVzdC5uZXQvIj48dGl0bGU-U3BlZWR0ZXN0IGJ5IE9va2xhIC0gVGhlIEdsb2JhbCBCcm9hZGJhbmQgU3BlZWQgVGVzdDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlVzZSBTcGVlZHRlc3Qgb24gYWxsIHlvdXIgZGV2aWNlcyB3aXRoIG91ciBmcmVlIGRlc2t0b3AgYW5kIG1vYmlsZSBhcHBzLiI-&pv=2205df05-3829-45c2-8bf1-68f4d1944759&i6=MjQwNDpmNzgwOjU6ZGVmOjpjMmU%3D&n3pc=true
Request Chain 49
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036202&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736388992215&ns_c=UTF-8&cs_cfg=1101110&c7=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736388992215&ns_c=UTF-8&cs_cfg=1101110&c7=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c9=
Request Chain 90
  • https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=13372642-d294-4213-8f5d-9a593f81d8c5&zd_session_id=1daedf0d-7990-421d-9268-61defcaf86ec&zd_location=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&evidon_consent=undefined&third_party_consent=&fu=true&ppid=4f87bd747a304ac28b4107cc1c30c198 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=ziffdavis_dmp&google_cm&google_hm=N2MyOTU2MGRjYTk3NDhjMDkzYjgyZDY3OGQ1MTBkYzc= HTTP 302
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?google_gid=CAESEBa7jR4udMlvW_oRUT6ZrUI&google_cver=1 HTTP 303
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302198 HTTP 302
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=neusbftgslopjfixorwbst&tpc=E8eUMsJA5sA4CDHQ5Yh9ZtPxLHhg95LMPqmISYjX2i0%3D HTTP 303
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pexu87e&ttd_tpi=1 HTTP 302
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=lk45j3o5TTDlkj35h3g4&tpc=4f9f0ad7-81a3-4e9f-a192-87dcea2747e1 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/spiceworks2?buyer_user_id=7c29560dca9748c093b82d678d510dc7 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/spiceworks2?buyer_user_id=7c29560dca9748c093b82d678d510dc7&_bee_ppp=1 HTTP 303
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=kh4u2bm23bbewk4h35&tpc=AAD8-U7O_mMAABZ22razcw HTTP 303
  • https://dpm.demdex.net/ibs:dpid=266306&dpuuid=7c29560dca9748c093b82d678d510dc7&redir=https%3A//zdbb.net/l/qI109lRAEeGCiBIxORcFRw/%3Ftp%3Daamipowqlssjirtmmlknrp%26tpc%3D%24%7BDD_UUID%7D HTTP 302
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=aamipowqlssjirtmmlknrp&tpc=66174511158387873862439176219720224954 HTTP 303
  • https://ps.eyeota.net/pixel?pid=mla6m40&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=mla6m40&t=gif HTTP 302
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=fc4awlrgeegcibixeyefrw&tpc=2wW6or91JKnT8rT6UkFpMOAJP37LImQcboY8Tvr02728 HTTP 303
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fzdbb.net%2Fl%2FqI109lRAEeGCiBIxORcFRw%2F%3Ftp%3Dalkjldfoiwelnflasadptv%26tpc%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fzdbb.net%252Fl%252FqI109lRAEeGCiBIxORcFRw%252F%253Ftp%253Dalkjldfoiwelnflasadptv%2526tpc%253D%2524UID HTTP 302
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=alkjldfoiwelnflasadptv&tpc=1909152627205155401 HTTP 303
  • https://loadus.exelator.com/load/?p=1141&g=2&j=0
Request Chain 153
  • https://ookla-d.openx.net/w/1.0/pd?us_privacy=1YNY HTTP 302
  • https://ookla-d.openx.net/w/1.0/pd?cc=1&us_privacy=1YNY

155 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
morningrainblock07.cezmal.workers.dev/
Redirect Chain
  • http://morningrainblock07.cezmal.workers.dev/
  • https://morningrainblock07.cezmal.workers.dev/
130 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
034f831963d30419cdac507a4c3a2a9ff950419fea6aee7eee1b400f69d696b9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8ff0ecf15c181c4d-AKL
content-encoding
zstd
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Thu, 09 Jan 2025 02:16:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WcMqB1ttD%2BSX8So4buAAubHur%2BU3vtNOiCNTIh6YUlRPt4TGV86tJPfpWyrZ1lW%2Bh8GXpG8gmfWQ4QFY%2FAYTlUPbfl40DToS%2BtLmwHYB4vnLjmw%2FfCUUqBhD2amQrjG3Sp2L1qhBYWKnzc7PurHeX9%2Bt8kjePnQn"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
x-frame-options
DENY

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://morningrainblock07.cezmal.workers.dev/
Non-Authoritative-Reason
HSTS
zdconsent.js
cdn.ziffstatic.com/jst/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ziffstatic.com/jst/zdconsent.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1415:3c00::17d6:589a Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
Software
/
Resource Hash
528d84fafc0378019f428a0aeadf3623f14c4c212d40d069e418322570b48f01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
max-age=2569
content-encoding
gzip
etag
"e047f10f0406a82d96394b99fcb7801c"
expires
Thu, 09 Jan 2025 02:59:20 GMT
accept-ranges
bytes
alt-svc
h3=":443"; ma=93600
content-length
23469
date
Thu, 09 Jan 2025 02:16:31 GMT
last-modified
Tue, 17 Dec 2024 16:50:25 GMT
content-type
application/javascript
vary
Accept-Encoding
Montserrat-VariableFont_wght-kern-latin.woff2
morningrainblock07.cezmal.workers.dev/s/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://morningrainblock07.cezmal.workers.dev/s/fonts/Montserrat-VariableFont_wght-kern-latin.woff2
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://morningrainblock07.cezmal.workers.dev
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
MISS
etag
W/"7184-193db782380"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ogXiB7BRUYMFPZStptnx9mx7eTYeXQ%2BkEjcYEiU1bjFLSHb7pOBIw2CZMKwp49T1spHmJthAC8yGFOrLNATJdiJg3LkIyypyhS%2BV7SrBnXeTsDQbM56MWXEcQLwEAG54wT82yOWdPqk6jtKhEk4mAz27iLZnZ45E"}],"group":"cf-nel","max_age":604800}
uber-trace-id
b0523aefa459182b:b0523aefa459182b:0:0
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
font/woff2
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 20:31:44 GMT
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff0ecf87c1d1c4d-AKL
accept-ranges
bytes
content-length
29060
content-language
en
server
cloudflare
gaugemono-regular-webfont.woff2
morningrainblock07.cezmal.workers.dev/s/fonts/ 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://morningrainblock07.cezmal.workers.dev/s/fonts/gaugemono-regular-webfont.woff2
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a00aa81f6ca32a692772c6a8bc908b62198154ce3eef1eeef346d80100b8e04
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://morningrainblock07.cezmal.workers.dev
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
MISS
etag
W/"1090-193db782380"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f5Zpe3DKj4aKNPJ64kT%2FAav28vm15GmJKRGnf%2B0mE2HMZdVTSN99fw6BEgFY7t8AZOYVaUp%2FvX4hMwajOC8r12nhP20iAJWjF7mVp4frcs7wNlwjYTOJtYzG4uaAgdb%2BIInAU5q3yDc5m6gTuQzsdN5a%2F%2B3hYq7A"}],"group":"cf-nel","max_age":604800}
uber-trace-id
833e71035e306cd1:833e71035e306cd1:0:0
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
font/woff2
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 20:31:44 GMT
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff0ecf87c1c1c4d-AKL
accept-ranges
bytes
content-length
4240
content-language
en
server
cloudflare
main.dafdfce1b9e948553f6be6fcd34da483.css
b.cdnst.net/styles/ 		148 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.cdnst.net/styles/main.dafdfce1b9e948553f6be6fcd34da483.css
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
098a547bed95eef83a2a0ffa76f1d9961f12d38bb8fd9e1080e2b4ba83353351
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"24f75-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
25091
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
prebid.8.31.0.min.js
b.cdnst.net/javascript/ 		374 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a10681e6824547e850f4de65c5b57cf60f2562bbc4d74eaba140f388aa259d0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"5d698-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
127641
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
amazon.js
b.cdnst.net/javascript/ 		551 B
406 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.cdnst.net/javascript/amazon.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"227-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
326
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
ad.js
b.cdnst.net/javascript/ads/ 		25 B
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.cdnst.net/javascript/ads/ad.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"19-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
45
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
b-01lr.min.js
b-code.liadm.com/ 		136 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/b-01lr.min.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2215:a400:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
960a7810fdc586df7185948813a1d4b04bef5bb569a3b5f7b47a778f1e3219dc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
41218
via
1.1 bc177ce25ddc555a7d303bc4d290a6ec.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
O-otpoc0sBMv2S1JsGKi0xso_4lw6Ac1ziMbkEdNBgKA6Yh-LSkp5A==
date
Wed, 08 Jan 2025 14:49:33 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P2
Montserrat-VariableFont_wght-hint-all.woff2
morningrainblock07.cezmal.workers.dev/s/fonts/ 		116 KB
117 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://morningrainblock07.cezmal.workers.dev/s/fonts/Montserrat-VariableFont_wght-hint-all.woff2
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4196d95ab415218fc8dce5037601f39e1824f2e57c6ebebf5557ddb3f11b537c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://morningrainblock07.cezmal.workers.dev
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
MISS
etag
W/"1cf60-193db782380"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IrniGPpWKtOfZO4Q83qEAQyYw1bgM%2B0lwzrSswjxo5ihsC41WKUOzSmluDc6FYS5VDk8S%2BFbCLiKwo177TihZ%2BOyUPxmOSbk54xab7sHfCjmUwYDq6NkLl94hZspLmIl%2BTgbIhaSPlFp24lo980%2FvJZz9cihCPdN"}],"group":"cf-nel","max_age":604800}
uber-trace-id
b29aed5452d8e10c:b29aed5452d8e10c:0:0
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
font/woff2
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 20:31:44 GMT
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff0ecf87c1f1c4d-AKL
accept-ranges
bytes
content-length
118624
content-language
en
server
cloudflare
Montserrat-Italic-VariableFont_wght-hint-all.woff2
morningrainblock07.cezmal.workers.dev/s/fonts/ 		120 KB
121 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://morningrainblock07.cezmal.workers.dev/s/fonts/Montserrat-Italic-VariableFont_wght-hint-all.woff2
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ff66387417489de93fa393db6d511581ea6c3b5c75d35190309be9cd916a9a7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://morningrainblock07.cezmal.workers.dev
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
MISS
etag
W/"1df34-193db782380"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iMLGxmdttkb81WU8r4VakzKtvOOKBTu0wcrxc0WwrpMLr8AwD0Bd2wQ73I6LUTWQS1D9m1LAaXDSdHVjZVYoX9LXWlQnEa%2FDNd3UfHP8ZSne5Hq8roq2ukW5v1ONBZrx4f4UwQwQz%2BKdc5mjTpaFoYuCxt33ZFcN"}],"group":"cf-nel","max_age":604800}
uber-trace-id
2ab54cba81f58b90:2ab54cba81f58b90:0:0
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:30 GMT
content-type
font/woff2
vary
Accept-Encoding
last-modified
Wed, 18 Dec 2024 20:31:44 GMT
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=60
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ff0ecf87c1e1c4d-AKL
accept-ranges
bytes
content-length
122676
content-language
en
server
cloudflare
apstag.js
c.amazon-adsystem.com/aax2/ 		347 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/amazon.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.12.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-12-153.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9c234a39335c68efa876173f1af885a07eb982fde169e3627c70956ba0088313

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

vary
Accept-Encoding
cache-control
max-age=3600
content-encoding
gzip
etag
W/"7e51aa38db51fceb0afb5b4671f303d3"
age
549
via
1.1 59304f445e251c540e46633ed3dd4f64.cloudfront.net (CloudFront), 1.1 237cbfb8cde372b8f33bda5565e9b52c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
uKk5BLRoDgeDGQyloEWldcRAcsnJ2YRHamUjPpdLRnNHU5_wHt81ug==
date
Thu, 09 Jan 2025 02:07:23 GMT
content-type
application/javascript
last-modified
Wed, 18 Dec 2024 21:58:04 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2, SYD62-P3
x-amz-server-side-encryption
AES256
gtm.js
www.googletagmanager.com/ 		280 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44f56b40b7478c6e011d8f633d2594e5f5163f3ba32b746f7c9198184585d048
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 09 Jan 2025 02:16:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 09 Jan 2025 00:19:22 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
92331
x-xss-protection
0
server
Google Tag Manager
diffuser.js
diffuser-cdn.app-us1.com/diffuser/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"234346615b452270c8ee1158258c83bb"
age
296
x-cache
Hit from cloudfront
x-amz-cf-id
Wzupph_zlLePu-SxJRrugSpbUASyzi41Qk57kzU9IVpUeXOUZVDwVA==
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
application/javascript
last-modified
Thu, 19 Sep 2024 15:47:53 GMT
vary
accept-encoding
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=300
via
1.1 e190215a8aab7f0b2933bef1d79d5658.cloudfront.net (CloudFront)
cf-ray
8ff0ecfa8ed3d9aa-AKL
x-amz-cf-pop
MEL51-P1
server
cloudflare
x-amz-server-side-encryption
AES256
speedtest-main.js
b.cdnst.net/javascript/ 		3 MB
959 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.cdnst.net/javascript/speedtest-main.js?v=1cb71b7e931348fb8bda0b249e8edfb3
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40c42fdb05ad3423f2c92adddbd52b35591625cf2cac7f71003ce72df8731c86
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"368cca-193db9ae9d8"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
981800
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 18 Dec 2024 21:09:43 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
/
prism.app-us1.com/ 		0
313 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prism.app-us1.com/?a=478502367&u=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:1fae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.29
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
no-cache, private
cf-cache-status
DYNAMIC
x-envoy-upstream-service-time
62
cf-ray
8ff0ecfb8f91d996-AKL
content-length
0
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
application/javascript
x-powered-by
PHP/8.1.29
server
cloudflare
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&domain=morningrainblock07.cezmal.workers.dev&cw=1&lsw=1&us_privacy=1YNY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::9 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://morningrainblock07.cezmal.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 09 Jan 2025 02:16:31 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
180166
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&domain=morningrainblock07.cezmal.workers.dev&cw=1&lsw=1&us_privacy=1YNY
  • https://mug.criteo.com/sid?cpp=Fwidm3w3NlEyWWFFOFBCZzh6Z2o1bmtRQmFYQ0NLMTNGQnl4V2JRQWVtMkNrNFN4Rzg0M29iY01zcXdOQ1JvRkp5dHZxbkVRRzZIVUZld0ErK2lzVmNnU0VKR3BNM0d4QlhiaHJkcXRraVA2U3AyNS9DM2lnMXRGbjJPZD...
364 B
954 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Fwidm3w3NlEyWWFFOFBCZzh6Z2o1bmtRQmFYQ0NLMTNGQnl4V2JRQWVtMkNrNFN4Rzg0M29iY01zcXdOQ1JvRkp5dHZxbkVRRzZIVUZld0ErK2lzVmNnU0VKR3BNM0d4QlhiaHJkcXRraVA2U3AyNS9DM2lnMXRGbjJPZDZrcVN0Mko1bk43ZS90ZDJ1Snpwd3dEckd4dmE3WDFiczdSRG5ReFFsOXF6UW5IVmk1bG90SjhLTTIwT1plbVdBcXkwMFpoUzlSRDNHZlRId0tjd01ZREdxM0d5SHQ4ei9oY3NEV2tyYnJHVSt1UThXQm1zWWoyRGhuU3QrQWphY2dJeDl0V3lUeHhDWGxIeU9xdXlKeXkybUF0U2pRT0hkYjBiUEl4TE1sTStQenEzUHp6TT18&cppv=2
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
bc19268eec3eefcab0d73c5e55fde322325236ec0a6da08af2da48d3afa2212f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
530674
expires
0
access-control-allow-origin
null
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=Fwidm3w3NlEyWWFFOFBCZzh6Z2o1bmtRQmFYQ0NLMTNGQnl4V2JRQWVtMkNrNFN4Rzg0M29iY01zcXdOQ1JvRkp5dHZxbkVRRzZIVUZld0ErK2lzVmNnU0VKR3BNM0d4QlhiaHJkcXRraVA2U3AyNS9DM2lnMXRGbjJPZDZrcVN0Mko1bk43ZS90ZDJ1Snpwd3dEckd4dmE3WDFiczdSRG5ReFFsOXF6UW5IVmk1bG90SjhLTTIwT1plbVdBcXkwMFpoUzlSRDNHZlRId0tjd01ZREdxM0d5SHQ4ei9oY3NEV2tyYnJHVSt1UThXQm1zWWoyRGhuU3QrQWphY2dJeDl0V3lUeHhDWGxIeU9xdXlKeXkybUF0U2pRT0hkYjBiUEl4TE1sTStQenEzUHp6TT18&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
223319
expires
0
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
0
date
Thu, 09 Jan 2025 02:16:32 GMT
server
Kestrel
prebid
id5-sync.com/api/config/ 		167 B
470 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
c8c53488bb9f95e6c21bc5ccadfeeb12c1c55ff1474ad8098323fbf0f9f130f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
78658
idx.liadm.com/idex/prebid/ 		0
386 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/prebid/78658?duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&us_privacy=1YNY&cd=.cezmal.workers.dev&resolve=nonId&resolve=uid2&resolve=bidswitch&resolve=medianet&resolve=magnite&resolve=pubmatic&resolve=index&resolve=openx&resolve=thetradedesk&resolve=sovrn
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.92.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-92-28.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
max-age=3599, private
trace-id
af04f32cd1376247
request-time
1
access-control-allow-credentials
true
expires
Thu, 09 Jan 2025 03:16:32 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
date
Thu, 09 Jan 2025 02:16:32 GMT
vary
Origin
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		106 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=1cb71b7e931348fb8bda0b249e8edfb3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e6ae535eb518c43725fe696276420b218482a64d86b64aa279343e9cdd842a85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
487 / 20097 / 31089501 / config-hash: 2786262764300291707
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33797
x-xss-protection
0
server
cafe
android-app-promo-1x.png
morningrainblock07.cezmal.workers.dev/images/ 		29 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://morningrainblock07.cezmal.workers.dev/images/android-app-promo-1x.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b2669736565cf357ad02fb29b5a1577dde4f0f6c8cb1044695bd70f1a5ce43d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
HIT
etag
W/"7349-193db9688c0"
age
47257
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CmcD9smh0xZEQd5IT8J6UgYxOPxR%2F8cXyDFM4sIH09FPMW8FMCrgcM5aw0id%2Fcb3FP15DOfH9xIx3z6MEzVw4CW6DWq7wAAcvwyFdFBu8IUjDVzjuc5ZIVYP4Ha3tDnxlgToICqepEdfAu4C%2FJrMlgSVTxkU6Kb7"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8ff0ecfe5c201c4d-AKL
accept-ranges
bytes
content-length
29513
server
cloudflare
gauge-gradient-dl-multi-web.png
b.cdnst.net/images/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/gauge-gradient-dl-multi-web.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
etag
W/"132c5-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
78533
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin
x-frame-options
DENY
gauge-gradient-ul-multi-web.png
b.cdnst.net/images/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/gauge-gradient-ul-multi-web.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
etag
W/"12248-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
74312
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin
x-frame-options
DENY
gauge-gradient-dl-single-web.png
b.cdnst.net/images/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/gauge-gradient-dl-single-web.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
etag
W/"f3d1-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
62417
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin
x-frame-options
DENY
gauge-gradient-ul-single-web.png
b.cdnst.net/images/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/gauge-gradient-ul-single-web.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
etag
W/"ff47-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
65351
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin
x-frame-options
DENY
dd-logo.svg
b.cdnst.net/images/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/dd-logo.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7b73d32b556ccfe32f67773b30233eba938da9bf578d96b3d09870a8e668733c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"1a90-193db9688c0"
accept-ranges
bytes
content-length
2533
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
banner-1.svg
b.cdnst.net/images/pd-banner/ 		857 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/pd-banner/banner-1.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bbac26dc8947882cecfb0a68faec3feff055ea9da308640d3dbf5be913a3c569
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"359-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
414
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
English_get-it-from-MS_InvariantCulture_Default.png
morningrainblock07.cezmal.workers.dev/images/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://morningrainblock07.cezmal.workers.dev/images/English_get-it-from-MS_InvariantCulture_Default.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
HIT
etag
W/"3879-193db9688c0"
age
37916
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDr5ulKgxVhUNBRDjPiyXD1x7hSw2sfIKTfC4ab8p%2F3d27sHW3z21%2BluLsFFLRlVuCLrgm7kTODoyhCche%2FC2fk7kAIqfOxd2cr3EDhwHCnpRV0PNNlPBburHtrJ%2BQix5AdfhAxt5o0FESh3h0pIshYmT%2B8NksTN"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8ff0ecfe6c211c4d-AKL
accept-ranges
bytes
content-length
14457
server
cloudflare
Download_on_the_Mac_App_Store_Badge_US-UK_165x40.svg
morningrainblock07.cezmal.workers.dev/images/ 		14 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://morningrainblock07.cezmal.workers.dev/images/Download_on_the_Mac_App_Store_Badge_US-UK_165x40.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0473941def2fa41a2cdfb2cef129d9c5b9d8bbc0060ec20b768bd94fcba9fe9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3696-193db9688c0"
age
10200
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GwUlwN5xExZyOyC%2B4VQqqDlAjgrX3bvd5LPEOn%2BnzZknAMukR00cvILim0f5rnvdQR7RNUlEaViM6lqSneraP%2BqJl2%2BP5iBQunVKZUdiSq6D%2FfF8NIRNDw0GdPkEGgADukBqzfRbA4fMAXIbdFCJyW7mfU7B9TyZ"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8ff0ecfe6c221c4d-AKL
accept-ranges
bytes
content-length
5122
server
cloudflare
ad-free-125x101-fade-anim-1x.gif
b.cdnst.net/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/ad-free-125x101-fade-anim-1x.gif
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
etag
W/"266b-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
9835
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/gif
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin
x-frame-options
DENY
icg_desktop_apps.svg
b.cdnst.net/images/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_desktop_apps.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f296b7388d26c659d451819449df427b865bbe63cd2d9dd1e814f3f10e81446c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"1fea-193db9688c0"
accept-ranges
bytes
content-length
3289
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
icg_troubleshoot_wifi.svg
b.cdnst.net/images/ 		5 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_troubleshoot_wifi.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
308713a4824fa8f19b7b9305a93189d25a412bd838d1773b1ff81c260fc3cda0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"14c8-193db9688c0"
accept-ranges
bytes
content-length
1246
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
icg_check_outages.svg
b.cdnst.net/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_check_outages.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c0193511cfcd9864e09c2e7175e6d22d6f1e0ad9199b4dc404197a2c65358e93
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"ef6-193db9688c0"
accept-ranges
bytes
content-length
1774
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
icg_talk_to_isp.svg
b.cdnst.net/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_talk_to_isp.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aea75483e6961d526af59b5a09af5fb3262d7ce210e90e590162e4613c9f06b2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"14e7-193db9688c0"
accept-ranges
bytes
content-length
1901
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
icg_how_much_speed.png
b.cdnst.net/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_how_much_speed.png
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b2b4f5e11c0b73429c3ede6bcd9c9b99e7c8fe596c7d0a29e6639ad678d21c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
etag
W/"2a89-193db9688c0"
accept-ranges
bytes
content-length
10889
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/png
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
x-frame-options
DENY
icg_qr_code.svg
b.cdnst.net/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_qr_code.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e551239f9d963f64d1fd39d40285586400f4073acda91be5658c32117f6bc6ae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"cc4-193db9688c0"
accept-ranges
bytes
content-length
1016
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Accept-Encoding
x-frame-options
DENY
mobile_apps.svg
b.cdnst.net/images/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/mobile_apps.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f413ed52238836f8e47dbe95fb447bbafbe200ffc0795325e53fdf3d1796768d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"1423-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
2213
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
icg_get_help.svg
b.cdnst.net/images/ 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.cdnst.net/images/icg_get_help.svg
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
2a04:4e42:600::731 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
30cabd65315139eaac2a9d894be6dfbacc9364599dead8c493eccf3d101e44f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"b8d-193db9688c0"
access-control-allow-credentials
true
accept-ranges
bytes
content-length
1029
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
image/svg+xml
last-modified
Wed, 18 Dec 2024 21:04:56 GMT
vary
Origin, Accept-Encoding
x-frame-options
DENY
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.158.12.153 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-12-153.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

access-control-max-age
3000
content-encoding
gzip
x-amz-version-id
r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
bW89JWZn9ISsDkuGrM--P-Ab_tqYrUsE_9vOTXMMeQBVpigu_PNQSQ==
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/javascript
vary
Origin,accept-encoding
last-modified
Thu, 29 Feb 2024 02:13:08 GMT
cache-control
public, max-age=86400
via
1.1 54a7561b62ec550870852bf6998e8484.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD62-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
servers
morningrainblock07.cezmal.workers.dev/api/js/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://morningrainblock07.cezmal.workers.dev/api/js/servers?engine=js&limit=10&https_functional=true
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/speedtest-main.js?v=1cb71b7e931348fb8bda0b249e8edfb3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.96.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f291b0ff90907f8b3c94f4b3f74181fdae98ec1b43ebb0507ab89b59ea981d5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fyEJwg6Yj%2FYJuPdbJjjU8neTVNMvRoHkkk8G%2BrVcmoipsqfIIKZBg0Fmtcsgr3XxgrQ91Xt1pp%2BlD0uiqji62ASatXkVVbMRLB%2B%2Fis6b2n1fV4ET3RH%2FaaYcRGsjGPelhNxRwWLOAvCK%2F3gFLfgHswwT%2Fty2hAtX"}],"group":"cf-nel","max_age":604800}
expires
Fri, 10 Jan 2025 02:16:31 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:32 GMT
content-type
application/json
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'none'; upgrade-insecure-requests
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=86400
access-control-allow-credentials
true
cf-ray
8ff0ecfe8c231c4d-AKL
x-xss-protection
1; mode=block
server
cloudflare
b-01lr
i.liadm.com/s/c/ Frame E3CD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://i.liadm.com/s/c/b-01lr?duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&euns=0&s=&us_privacy=1YNY&version=v3.6.0&cd=.cezmal.workers.dev&pv=2205df05-3829-45c2-8bf1-68f4d1944759
Requested by
Host: b-code.liadm.com
URL: https://b-code.liadm.com/b-01lr.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.128.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-236-128-166.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Cache-Control
private, no-cache, max-age=0
Connection
keep-alive
Content-Encoding
gzip
Content-Length
672
Content-Type
text/html; charset=UTF-8
Date
Thu, 09 Jan 2025 02:16:32 GMT
Request-Time
37
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding
trace-id
945a6dfa38b131c5
z0WVjCBSEeGLoxIxOQVEwQ.min.js
cdn.static.zdbb.net/js/ 		166 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.247.235 , United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-48-247-235.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1a41d9341fa3c80b1721ed6bef0ac275522dd4ff5c5c2838c05058d702e22260

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

x-amz-server-side-encryption
AES256
cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
Sss0fEQspaVK6R6YwZRrrS3js1bApTaA
x-amz-request-id
PWSJ5JQ5WWN2GW3N
expires
Fri, 10 Jan 2025 02:16:32 GMT
accept-ranges
bytes
date
Thu, 09 Jan 2025 02:16:32 GMT
last-modified
Wed, 08 Jan 2025 20:23:01 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-id-2
UinKiWUbPPlADndw0IZb5x3MiSi/zLE68QV1h09ZKUigzIgHctPSCFSTDtgAGik9k1iFXgQSOWM=
v60a.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-us.imrworldwide.com/v60a.js
  • https://cdn-gl.imrworldwide.com/v60a.js
24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60a.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Server
2600:9000:277c:6200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0971910cdc9f2e2935dda6d6f8018a6e55c690808334cd6de4b7c85b320b2ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
m6vssmDo9Sy0qT4LsjH1sHaCbf7BuQzw
etag
W/"2c36db297a45456efc2626f0af7699ac"
age
5508
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
ul3itAD5WF_TpcNYVdz1jXRFsSOrfC0wj69VrPXQ_NXM9ny6LCw6dQ==
date
Thu, 09 Jan 2025 00:44:44 GMT
content-type
application/javascript
last-modified
Tue, 21 May 2024 14:03:42 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256

Redirect headers

location
https://cdn-gl.imrworldwide.com:443/v60a.js
content-length
134
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
text/html
server
awselb/2.0
beacon.js
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain
  • https://sb.scorecardresearch.com/cs/6036202/beacon.js
  • https://sb.scorecardresearch.com/internal-cs/default/beacon.js
16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Server
18.67.93.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-123.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

vary
accept-encoding
cache-control
max-age=86400
content-encoding
gzip
etag
W/"c22322b3d030360971584a98c60b6e0b"
age
11374
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
6rFbzaLAfVFH629ywMEfnaEEDaeoqCzSz-trTC8pFkblGTFe811kXQ==
date
Thu, 09 Jan 2025 00:44:56 GMT
content-type
text/javascript
last-modified
Mon, 16 Dec 2024 11:25:59 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P1
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-cs/default/beacon.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
OdzhMz4bf4fC9JLx221LSFhpSYlvu4Uqf2fR1ahrB5KZz5r9nyBbwg==
date
Thu, 09 Jan 2025 02:16:32 GMT
x-amz-cf-pop
SYD62-P1
js
www.googletagmanager.com/gtag/ 		412 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c&gtm=45He5170v6359835za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7SNBZ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d1f2f875e8de26d6ebeac9e06d444f88124d4981eb91f48f632d6de0ea2b0c83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 09 Jan 2025 02:16:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 02:16:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
135384
x-xss-protection
0
server
Google Tag Manager
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?dtstmp=1736388991884&aid=b-01lr&se=e30&duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&tv=v3.6.0&pu=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&us_privacy=1YNY&wpn=l...
  • https://rp4.liadm.com/j?dtstmp=1736388991884&aid=b-01lr&se=e30&duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&tv=v3.6.0&pu=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&us_privacy=1YNY&wpn=...
13 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?dtstmp=1736388991884&aid=b-01lr&se=e30&duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&tv=v3.6.0&pu=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.6.0&cd=.cezmal.workers.dev&c=PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNwZWVkdGVzdC5uZXQvIj48dGl0bGU-U3BlZWR0ZXN0IGJ5IE9va2xhIC0gVGhlIEdsb2JhbCBCcm9hZGJhbmQgU3BlZWQgVGVzdDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlVzZSBTcGVlZHRlc3Qgb24gYWxsIHlvdXIgZGV2aWNlcyB3aXRoIG91ciBmcmVlIGRlc2t0b3AgYW5kIG1vYmlsZSBhcHBzLiI-&pv=2205df05-3829-45c2-8bf1-68f4d1944759&i6=MjQwNDpmNzgwOjU6ZGVmOjpjMmU%3D&n3pc=true
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Server
54.225.224.75 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-225-224-75.compute-1.amazonaws.com
Software
/
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

x-pixel-event-id
4760e58d-68ba-4434-8eec-773b4e4574b8
access-control-max-age
86400
access-control-expose-headers
*
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
null
content-length
13
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json

Redirect headers

access-control-max-age
86400
access-control-expose-headers
*
location
https://rp4.liadm.com/j?dtstmp=1736388991884&aid=b-01lr&se=e30&duid=487a14389edf--01jh4djpmks2mttxmae812sp0w&tv=v3.6.0&pu=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&us_privacy=1YNY&wpn=lc-bundle&wpv=v3.6.0&cd=.cezmal.workers.dev&c=PGxpbmsgcmVsPSJjYW5vbmljYWwiIGhyZWY9Imh0dHBzOi8vd3d3LnNwZWVkdGVzdC5uZXQvIj48dGl0bGU-U3BlZWR0ZXN0IGJ5IE9va2xhIC0gVGhlIEdsb2JhbCBCcm9hZGJhbmQgU3BlZWQgVGVzdDwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IlVzZSBTcGVlZHRlc3Qgb24gYWxsIHlvdXIgZGV2aWNlcyB3aXRoIG91ciBmcmVlIGRlc2t0b3AgYW5kIG1vYmlsZSBhcHBzLiI-&pv=2205df05-3829-45c2-8bf1-68f4d1944759&i6=MjQwNDpmNzgwOjU6ZGVmOjpjMmU%3D&n3pc=true
access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
0
date
Thu, 09 Jan 2025 02:16:32 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/ 		494 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e430ac99d48aa7aa291fe9ef82398d2e7f599643dd1732d026947ba15edf718f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
4755344281006871465
age
38533
x-content-type-options
nosniff
expires
Thu, 08 Jan 2026 15:34:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 08 Jan 2025 15:34:19 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
157521
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/ 		91 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=morningrainblock07.cezmal.workers.dev
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
370eee13ce1673854df0e6f943214ddbed5310f2bdfadfb4961ea37013778d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
70
date
Thu, 09 Jan 2025 02:16:32 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202501070101/ 		63 KB
23 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202501070101/gpt
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e228891b15bd5240c2da3a0d8e01c9795f13239c94de6ee383f7f8f908dbc417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
10918878473317485729
age
36935
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 16:00:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Wed, 08 Jan 2025 16:00:57 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23207
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202501070101"
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036202&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736388992215&ns_c=UTF-8&cs_cfg=1101110&c7=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c8=Speedte...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736388992215&ns_c=UTF-8&cs_cfg=1101110&c7=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c8=Speedt...
0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036202&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736388992215&ns_c=UTF-8&cs_cfg=1101110&c7=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c9=
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Server
18.67.93.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-123.syd62.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
DWTfKIw6iGIhWn2iiLVPiC3B-f_GjrJSa6KWq5wNUxIwGrA_woP4Lw==
date
Thu, 09 Jan 2025 02:16:32 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
SYD62-P1

Redirect headers

location
/b2?c1=2&c2=6036202&cs_it=b1&cv=4.12.0%2B2412121612&ns__t=1736388992215&ns_c=UTF-8&cs_cfg=1101110&c7=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c8=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&c9=
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 18973cd357a68e16bd20873be51e8596.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
DoF2xInfDTrlwBvf7iJmMpC2lZUw7pr4GXE1skxWrTmQfDnC4C6tgA==
date
Thu, 09 Jan 2025 02:16:32 GMT
x-amz-cf-pop
SYD62-P1
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=45je5170v879908529z86359835za200zb6359835&_p=1736388991020&_gaz=1&gcs=G111&gcd=13t3t3t3t6l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1340808459.1736388992&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1736388992&sct=1&seg=0&dl=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&en=page_view&_fv=2&_nsi=1&_ss=1&ep.gtm_container=GTM-K7SNBZ&ep.gtm_version=274&ep.mobile_web_test=false&ep.hostname=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev&ep.adblock_status=False&ep.zdConsent_geoCC=&ep.zdConsent_gdprApplies=false&ep.zdConsent_consentGiven=true&ep.vpnUseDetected=false&epn.client_timestamp=1736388991787&up.user_type=anonymous&up.adFree=false&up.gaOptInStatus=true&up.googAdsOptInStatus=true&tfd=2791
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c&gtm=45He5170v6359835za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 02:16:32 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
561 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-KKLSRK6J1Z&cid=1340808459.1736388992&gtm=45je5170v879908529z86359835za200zb6359835&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c&gtm=45He5170v6359835za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9c Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 02:16:32 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 4DB8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-KKLSRK6J1Z&gacid=1340808459.1736388992&gtm=45je5170v879908529z86359835za200zb6359835&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1510666288
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c&gtm=45He5170v6359835za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:814::2002 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jan 2025 02:16:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.nz/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-KKLSRK6J1Z&cid=1340808459.1736388992&gtm=45je5170v879908529z86359835za200zb6359835&aip=1&dma=0&gcs=G111&gcd=13t3t3t3t6l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=230221699
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 09 Jan 2025 02:16:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
match
bee.imrworldwide.com/v1/clients/ 		39 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bee.imrworldwide.com/v1/clients/match?client_id=ziffdavis&url=https://morningrainblock07.cezmal.workers.dev/
Requested by
Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.93.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-93-103.syd62.r.cloudfront.net
Software
/
Resource Hash
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=25920000; includeSubDomains
content-encoding
gzip
access-control-allow-credentials
true
x-content-type-options
nosniff
via
1.1 0c5c9092233f69156c68308fd823bd58.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
63
x-amz-cf-id
Ooz_ePaCxcx_nu1H34k5cromQPHuzXJr2DKXEUcTqV0HCEm19GGPPg==
date
Thu, 09 Jan 2025 02:16:32 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-amz-cf-pop
SYD62-P1
x-frame-options
DENY
storageframe.html
secure-us.imrworldwide.com/ Frame 1BC9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-us.imrworldwide.com/storageframe.html
Requested by
Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.83.57 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-83-57.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-length
3489
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jan 2025 02:16:32 GMT
etag
"67506a6c-da1"
last-modified
Wed, 04 Dec 2024 14:42:52 GMT
server
nginx
check_c
zdbb.net/ 		32 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://zdbb.net/check_c
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.68.98.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-68-98-107.us-west-2.compute.amazonaws.com
Software
Ziff Davis BuyerBase /
Resource Hash
4d031cfd80dc73f7d5e4ac9fd8dcb3efaf30545f09184fe939c86d02044ced06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
32
p3p
CP="ALL DSP COR NID"
date
Thu, 09 Jan 2025 02:16:32 GMT
content-type
text/plain; charset=utf-8
server
Ziff Davis BuyerBase
info
gurgle.zdbb.net/ 		271 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gurgle.zdbb.net/info?url=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&fp=0&lcl_id=
Requested by
Host: cdn.static.zdbb.net
URL: https://cdn.static.zdbb.net/js/z0WVjCBSEeGLoxIxOQVEwQ.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.230.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-230-104.compute-1.amazonaws.com
Software
/
Resource Hash
60f378585104f050fb8c3e12ab387cba8a27b87c5d75e380898adb516d654fd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

access-control-allow-headers
Content-Type, Cache-Control
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
271
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
access-control-allow-credentials
true
access-control-allow-methods
GET, OPTIONS
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame 322F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
848
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29517
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jan 2025 02:02:24 GMT
expires
Thu, 09 Jan 2025 02:52:24 GMT
last-modified
Mon, 06 Jan 2025 20:43:01 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
config250.js
cdn-gl.imrworldwide.com/conf/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by
Host: secure-us.imrworldwide.com
URL: https://secure-us.imrworldwide.com/v60a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:6200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f39fe248cbe98f852b56d28c1af36f1d08541646075f14d853b99247be66e0be

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

vary
accept-encoding
cache-control
max-age=86400,s-maxage=86400
content-encoding
gzip
x-amz-version-id
trvCNB8sv8v5hgbkcn3yt7CVGC_vJgCU
etag
W/"9ce54311f110942485b8cd1cbffb1328"
age
3256
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
cq4XW1b78G1c_O83rninZbt10SgqXwwsFW4R9V8uPtmGJD6D3FSDWQ==
date
Thu, 09 Jan 2025 01:22:17 GMT
content-type
application/javascript
last-modified
Wed, 08 Jan 2025 23:22:02 GMT
server
AmazonS3
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
v1
lb.eu-1-id5-sync.com/lb/ 		56 B
320 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
d41a000598f3e16b305de7eb737f58300f8e2364a8551838267a486b0f16e09d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:6200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
gzip
x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
age
1035
x-amz-storage-class
INTELLIGENT_TIERING
x-cache
Hit from cloudfront
x-amz-cf-id
Jmmr9sAT-t6pdUXARQOBWtvoMmAMtXuiVJJoGhXmMtq4RmVk7uz0NA==
date
Thu, 09 Jan 2025 01:59:18 GMT
content-type
application/javascript
vary
accept-encoding
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
cache-control
max-age=86400
via
1.1 fa43c7fc4cce8d15bc6bb688567ffc10.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD3-P2
server
AmazonS3
x-amz-server-side-encryption
AES256
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://morningrainblock07.cezmal.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 09 Jan 2025 02:16:33 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://morningrainblock07.cezmal.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 09 Jan 2025 02:16:33 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://morningrainblock07.cezmal.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 09 Jan 2025 02:16:33 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://morningrainblock07.cezmal.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 09 Jan 2025 02:16:33 GMT
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://morningrainblock07.cezmal.workers.dev
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version,Content-Type
access-control-allow-methods
OPTIONS,POST
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-max-age
3600
allow
OPTIONS,POST
content-length
0
date
Thu, 09 Jan 2025 02:16:33 GMT
prebid
prebid.media.net/rtb/ 		32 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUYEJ1S6
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
x-envoy-upstream-service-time
200
access-control-allow-credentials
true
via
1.1 google
expires
Thu, 09 Jan 2025 02:16:32 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json;charset=utf-8
server
envoy
cdb
bidder.criteo.com/ 		0
244 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.31.0&cb=91306292192&lsavail=1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1b , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
observe-browsing-topics
?1
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
date
Thu, 09 Jan 2025 02:16:33 GMT
vary
Origin
server
Kestrel
prebidjs
rtb.openx.net/openrtbb/ 		53 B
400 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d69319cf807139aa2fe5007897a14d8c8dd9d8ff8dd78c0c08b588d873a30ba8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
gzip
x-forwarded-for
103.75.11.103
access-control-allow-credentials
true
observe-browsing-topics
?1
via
1.1 google
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
date
Thu, 09 Jan 2025 02:16:32 GMT
content-type
text/plain
vary
Origin
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
49fcbcfb583d3b91eacf6542685a7f654b272672fde46565098bec9e6d99bbd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://morningrainblock07.cezmal.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
66
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
ec0aeff46b4ac549eb3e5c9dff9d6c51e1964cac2022b48e277f6392a719e13f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://morningrainblock07.cezmal.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
66
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
9bb0ed8cd90e0c8e1eb1f98d2431a565b594641c7a382d3346fc42f97c16630b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://morningrainblock07.cezmal.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
66
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
7a6dc30cd24b8b804cb3924315cecd288d87ba0fbdf9c40151e459c2dfb74de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://morningrainblock07.cezmal.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
66
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.158.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-158-172.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
fe9dc95ef160d8b66c92cf394e2b853187cef88dda50e030d94cbbc7bc4a323d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

x-openrtb-version
2.5
Referer
https://morningrainblock07.cezmal.workers.dev/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json

Response headers

x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
access-control-max-age
3600
access-control-allow-credentials
true
access-control-allow-methods
OPTIONS,POST
allow
OPTIONS,POST
x-content-type-options
nosniff
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
66
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
access-control-allow-headers
x-openrtb-version,Content-Type
prebid
ib.adnxs.com/ut/v3/ 		576 B
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.36 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
6bf839966d1e9d5a1c56621998697aed1037c4ba2877e1a0994dfb2502503657
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
103.75.11.103; 103.75.11.103; 897.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
an-x-request-uuid
096cce36-4faf-42fd-aebb-100e0c5c90a6
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 09 Jan 2025 02:16:33 GMT
x-xss-protection
0
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
nginx/1.23.4
translator
hbopenbid.pubmatic.com/ 		0
129 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
date
Thu, 09 Jan 2025 02:16:33 GMT
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
144 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.54.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-54-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.54.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-54-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		675 B
823 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.54.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-54-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
1633c36d872f99bc24d752e1f7ffde2864c675d8620b07224753193cac48b7a9
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-encoding
gzip
content-length
440
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		0
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.54.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-54-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
access-control-allow-credentials
true
v1
btlr.sharethrough.com/universal/ 		447 B
665 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.250.54.29 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-54-29.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
72632a67254e78f0f1bb538e85274611d5c430d0b6eae3ac8637fdf2720ae669
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

x-openrtb-version
2.5
strict-transport-security
max-age=16000000; includeSubDomains; preload;
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-encoding
gzip
content-length
282
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		446 B
821 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=2&us_privacy=1YNY&rf=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=morningrainblock07.cezmal.workers.dev&tg_i.page=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_leaderboard&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=440b90dd5a6901e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_leaderboard&m_ch_mobile=%3F0&slots=1&rand=0.34241488864031
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
79a2810c7875d0f93755d565ae015d1b0d219f84806567924af696db632fbb40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
446
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		445 B
1011 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=9&us_privacy=1YNY&rf=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=morningrainblock07.cezmal.workers.dev&tg_i.page=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_skyscraper&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=45815e7333bfc85&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_skyscraper&m_ch_mobile=%3F0&slots=1&rand=0.9442417992676639
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
b00588e879a7d9abc2a57ab668243ad8950bcd0c200a4a116df926131811b961

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
445
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		449 B
824 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373684&size_id=15&us_privacy=1YNY&rf=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=morningrainblock07.cezmal.workers.dev&tg_i.page=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=469c5aca2d2842&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_top_rectangle&m_ch_mobile=%3F0&slots=1&rand=0.6254777936525724
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
136008d56c092250908bab1352101d1fb75e25fae87ffda47aa45dbc910c5afe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
449
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		452 B
827 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=15&us_privacy=1YNY&rf=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=morningrainblock07.cezmal.workers.dev&tg_i.page=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=47cec27c7f4246e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_bottom_rectangle&m_ch_mobile=%3F0&slots=1&rand=0.6027487273878618
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
6a9908c1d68a193c2e279e0af45c862ba863d5b1be56501899b08b27fe746908

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
452
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
fastlane.json
fastlane.rubiconproject.com/a/api/ 		445 B
820 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11576&site_id=79558&zone_id=373682&size_id=2&us_privacy=1YNY&rf=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&kw=ookla%2Cspeed%2Ctest%2Cspeedtest%2Cspeedtest%2Cbandwidthspeedtest%2Cinternetspeedtest%2Cbroadbandspeedtest%2Cspeakeasy%2Cflash%2Ccnet%2Cinternet%2Cnetwork%2Cconnection%2Cbroadband%2Cbandwidth%2Clatency%2Cping%2Cthroughput%2Cdownload%2Cupload%2Cconnection%2Cdsl%2Cadsl%2Ccable%2Ct1%2Cisp%2Cvoip%2Cip%2Cipaddress%2Ctcp&tg_i.domain=morningrainblock07.cezmal.workers.dev&tg_i.page=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&tg_i.pbadslot=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&tk_flint=pbjs_lite_v8.31.0&l_pb_bid_id=484355845ad4da7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F6692%2Fspeedtest.net%2Fstnext_lowerboard&m_ch_mobile=%3F0&slots=1&rand=0.2775977241150571
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c006:158::65 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.27.2 /
Resource Hash
0832d681a79fddbc7bc10709ffd8b7d7e565646a41ab22716cabc679dcf94333

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
445
date
Thu, 09 Jan 2025 02:16:33 GMT
content-type
application/json
vary
Accept-Encoding
server
nginx/1.27.2
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
707 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=184382
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.26.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c71a9e85bc2da13a44a223a7e82ae8e2f7057da730cc9535b8cbb1e1e5e33e6e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ov2nP02PVRzLbQVun7vqUdWFefxAsez90nFw2J937g0%2BEWRqBTwwIinndgzy5P0qw7fmrcqaVr1MMKr%2Fj9v9vm16S2%2FtFdkGDmkFKPqEYJWvo9ck28S%2Bd6oND%2BHfDq2b7HilO41%2F"}],"group":"cf-nel","max_age":604800}
observe-browsing-topics
?1
expires
0
alt-svc
h3=":443"; ma=86400
date
Thu, 09 Jan 2025 02:16:32 GMT
content-type
application/json
vary
Accept-Encoding
cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
access-control-allow-credentials
true
cf-ray
8ff0ed051febd9bf-AKL
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
37
server
cloudflare
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 200C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:277c:3c00:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
914
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 09 Jan 2025 02:01:19 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
accept-encoding
via
1.1 f5bc0d54a76b57b6f435f98d3e741ea4.cloudfront.net (CloudFront)
x-amz-cf-id
I8kEO3y2yDNqLbJ9ia8fgSEk3oa_QFmkYAi0ORPwTRETw1aYRIOP6g==
x-amz-cf-pop
SYD3-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=Fwidm3w3NlEyWWFFOFBCZzh6Z2o1bmtRQmFYQ0NLMTNGQnl4V2JRQWVtMkNrNFN4Rzg0M29iY01zcXdOQ1JvRkp5dHZxbkVRRzZIVUZld0ErK2lzVmNnU0VKR3BNM0d4QlhiaHJkcXRraVA2U3AyNS9DM2lnMXRGbjJPZDZrcVN0Mko1bk43ZS90ZDJ1Snpwd3dEckd4dmE3WDFiczdSRG5ReFFsOXF6UW5IVmk1bG90SjhLTTIwT1plbVdBcXkwMFpoUzlSRDNHZlRId0tjd01ZREdxM0d5SHQ4ei9oY3NEV2tyYnJHVSt1UThXQm1zWWoyRGhuU3QrQWphY2dJeDl0V3lUeHhDWGxIeU9xdXlKeXkybUF0U2pRT0hkYjBiUEl4TE1sTStQenEzUHp6TT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Thu, 09 Jan 2025 02:16:33 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
191037
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
loadus.exelator.com/load/
Redirect Chain
  • https://zdbb.net/l/z0WVjCBSEeGLoxIxOQVEwQ?additionalInformation=&cms_page_id=&local_uid=&referrer=&zd_pageview_id=13372642-d294-4213-8f5d-9a593f81d8c5&zd_session_id=1daedf0d-7990-421d-9268-61defcaf...
  • https://cm.g.doubleclick.net/pixel?google_nid=ziffdavis_dmp&google_cm&google_hm=N2MyOTU2MGRjYTk3NDhjMDkzYjgyZDY3OGQ1MTBkYzc=
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?google_gid=CAESEBa7jR4udMlvW_oRUT6ZrUI&google_cver=1
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302198
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=neusbftgslopjfixorwbst&tpc=E8eUMsJA5sA4CDHQ5Yh9ZtPxLHhg95LMPqmISYjX2i0%3D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pexu87e&ttd_tpi=1
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=lk45j3o5TTDlkj35h3g4&tpc=4f9f0ad7-81a3-4e9f-a192-87dcea2747e1
  • https://match.prod.bidr.io/cookie-sync/spiceworks2?buyer_user_id=7c29560dca9748c093b82d678d510dc7
  • https://match.prod.bidr.io/cookie-sync/spiceworks2?buyer_user_id=7c29560dca9748c093b82d678d510dc7&_bee_ppp=1
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=kh4u2bm23bbewk4h35&tpc=AAD8-U7O_mMAABZ22razcw
  • https://dpm.demdex.net/ibs:dpid=266306&dpuuid=7c29560dca9748c093b82d678d510dc7&redir=https%3A//zdbb.net/l/qI109lRAEeGCiBIxORcFRw/%3Ftp%3Daamipowqlssjirtmmlknrp%26tpc%3D%24%7BDD_UUID%7D
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=aamipowqlssjirtmmlknrp&tpc=66174511158387873862439176219720224954
  • https://ps.eyeota.net/pixel?pid=mla6m40&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=mla6m40&t=gif
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=fc4awlrgeegcibixeyefrw&tpc=2wW6or91JKnT8rT6UkFpMOAJP37LImQcboY8Tvr02728
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fzdbb.net%2Fl%2FqI109lRAEeGCiBIxORcFRw%2F%3Ftp%3Dalkjldfoiwelnflasadptv%26tpc%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fzdbb.net%252Fl%252FqI109lRAEeGCiBIxORcFRw%252F%253Ftp%253Dalkjldfoiwelnflasadptv%2526tpc%253D%2524UID
  • https://zdbb.net/l/qI109lRAEeGCiBIxORcFRw/?tp=alkjldfoiwelnflasadptv&tpc=1909152627205155401
  • https://loadus.exelator.com/load/?p=1141&g=2&j=0
0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=1141&g=2&j=0
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date
Thu, 09 Jan 2025 02:16:39 GMT
x-powered-by
Undertow/1
server
nginx
access-control-allow-credentials
true

Redirect headers

cache-control
no-cache, no-store, must-revalidate
location
https://loadus.exelator.com/load/?p=1141&g=2&j=0
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
*
content-length
0
p3p
CP="ALL DSP COR NID"
date
Thu, 09 Jan 2025 02:16:38 GMT
content-type
text/html; charset=utf-8
server
Ziff Davis BuyerBase
718.json
id5-sync.com/g/v2/ 		859 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/718.json
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.120 , Germany, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
ns3203256.ip-141-95-33.eu
Software
/
Resource Hash
3786cc25e83fb0492695a4df1c6ead9e6cededfe54398112faba0e3b7b967f93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
p3p
CP="CAO PSA OUR"
date
Thu, 09 Jan 2025 02:16:34 GMT
content-type
application/json
vary
Origin
ads
securepubads.g.doubleclick.net/gampad/ 		360 KB
30 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=563809353870159&correlator=1382533311015607&eid=31089452%2C31089538%2C31089552%2C31089501%2C31086809%2C31089253&output=ldjh&gdfp_req=1&vrg=202501030202&ptt=17&impl=fifs&us_privacy=1YNY&iu_parts=6692%2Cspeedtest.net%2Cstnext_leaderboard%2Cstnext_skyscraper%2Cstnext_top_rectangle%2Cstnext_bottom_rectangle%2Cstnext_lowerboard%2Cstnext_left_300x600%2Cstnext_right_300x600&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8&prev_iu_szs=728x90%2C160x600%2C300x250%2C300x250%2C728x90%2C160x600%7C300x250%7C300x600%2C160x600%7C300x250%7C300x600&ifi=1&sfv=1-0-40&fsbs=1%2C1%2C1%2C1%2C1%2C1%2C1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1736388994136&lmt=1736388994&adxs=362%2C188%2C1112%2C1112%2C362%2C48%2C1112&adys=77%2C77%2C77%2C95%2C697%2C77%2C77&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=780&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&vis=1&psz=728x0%7C160x0%7C300x0%7C300x0%7C728x0%7C300x0%7C300x0&msz=728x0%7C160x0%7C300x0%7C300x0%7C728x0%7C300x0%7C300x0&fws=4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=728%2C160%2C300%2C300%2C728%2C300%2C300&topics=1&tps=1&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1736388990737&idt=1587&cust_params=zdc%3D1%26li-module-enabled%3Dt1-e0%26country%3DUS%26testStage%3Dnew%26isp_id%3Dundefined%26stIspId%3Dundefined%26hostname%3Dhttps%253A%252F%252Fmorningrainblock07.cezmal.workers.dev%26stOutage%3D20107%252C35700%252C10004%252C38732%252C20041%252C20024%252C34097%252C20030%252C35795%252C20065%26bucket_test%3D14%26pageviewid%3D13372642-d294-4213-8f5d-9a593f81d8c5%26zdid%3D5a4bc41c848ed09030660441367faef6%26s%3D%26p2%3D%26zdbb%3D%26fpid%3D4f87bd747a304ac28b4107cc1c30c198&adks=2675502559%2C490556826%2C2311931128%2C1178321438%2C437806214%2C2923028898%2C3017529935&frm=20&eoidce=1&td=1&tan=382076f4-10e0-4efa-9e70-be678b7e2e6a%2C382076f4-10e0-4efa-9e70-be678b7e2e6b%2C382076f4-10e0-4efa-9e70-be678b7e2e6c%2C382076f4-10e0-4efa-9e70-be678b7e2e6d%2C382076f4-10e0-4efa-9e70-be678b7e2e6e%2C382076f4-10e0-4efa-9e70-be678b7e2e6f%2C382076f4-10e0-4efa-9e70-be678b7e2e70&tdf=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
f0fd431055f542877ddcc63055b31802011034e9dab36b59b02927548d9fde66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
dcb
google-lineitem-id
5395284409,6754865995,5395284409,5395284409,5395284409,-2,-2
observe-browsing-topics
?1
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 09 Jan 2025 02:16:34 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138349886058,138484804452,138349847600,138349848629,138350265874,-2,-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
content-length
30415
x-xss-protection
0
server
cafe
container.html
5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 29BF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:811::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 09 Jan 2025 02:16:34 GMT
expires
Thu, 09 Jan 2025 02:16:34 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Fri, 10 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
date
Thu, 09 Jan 2025 02:16:35 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
view
securepubads.g.doubleclick.net/pcs/ Frame D36A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSEJV4vyJLVDkkxEUhYopalfERJFyY9lm5RMBeCfhyHtAFOI3IS8flkjgURQ_VqaFBXjxLibG88vTT9n7JMrtAAGfmG45dKoa4fhrciyGuuBe-kplywkIH4o5Zcefk18xmTpNotgOt36TTa9lwpIzROz08G9Pkyi5S021ezyV8FnQJ52mniFcWPHeXd5o9Df9Xt7VS3tHwPyUxG_g44XeiUANHuiNyPKfeLSUvkhIYLBnPxdmMb5BB7rLP6m490z9rj1RQJEYAK9sJpUDVwBzLvCxBDk8q-J_tW1WEIJiswlbwqRJ9JSHPz-Bn3Orj9RYpelWjihj3Ndfx8NKwjUMFaC0ypws8JbufWbjnahLLOlKT14x8HCDTtMObxYOMWc0OrazsRMAVJkLjadvXZsUgqCWY0L8CeZZPuG8_OH7ij91YXW_5cVxxRXzlfYf1rjs3LE0jXSesrJ8kN6SaUA&sai=AMfl-YRYo07xqPjbnool4rpQsphze20RjpDCpfBF-mYunC_NJSHM2o9zNetCRFK02MVXRRsiYYaNTzevu2TJ47UPiEDGh8yHsI6p1e5F1CyLRE1B85PBG5BXLTWRCjvp&sig=Cg0ArKJSzOMR-y5URLyFEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/ Frame D36A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d93c445a67d71996119f9eff796d49f0345670d58ce927b278fa2de7b9397e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
14443936298496593048
age
37228
x-content-type-options
nosniff
expires
Wed, 22 Jan 2025 15:56:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 08 Jan 2025 15:56:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9152
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/ Frame D36A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
6567774568227038691
age
2959
x-content-type-options
nosniff
expires
Thu, 23 Jan 2025 01:27:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:27:16 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame D36A 		218 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
15965780714114583650
age
3520
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:17:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:17:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
2081763630838942312
tpc.googlesyndication.com/simgad/ Frame D36A 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/2081763630838942312
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5d5575d81c2b07ff3064aa426d7c4152206b7907903c2b8a29bce96ac3fd3b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

age
358368
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 22:43:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 04 Jan 2025 22:43:47 GMT
last-modified
Tue, 18 May 2021 20:14:52 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
17723
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame D36A 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 38E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst1HFHpeAFmE_T09Yj92NsS_q5yKyAs_i8fs_MhtwCB9m0X-9o0C5JHG6kHJAUKSALV9CGEOQfs4KYEKHeX2mw_uw-gWz9tL-AEFYmW-hnM7ar8ISGVT1OFyeWfxd-EXu3WRgtC5p0IPUfi9p4XTLP9FVanEg5pQBMqLp_0_5nx-0-WaxgyFQUIQQiZqBPFAsqBCRdiEP-kDsCJ27nYRQN0nekebxLRzGlUfmidUgeHntkfvWX8SOAJ6gx8et8-K_XgRMsyGbFc1hH4R-5mRqQJ9qNTUSdjdvW6vHBB0C8ukiOGYkO6AN-75figwOBL02tNVznvhURGPyE8tE1PnHGF4tsUinq6UOLqQc6yASpwplblWdRmhoecP1coa2rGZT1U8uy0o4H-ukXFOGyCFnaUfIHmRFYrkLBhbhwayiN4vwcuPdULP3fgGLgAznlze4TxYpbco2WTvUYJBz4S&sai=AMfl-YQaCf2731c-gZNKn2sU4-Eiqu1qIWjNJVjeOyG9AC4389sRQT3eyr1FAmp1V7w4hNsgGMSvJA9_EkNzkdPV9LJZS16VhHBHAQvLF_NU3WaDXrotxWPVoe3p5hwo&sig=Cg0ArKJSzL94-fWmF2jnEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/ Frame 38E0 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d93c445a67d71996119f9eff796d49f0345670d58ce927b278fa2de7b9397e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
14443936298496593048
age
37228
x-content-type-options
nosniff
expires
Wed, 22 Jan 2025 15:56:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 08 Jan 2025 15:56:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9152
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/ Frame 38E0 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
6567774568227038691
age
2959
x-content-type-options
nosniff
expires
Thu, 23 Jan 2025 01:27:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:27:16 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 38E0 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
15965780714114583650
age
3520
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:17:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:17:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
13183391929707687978
tpc.googlesyndication.com/simgad/ Frame 38E0 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13183391929707687978
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7728cce2b609178959c30b82b9b781f370ef9d9381298bf6e0ba2e87b8c780ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

age
396251
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 12:12:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 04 Jan 2025 12:12:24 GMT
last-modified
Tue, 06 Aug 2024 18:05:45 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
42503
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 38E0 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame E685 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa3ZEQQaR8zjvBqDs_cYcX2EFYH59_shYv4WbF4fvbrPMP10V4rLRhVb2vp1-nKd0UlGHArX42VA30ohjZA3bjZ56SrUHYftovew1tFxe50BDv07vPrmHrNlOVjaRIdzLyih7nMJ6wdlOvEwISMYv2nXPQnDtDk2rZHdF02vakPPutCnpUArh75EYR-auzBMTbcmanWqFhlgiOFR4TyWbCIWFnYnpWR9XIMP-h9M1glJKBtGoV4EoIqbDvpG9IN9VBZfOWG87hw9kZeoKiwSCH19F_XzPmXeo2_mGLcMFhaZf43gvEvZiAL5uyjdvauR85SeNrFCH0MDGrIsCiYjprYx5yVs8bYV7hDESz3-ozSUF4qwv5IdLbGxR_ukQ8yQVO3SXlmclLhBHN3HvHpVbfTZb_BDoHa4ZTiIK7tN87KtYJrHJvNPzq1KvKeTcErS4Voss2PVYrtAJl-m3jUbm1&sai=AMfl-YQe9k8LK5dle_fLmG4tHWbk75RWA9MOTtVlGxPNzZjE7ivQC4j1mh_LHajMvHsL1vclWPert6L5kwoz8TxNoT9twIT2YSfqG0S1yHZZXKpyApVqJ-5teiW8b0hv&sig=Cg0ArKJSzLWLILok6KkIEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/ Frame E685 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d93c445a67d71996119f9eff796d49f0345670d58ce927b278fa2de7b9397e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
14443936298496593048
age
37228
x-content-type-options
nosniff
expires
Wed, 22 Jan 2025 15:56:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 08 Jan 2025 15:56:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9152
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/ Frame E685 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
6567774568227038691
age
2959
x-content-type-options
nosniff
expires
Thu, 23 Jan 2025 01:27:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:27:16 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E685 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
15965780714114583650
age
3520
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:17:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:17:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
15520956230169214031
tpc.googlesyndication.com/simgad/ Frame E685 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15520956230169214031
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51248129aced21c60268725b5fed0c1ad30538e3c5a1f562a01110959e09860d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

age
358368
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 22:43:47 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 04 Jan 2025 22:43:47 GMT
last-modified
Tue, 18 May 2021 18:18:45 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
4526
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame E685 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame 830B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstx2dNkotb89ud7BEaYns73iQFS4eRoXnW_nV9hDaVL4TYBLxpkYuYwAUJL75KHyUMQY6Ky8ixt64jVdSCGYctS4HSk_sQTDX6fVjtSDyXsuCQJzcyFKsU7_-IuwhdosVeCC3B4wBSZ3225_KETkIwjfJxRlTYfiUi9YZ-eIT5I9WblwqrY5skgsQwrkwbYBk_x1LZ1EFEJAmJOUPkFxfDJuTFFeyKFAL1CW-cFs0liS5zXyRrXXlw30bLNs70RCDb79XoIMyYPHLkdiQn35Pfyx2UQA6nxNjGiB3frdeWKEfuhoDmFcpO8XQ4emseyCe36i2_aeKqnkTNnsbkhpM29xEKbiI-Do4PPII0s0tp80t15piGQVBmhkqSZAOrTtgfp5GR7JdwqtHQw8ky_x_G44WmzWPlt8ltHNbcyCU1SnqhMJS-8OjzkJwcA0NXyte6SMm4kgI3CuUdJUdywgCpED0ip&sai=AMfl-YR0vpsdhq72NHZ4nFpe6897t7Qlt-TLzHImtkw_Zc8Y_XN3j0gyTDu4sCB-wJzw5KMi59qFrIbyglQ3mP19O8BxSDC1fvmLXKiHx2oI7tRNqs3DT9t_kXapUYpb&sig=Cg0ArKJSzIPsCZHWoxMNEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/ Frame 830B 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d93c445a67d71996119f9eff796d49f0345670d58ce927b278fa2de7b9397e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
14443936298496593048
age
37228
x-content-type-options
nosniff
expires
Wed, 22 Jan 2025 15:56:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 08 Jan 2025 15:56:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9152
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/ Frame 830B 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
6567774568227038691
age
2959
x-content-type-options
nosniff
expires
Thu, 23 Jan 2025 01:27:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:27:16 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 830B 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
15965780714114583650
age
3520
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:17:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:17:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
274358664207327603
tpc.googlesyndication.com/simgad/ Frame 830B 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/274358664207327603
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5677dde8ee0b0017335b08a8de494b90646e4bce5e107ddb85cec7d7662915d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

age
356538
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 23:14:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 04 Jan 2025 23:14:17 GMT
last-modified
Tue, 18 May 2021 18:20:18 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
50318
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame 830B 		0
0
view
securepubads.g.doubleclick.net/pcs/ Frame CA03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHKgM5rif4--T2qrSs7aIzbbq7NEY_j4d3eDyGGlOdofGxx94iBTbFTqZFTh76yP9e0bPOc1FoWa9uBIjmvcCEbsj2Ki7WoogWI6HBg05bFpa6DRzfwOxb5BjLI2ppfWORd4VfQy1pG9GZtH8CAGRz1u8zDfLbVmfuSQHndXsqg2NG5qqh7Vme0Wewm7Cg_1drxMx3F7rIbDiQjqDABl87ecQ4G0pygeW6sD3EFJu1DXkk1ZqbbsP6LP7YPnn3x9W9_PLDX1XWBMrNThvXmLfQPYhuiomGa8eSiaEj3hRIZ8XT30-CgIB0XJhi4hC4ciy08wA788JTESzVDiV_A2RIgnJMAWu-2GMDmnafCKDGIfH7IFxNR9zt62XbR1bq1NHeGj2hhqJF1x6wNiDHP3VSqzYk9JAIHHBk2zoKUQYs-iRKyCGD5E3mOOsSfV0LeZEXxA2F4wAEYFuJGSg4&sai=AMfl-YT-c1shiyUMKF85sukdh08kwS2boMsKqmFv6qis91o-FW5REwohWbzbqyME8Vu2BdKzZ6DhWcpTtPFDf_pY8UfY2NKYLreydjBBrDfDLZ2BjYVOiY0RT0FxyYue&sig=Cg0ArKJSzGyQk7yn0CfKEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:34 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/ Frame CA03 		23 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/abg_lite_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d93c445a67d71996119f9eff796d49f0345670d58ce927b278fa2de7b9397e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
14443936298496593048
age
37228
x-content-type-options
nosniff
expires
Wed, 22 Jan 2025 15:56:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 08 Jan 2025 15:56:07 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
9152
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/ Frame CA03 		3 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20250107/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
6567774568227038691
age
2959
x-content-type-options
nosniff
expires
Thu, 23 Jan 2025 01:27:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:27:16 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame CA03 		218 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

content-encoding
br
etag
15965780714114583650
age
3520
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:17:54 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Thu, 09 Jan 2025 01:17:54 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
14587501474971625429
tpc.googlesyndication.com/simgad/ Frame CA03 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14587501474971625429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202501030202/pubads_impl.js?cb=31089501
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2001 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a57afdd6754979c57621fbe1c0fa37b20d48c19a478be1752258b532185abd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

age
354092
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Sun, 04 Jan 2026 23:55:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Sat, 04 Jan 2025 23:55:03 GMT
last-modified
Tue, 18 May 2021 20:14:52 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
42057
x-xss-protection
0
server
sffe
l
www.google.com/ads/measurement/ Frame CA03 		0
0
truncated
/ Frame D36A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8a2edaf760102f3e7af939dc9588499dc6a4e43bfcba033ab1daad094f8073c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 38E0 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13e7566d054737bc7b77f9122efb4c87c904696e9c5203318db3d09242381598

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame E685 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7b271b035368e87b56face139744dfa682088dfbd3af7ae825e9095188c7780

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame 830B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65bdb275db1476d23eb0e3708a4a538c8f705f66cfd948f98ff2b2bdd9a5991f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame CA03 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5cc43d7aa4836a5e0a45998487e34895b735a0f8b534c418aa23621d357635f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame D36A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E685 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 830B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame D36A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame CA03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame E685 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 830B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame D36A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsufErspYJJd6Hj-t6vu5BBvWqmJ2aRZJeCohsPO7POxXdz-fZlSLFPodjl0Qq4mNfljT31MPToxIg_Sj1Dfnwgv3wTGMFNb1lJ52actqSovs23OWoo83qjHdwLTqNORdiSzVTr9WYnTG46t5gD100Kzf00KN5kabX3L-hgg7oNj66MDXjeagfSRrHlqOMcmccTmiBsTi3nBZMEO7ZdGTPQ6O8agXgA9njo_OoeakCNFlknPSBgi4aDQVDw7dYTgCTZYcxMOTB-2zutxE0VasS2FELn1-mumDZKSWfhUeqTTN2SVqnMiTK7zBcdrL3Xipst2BDPgW1WVLRlbaWh_O3BA-Tgg1khOgFsh-NLAJxvB7RYyqPB_R8_yNGcZMBRyFQgJIyP2iiK5bF7-TbaYHKMjz7tOsd5jIpfWGTwT71zRukCneS57ejYLMjphAjcpG1vTqKgsjY3vOXwUOdrTcJee&sai=AMfl-YTCK4skSU_IpesO4NDSL1mf2go63CiU5BzhbKC6RLV3XmHuDLdoCd31TIr0rhb2iRqUMcAhMis0mqtcxBzEkv8kSprZQrBJPu-OowjVvFF7RQOXOgjyHIKj-0Yv&sig=Cg0ArKJSzBM96uc6B0tbEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame E685 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssn1O9HXmXxG2Hd62_TgeaM3GYf3_Z6ykm7G-gQ7_mFK_nT1RV2tW6xG_RievcNbAqrR5qpa9Y8epZ2mVzk3DeaGwmvrzEpWRcHcR8lUfXjTTBt3iWh68s-4bpf5TaqYaah9k3KJkR7v9dC5xTnmy4EyNcneGKwNIP_PGcOAks5t5Ej1a0sIjkP5aNBYfwEwMa7dfHBb3nOCAXe_kCDnuoXlqe7R9Tyx3JOOFeHxtlE5zNxAyp9SEDJTbDfVtTnPJsK9OUwNFLxOKA1SvcaT0-CTyOZKW2FrNr2SdaPkjLzA_wVjqEwsqKAXcKfznA3TIyKkbyCr5eJUOGBgLAr0Xa9-aXb4VwlcBfI1ois_s02dTbxSrC_N9clAJd0Cwq_Lry4X77psTxdm4j6jXoIOMHzaULa1ZY9b8c7vx3IQnXM9akEIr5-s5L5q6lSaOIpPB3sc7mGSkd-zc3_qtE5DYwre4c&sai=AMfl-YQEVlwcUl2DQg2iOwUvM8WwjmzeNpW3pB3rBADEimsFBV4jeKgMVtbFJNJYp_oWyyiuS0bFWXyWQDEtpZfp-gmBO5OPh-aVkiXpRVGNwDecy_E6a3dPia4aYmD3&sig=Cg0ArKJSzJ8R8P0e_CvAEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame CA03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstn3z_zfA4ySD5thacvLfjusmTLa-Q4sCG55EGfwoOsKbZ5hkiAEI9Pk0A5-h8qs-QRW7r7f2iMBjtm48_SiZXpBc2Dz6TVz_1eLVkUQyw3rSz0bFKc5TYGWzWSWO2vIw4oXnZgKSiaIXiWTL84a35ScEBv3P9SMVtvP5QOO12ZQ70rrffFwURyw7zeaE3q-FIWAREKpTY0wiNV24iVtCDEp9yfYEuvdnr6A_5Cmo6WQ1Kj2nB7ZQaRRBPmWIdWNAKh5W8EYcK5XntTZUpH4kCoelWIlnGrLwiXegeYYHSDg5otkFO4nplMuj96ZWy8rITrVv0xYBAAULnW9bP4wiX_Kt91noT7x39jPGPucs_P--xubgwoHUuyjWLPPAvZ5GRUHRRogiNYtLQgsWZJDw_woXNNet1SMYdmXIey_e67zooWj0mEr6awBq9VyzUDcEsOSiWd_JNOU4MIazGBw_c&sai=AMfl-YRR4ERrWt20VHdmtA_WFmO3DhxZ0_KfpJwvteBnZ3X5TkzpNwm2lpMhLBfrj9TOfEjBaJIqc1lHohZe_mdOkVZJ7L9mHPJ9JrajUhVnjPoTKvr-Rl2vK1NSGd5H&sig=Cg0ArKJSzPOOm1zq0faSEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 38E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuZMXRosjTnN70hx2pabJDUKoKcZRErSTLH9ltlUhVXQ0NvbOYJk0dT18gIcPFBtyycdOmGATtP2jnCSH4dyofLPZRKkAw9wfFAMgYs6Y3GQPabR0Iy9Cuy1KlCjTWLgI7fkOSTiEz7uEnZpRGNhgcoCh7VFFkKVO5DIBwozWLwZB-hWxQgCZXmbWjr49bA_RnLTePHcr2MN8Rj3GlF5fA8-Caj4QvAvdwlZ-sBBd6M_pOrYzUGBPo-iZLpt_lbce21LqRY1pnmyPxG2mDVEhpQTwbqYKT-1E7yQAC8Xy3kU5a3RAbhTDxLEqVSGUn-v3yzXgOVc5OzTgHkOpQx0kWqHU4bi0ajSob2zuhS8wKYsgUE5tCKu9MpKuJ8nNcuKmu815Om328vwbrKL5LAQNNKWZQR5WgMFlgUY9RNguxaPSddt9oMCBprhf9sn3Ls59TePrOlV-ov1SqmX6FzfRs&sai=AMfl-YSF9cVicS3ajDcsElMV4z5ObrP-GYnC4LlmbhfezY8QhHFp2pcXS2h0QaU5XuSXeKOSXOJxuOp5pCC0QGF11erTz7McywG5UkKYU0z_M_6DMqoXW2vYon9WuIJx&sig=Cg0ArKJSzC7CVqBcYlLVEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 830B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsumOm9_zIjQxO-nKLohSYi3-ouf3PK0Xwb_TGGSQhe-fHUR2eh5rUkf7KFsZ208sb-NucYKUF0pdIJkPk4Vgp1I2iu684VN1_KzR11a08W9jN_b8oDlnVjvS_EdA2KGy39VwoemT5yuWATlpi9uQVZP3bAwh4PrtRJVz-G5gO0FPX6W3c-osHavR2xZXYVSa-RrF2iZnaCz8C--40ljQijvw7v6lDr6KdyWjOxEWvZ8dW_TKGm-zLrHerqxYKNaEvTyr7JlKQ1loG6NB7F1qUIDV-kfZYqSDVHl5RkA5F1f0aXfQlkROHB4EXheVphheisAkUvJQqL3RWU-ysK_kbj5qmNc7DPYLVn3SmjqS2mNi1_KSxYxJxSbs0m4NhKDrrx20uAgxzPbVUVdNxkXmB5XmziVybw2VkstHYcqx_hl4bz02C_Z8nA61WxzpVoPscyYRkMvn--nu6LNIS13a4IXtWBEVyo&sai=AMfl-YTZlySET5ha9CbcexfDB1uc5RkLOFxdvhWhNAabVyenAXjJvFijqkgqx4e6mtFHSigSsy_eoDdXuJnGouI3_RTE6luCI4YmnmaBtaELsEgce9Z_OtXjd5CcD0AI&sig=Cg0ArKJSzIfkyP5528ftEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Thu, 09 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Thu, 09 Jan 2025 02:16:35 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gn
secure-us.imrworldwide.com/cgi-bin/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-us.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-408075&ch=au-408075_b99_0&sessionId=1aasdd8kyxassyec1w4z3sxs727rz1736388992&fp_id=boynwlcxqj4ccutq8z9mx6zyqvcfl1736388992&fp_cr_tm=1736388992801&fp_acc_tm=1736388992801&fp_emm_tm=1736388992801&asn=0&prv=1&c6=vc,b99&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,izahujftzjizkwggpiegkhgg0epjp1736388993&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,17363889927969648&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1736388995&rnd=335206
Requested by
Host: morningrainblock07.cezmal.workers.dev
URL: https://morningrainblock07.cezmal.workers.dev/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.105.148.211 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-105-148-211.ap-southeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache
pragma
no-cache
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
cross-origin-resource-policy
cross-origin
access-control-allow-methods
POST, OPTIONS
expires
Thu, 01 Dec 1994 16:00:00 GMT
access-control-allow-origin
*
content-length
44
p3p
P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
date
Thu, 09 Jan 2025 02:16:35 GMT
content-type
image/gif
server
nginx
publishertag.prebid.144.js
static.criteo.net/js/ld/ 		96 KB
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.144.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.144.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2406:2600:7:100::1 , Japan, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"653b5c0e-1811e"
cross-origin-resource-policy
cross-origin
expires
Fri, 10 Jan 2025 02:16:35 GMT
access-control-allow-origin
*
date
Thu, 09 Jan 2025 02:16:35 GMT
content-type
text/javascript
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
activeview
pagead2.googlesyndication.com/pcs/ Frame D36A 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi962ag7nix-848dq6K0sVYYkkTfLBUedC4xGMvlVabXdbmWqqQc-Jr7DHOR2tKdRAfu7g2exbKAz4UAmQ3lOqkZ68OOpRK28tg39y687_41fP9Efffg-UEe6iu6J4ll2tRhBeCr5Fd_fTJshthtXC-AQXYDCaiEcvj9GrRtXiAviEo5aFK-5HnCcet3U54GFKMQ&sig=Cg0ArKJSzK2wm626MBoxEAE&id=lidar2&mcvt=1001&p=76,362,166,1090&tm=1315.0999994277954&tu=314.5999994277954&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2675502559&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3232179400&rst=1736388994721&rpt=508&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 09 Jan 2025 02:16:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame E685 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvASfgoQ-miapRqfT0aB3pie4YCwJJQUFgCM8gBspVVBND6bNa2JVmnPLd5rVprEntoildDdOy2OCQoar1ZUvEJxnPMhwyuf39kXjglUl_ScIizmn53K1blSIbM3_Bllfz9DwzzU4iHmQBVJ80HFU0nS3jTAQOzj6GezzsUe5x4wSSzTNu6EiplJ7JnrTJLdsp7JA&sig=Cg0ArKJSzFMz0w9Uf-Z_EAE&id=lidar2&mcvt=1003&p=76,1112,326,1412&tm=1352.1999998092651&tu=348.80000019073486&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2311931128&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3232179400&rst=1736388994772&rpt=538&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 09 Jan 2025 02:16:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame CA03 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvifjwGDZHxbMqB0Xsm-crCMHlTaVCfNxTOMWris2Pl8f1eaP2UPWfMwU-rSumQSYd1TaxaysmiVjKrpexvDWl2iam2tG1HnGyAng4twm8sTwHpP6FqDfnq1gaMjuZI2AUJfzdaYL_aD89Jm-C0Gmcwa48C7Aus7okq_2bV3YgzAwX2z0mxSZVGHztbFGOEt2Zohw&sig=Cg0ArKJSzN3SiPeSIhQQEAE&id=lidar2&mcvt=1004&p=696,362,786,1090&tm=1385&tu=380.8999996185303&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=437806214&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3232179400&rst=1736388994796&rpt=528&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 09 Jan 2025 02:16:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 830B 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0c5WsihU3LBO9Th1XaTLv9gKnhxHa13zplOWGntt06dvdG32B5-9ffKCgDy345-HXz2ORVuysCBqO-vRiCWYXmL04S3tKO1ZJacxaP9hxsLB7afeXeNwWXKvseU_ikbKarn2TEKyy4uTQmqmgwaDo0MUaDgO-78uUn0OfBVrMBIKfdx3ht_RCVsmd1r5PX9oJiQ&sig=Cg0ArKJSzK89qMj8DcHLEAE&id=lidar2&mcvt=1006&p=344,1112,594,1412&tm=1356.1999998092651&tu=350.3999996185303&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1178321438&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3232179400&rst=1736388994784&rpt=551&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 09 Jan 2025 02:16:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 38E0 		42 B
65 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWztapd8a85hi_od1cIBl-P4O34UKBSmUQQZN0wNf5OZI7Pg-bB2fFpbIfcKBsk19T0QqsZTVn65Htg1Nvj3E_g908hlZdvtqhnaortoroLbuyCqUXcN9iQ2LGqGxdt1bQ0nIYdC-GrjJqLDD0EG5KaHVSWns5EXJktjt0Lnbn4sThlBa5mC89rHI2203YCMQ9Jg&sig=Cg0ArKJSzNDHk6upqpieEAE&id=lidar2&mcvt=1007&p=76,188,676,348&tm=1409&tu=401.69999980926514&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=490556826&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3232179400&rst=1736388994759&rpt=569&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 09 Jan 2025 02:16:36 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C435 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=159017&us_privacy=1YNY
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.221.132.242 Rehovot, Israel, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-132-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=95769
content-encoding
gzip
content-length
6694
content-type
text/html
date
Thu, 09 Jan 2025 02:16:37 GMT
expires
Fri, 10 Jan 2025 04:52:46 GMT
last-modified
Wed, 13 Nov 2024 05:14:24 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pd
ookla-d.openx.net/w/1.0/ Frame E53F
Redirect Chain
  • https://ookla-d.openx.net/w/1.0/pd?us_privacy=1YNY
  • https://ookla-d.openx.net/w/1.0/pd?cc=1&us_privacy=1YNY
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ookla-d.openx.net/w/1.0/pd?cc=1&us_privacy=1YNY
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
394
content-type
text/html
date
Thu, 09 Jan 2025 02:16:36 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 09 Jan 2025 02:16:36 GMT
location
https://ookla-d.openx.net/w/1.0/pd?cc=1&us_privacy=1YNY
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame AEC5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1YNY
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.50.217.157 Kuala Lumpur, Malaysia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-50-217-157.deploy.static.akamaitechnologies.com
Software
Apache/2.4.62 (Debian) /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
224
content-type
text/html
date
Thu, 09 Jan 2025 02:16:37 GMT
etag
"10d-629840acea280-gzip"
last-modified
Wed, 18 Dec 2024 04:42:34 GMT
server
Apache/2.4.62 (Debian)
vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 57F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age
840
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
8ff0ed20cca9d9b3-AKL
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 09 Jan 2025 02:16:37 GMT
expires
Thu, 09 Jan 2025 06:16:37 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame AD3A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: b.cdnst.net
URL: https://b.cdnst.net/javascript/prebid.8.31.0.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.46.179.27 Sydney, Australia, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-46-179-27.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://morningrainblock07.cezmal.workers.dev/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 09 Jan 2025 02:16:37 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 10 Jan 2025 02:16:39 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
check
jogger.zdbb.net/ 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-KKLSRK6J1Z&gtm=45je5170v879908529za200zb6359835&_p=1736388991020&gcs=G111&gcd=13t3t3t3t6l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1340808459.1736388992&ul=en-nz&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1736388992&sct=1&seg=0&dl=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F&dt=Speedtest%20by%20Ookla%20-%20The%20Global%20Broadband%20Speed%20Test&_s=2&tfd=10348
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KKLSRK6J1Z&l=dataLayer&cx=c&gtm=45He5170v6359835za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://morningrainblock07.cezmal.workers.dev/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://morningrainblock07.cezmal.workers.dev
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 09 Jan 2025 02:16:39 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRz-yomi376kMQV9l_gTJMTa__mt0-q3LS7DFqkAX-jvQ3tpKYw4ygH-djZcMUvuEC6cNE3oIX1ua-UoWVJ0pFf4r48sw
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmvbIxZfzdJCfcyUwHciYrGEFeGdLXSyj2QOOqsNLjpIzDc7JHU9D6DZhxAxPRyuoZd1FjGBeOjbk7QjqepJKA-fUQew
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmkOS_XJMeaKDj7caL6ljgXL5xL9Tc_qjVGI6mUyHN-DbWU0N5PkRSlXSSRCKI_u0OMRqgIkymUMc0edp5ceoDpeqO8w
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSfeQ8iP47TLmb_e4HOvK2T8cPxXtQAJLJK7_2SUtLAZap5Ca4D2SGKRSFxVfvUVzIw3y7C72TtsOvvVbQQduXN42whDw
Domain
www.google.com
URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSJw5cIMwql1_hvbla5KEa62GS_poGEabx2mw18qaCqramo2pG5vESQgxa7gytgLKUYaOnNl6UrzvP_kf_z8vjDO6OMIw
Domain
jogger.zdbb.net
URL
https://jogger.zdbb.net/check?href=https%3A%2F%2Fmorningrainblock07.cezmal.workers.dev%2F

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| zdconsent object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| dataLayer object| OOKLA object| googletag string| visitorGlobalObjectAlias function| vgo function| __zdcLoadOT object| $jscomp function| $jscomp$lookupPolyfilledValue function| __ZDConsentSetCookie function| __ZDConsent2 object| __tcfapiEventListeners function| __uspapi function| ga function| gtag object| _sf_async_config object| pdl object| tp object| _pac object| cX object| uetq string| prismGlobalObjectAlias object| visitorGlobalObject function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ object| Backbone function| P function| sprintf function| vsprintf object| _log object| core object| global object| System function| asap function| Observable boolean| _babelPolyfill object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI string| inputEventPatched function| Chance object| chance function| jQuery function| $ function| $script boolean| liModuleEnabled object| liQ_instances object| LI object| liQHub object| liQ object| _aps boolean| apstagLOADED object| google_tag_manager object| google_tag_data object| nss object| el_nss object| _nol object| _comscore object| ggeac object| google_js_reporting_queue object| COMSCORE object| ns_p function| onYouTubeIframeAPIReady object| gaGlobal function| NolTracker function| nol_t function| logger object| V60 object| NOLBUNDLE string| localstorageframe object| google_reactive_ads_global_state object| zd function| lr_Envelope object| ats object| zdcoreLICallbacks object| zdcoreZpackCallbacks object| google_tag_topics_state object| ciDdrs string| key object| Criteo function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents string| __ZD_CPID_ object| __ZD_USEG_ object| __ZD_SEG_ object| zdcoreGurgleCallbacks object| zdcoreSignalBuffer object| zdcoreFunctionBuffer number| google_unique_id object| criteo_pubtag object| criteo_pubtag_prebid_144 object| Criteo_prebid_144 object| criteo_syncframe_state

118 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CjYKBgj5ARDlGQoFCAoQ5RkKBgjdARDlGQoGCIEBEOUZCgYIogEQ5RkKBgjSARDlGQoFCH4Q5Rk
.liadm.com/j Name: lidid
Value: 9044b485-f0c6-4a9a-8005-b2a50d45d0f9
prism.app-us1.com/ Name: prism_478502367
Value: 6ecdce62-0370-4a68-86b5-6095e1305569
.cezmal.workers.dev/ Name: _li_dcdm_c
Value: .cezmal.workers.dev
.cezmal.workers.dev/ Name: _lc2_fpi
Value: 487a14389edf--01jh4djpmks2mttxmae812sp0w
.cezmal.workers.dev/ Name: _lc2_fpi_meta
Value: %7B%22w%22%3A1736388991635%7D
.cezmal.workers.dev/ Name: _ga
Value: GA1.1.1340808459.1736388992
morningrainblock07.cezmal.workers.dev/ Name: fu
Value: 1
.scorecardresearch.com/ Name: UID
Value: 124a74e012a5717805565621736388992
.scorecardresearch.com/ Name: XID
Value: 124a74e012a5717805565621736388992
.liadm.com/ Name: lidid
Value: 9044b485-f0c6-4a9a-8005-b2a50d45d0f9
.cezmal.workers.dev/ Name: nol_fpid
Value: boynwlcxqj4ccutq8z9mx6zyqvcfl1736388992|1736388992801|1736388992801|1736388992801
.zdbb.net/ Name: h_zdbb
Value: 7c29560dca9748c093b82d678d510dc7
.zdbb.net/ Name: csp
Value: 0
.casalemedia.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.adsrvr.org/ Name: TDID
Value: 4f9f0ad7-81a3-4e9f-a192-87dcea2747e1
.imrworldwide.com/ Name: IMRID
Value: bebe6bf1-ce2f-11ef-becd-236bde0b2246
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
prebid.media.net/ Name: receive-cookie-deprecation
Value: 1
.zdbb.net/ Name: zd_cs_go
Value: 1
.turn.com/ Name: uid
Value: 8398627074680201447
.rezync.com/ Name: zync-uuid
Value: 00736c4b-a50a-424c-843d-13e4b3bc9ada:1736388993.3195157
.sharethrough.com/ Name: stx_user_id
Value: 48461bc7-ef61-4b83-a931-264913d80599
.zemanta.com/ Name: zuid
Value: MOaPxjREp4slxgTL1ohv
.demdex.net/ Name: demdex
Value: 66174511158387873862439176219720224954
.doubleclick.net/ Name: IDE
Value: AHWqTUkV4FQ3VP2BDzZajf9WQ0WXlUyQhdw5yfFZhaE7dCEBFYuLdpcR1jwjvg7rPwA
.rubiconproject.com/ Name: khaos
Value: M5OP6AAS-1J-AHB8
.dpm.demdex.net/ Name: dpm
Value: 66174511158387873862439176219720224954
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a5a3389d-dfdd-5f1a-6514-8be64d3bf33b.%2BMMaI7aytrBV%2Bf%2FpqyKf4%2BfvLRuj%2BCumP%2BhI6LqvrF4
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a5a3389d-dfdd-5f1a-6514-8be64d3bf33b.%2BMMaI7aytrBV%2Bf%2FpqyKf4%2BfvLRuj%2BCumP%2BhI6LqvrF4
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApaM4nd_dXxplFIvmTTvzO2dLC2c.uTe2JVbnkHSKMuX80PneuWT%2F8awe%2Bpa%2FjmWMhhRA6FU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApaM4nd_dXxplFIvmTTvzO2dLC2c.uTe2JVbnkHSKMuX80PneuWT%2F8awe%2Bpa%2FjmWMhhRA6FU
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHGYbb8g9D6Fd34xOm25auFE6VOeovR1utJ4RrN6NkRAEGcYBCCB4_y7BjABOgSAOSS3QgQs62US.jWxjYmUANEiB88MUAwV4LbfqOQxfqhuronzn2RG4dcg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIHGYbb8g9D6Fd34xOm25auFE6VOeovR1utJ4RrN6NkRAEGcYBCCB4_y7BjABOgSAOSS3QgQs62US.jWxjYmUANEiB88MUAwV4LbfqOQxfqhuronzn2RG4dcg
.zdbb.net/ Name: zd_cs_ns
Value: 1
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDA2MLW0NDQyNTU3NBPiM9Qtj_IzzjZLDCr1NA0GAPZCcd4lAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_w3KwRGAMAgEwI_t4IAHAnYDJI1Yue5738OZHfdoUxkX6aVDoVgk2NroyVr1yH8QkYkTkibmHwcOxo86AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0NzW0MDA2MLW0NDQyNTU3NBPiM9Qtj_IzzjZLDCr1NA0GAPZCcd4lAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XKsRGAMAwEwQqIqEOMxMtYTzeyTUOEhFQKGUN4O3fOVbVi694ki6b46l3CMcRweEPrzJG7vQ8iSCwwFiv1mqcPGbx_TX0AuLZAf1oAAAA
.criteo.com/ Name: cto_bundle
Value: RbKrHF9qYnd6WU51bTFQMTRLSWoyOUFwODdiYnpZM1lkdjhNNURyU2M4Uzc0Y2NRMlZ4UlhJYVI2OXAzZEZUVmdVckY0dUloaEklMkZoRFgzaU0zRk5Jb2Zxb2Z6Rk9XNktpRmxpcDBYbURkMiUyRmNoamtIalllaVZOcCUyQmRXYUxZTlJsNzBENQ
.cezmal.workers.dev/ Name: cto_bundle
Value: rKBEQ181RGdPOEdBdHBmWkJmU1NGbGxRYTVXQmxlbmRZNE9tWWYlMkJNYW9HdjglMkJrZEQ5SmdmZzNJSk5tejZ3U29Gcko5MEcyam1PbiUyQmVNR3ZieFc1cUpyWGtpS3VudElYWVZBZWJDQllqN1NJMkhIbllNdFk3TTJSJTJCYWd0azNPYzI1TFRP
.cezmal.workers.dev/ Name: cto_bidid
Value: -jjZhV9DRSUyQkJ2aDRoanRSNDdnZmhVREFoVG5CZG8ySG1ITnFXSG5kbCUyRkJHWjQ5aWpmbm5VM2hBZFlDdWtTa2lIeDRWS04zblZUTDglMkZkbEttZHBRWCUyQmNMSnRRJTNEJTNE
live.rezync.com/ Name: sd-session-id
Value: .eJwNyjsOwyAMANC7eA4VjnHAXCbi4wG1SauQLo1y9zI-6V2wfvTY0q77CfE8vjpBebWhDvGC3n6bPiECimcMliyL4MzscYF7gq69t_e-tjqOtZ6W4rJJbJNxsysmOKoGSV2mXCTVFHEcCkGEHoTCyB7uP6t8JcU.Z38xgg.-hufLoVjGac6t70EXUTjw3s802U
.agkn.com/ Name: ab
Value: 0001%3AdFUceJyic2vrEr3TJRqBSERVDQ%2Bzckn7
.zdbb.net/ Name: zd_cs_td
Value: 1
.outbrain.com/ Name: obuid
Value: 50c2efcf-ecd0-4719-a3c9-f860e2119bc9
.id5-sync.com/ Name: id5
Value: 128adcfb-72d5-7c2b-b89d-66693836a4f1#1736388994401#1
.cezmal.workers.dev/ Name: __gads
Value: ID=80584afdcae125a9:T=1736388994:RT=1736388994:S=ALNI_MZJDFNbLNs81W7ysT_9dQtenwVuAQ
.cezmal.workers.dev/ Name: __gpi
Value: UID=00000fda77c058c8:T=1736388994:RT=1736388994:S=ALNI_MaxKbuZ9NENxhMH-FeheMZ2Bla3gg
.zdbb.net/ Name: zd_cs_None
Value: 1
.zdbb.net/ Name: zd_cs_bw
Value: 1
.cezmal.workers.dev/ Name: _ga_KKLSRK6J1Z
Value: GS1.1.1736388992.1.0.1736388994.58.0.0
.bidr.io/ Name: bito
Value: AAD8-U7O_mMAABZ22razcw
.bidr.io/ Name: bitoIsSecure
Value: ok
.zdbb.net/ Name: zd_cs_aam
Value: 1
.zdbb.net/ Name: zd_cs_eo
Value: 1
.eyeota.net/ Name: mako_uid
Value: 19448d970b8-65050000010d5108
.eyeota.net/ Name: SERVERID
Value: 20744~DM
.openx.net/ Name: i
Value: 1061e382-16c6-0ae7-3c1f-44a90f7b291c|1736388997
.ads.pubmatic.com/ Name: KCCH
Value: YES
.zdbb.net/ Name: zd_cs_ady
Value: 1
.openx.net/ Name: pd
Value: v2|1736388997|jElYiuvOiahI
.adnxs.com/ Name: XANDR_PANID
Value: Aw444dl9v3PaUVmORk83qKc9cJ_5cwwFzQ11arxp2v7r3gJRjWXUAqXQEuuXKuUb1O7hmUqR8oZNLwf42fLqoQSc9sTecpeYvnsNdF2P5l0.
.adnxs.com/ Name: uuid2
Value: 1909152627205155401
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 4347DA7A-8A73-4177-A187-DE1F12FECD7A
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159017:2
.pubmatic.com/ Name: DPSync4
Value: 1736985600%3A164%7C1737590400%3A197_226_245
.pubmatic.com/ Name: SyncRTB4
Value: 1737590400%3A7_3_247_264_220_21_56_13_71_54_8_270_76_201_266_22%7C1737244800%3A63%7C1737676800%3A35%7C1736985600%3A223_2
.ladsp.com/ Name: cr
Value: 1
.rlcdn.com/ Name: rlas3
Value: fhMkuwpyfsFoYtStFp3DBdXOWmWOt7iC6BbjjB2Txik=
.rlcdn.com/ Name: pxrc
Value: CIbj/LsGEgUI6EcQAA==
.ladsp.com/ Name: smn_uid
Value: NyJD2XR3sdBLcJwgzwUp4yhnrutoOyk
.ladsp.com/ Name: lum
Value: CJXo5cbEMhIFCAoQ4BI
.zdbb.net/ Name: zd_cs_ada
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNzM2Mzg4OTk4fQ
.analytics.yahoo.com/ Name: IDSYNC
Value: 18z8~2muq
.yahoo.com/ Name: A3
Value: d=AQABBIYxf2cCEM0Com7Wkp6XRNSJLtj2LGMFEgEBAQGDgGeJZw38xiMA_eMAAA&S=AQAAAqv8qGCvIIpiTD93Jlwd8rQ
.adform.net/ Name: C
Value: 1
.bidswitch.net/ Name: tuuid
Value: 2d349779-7f8a-43f6-aa67-8d788b8ea69c
.bidswitch.net/ Name: c
Value: 1736388998
.bidswitch.net/ Name: tuuid_lu
Value: 1736388998
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-4f9f0ad7-81a3-4e9f-a192-87dcea2747e1&KRTB&22918-4f9f0ad7-81a3-4e9f-a192-87dcea2747e1&KRTB&22926-4f9f0ad7-81a3-4e9f-a192-87dcea2747e1&KRTB&23031-4f9f0ad7-81a3-4e9f-a192-87dcea2747e1
.pubmatic.com/ Name: KRTBCOOKIE_629
Value: 11487-AQ9HoJF7234Bks8AKGeu62g7Kc8AAAGUSNl0FQ
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8398627074680201447&KRTB&23150-8398627074680201447&KRTB&23527-8398627074680201447&KRTB&23643-8398627074680201447
.quantserve.com/ Name: mc
Value: 677f3186-7090e-9cb35-678bd
.quantserve.com/ Name: sp
Value: CggIiQ0SAxCqDg==
.pippio.com/ Name: did
Value: s5Xo7acraC1AhUUL
.pippio.com/ Name: didts
Value: 1736388998
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CAA=
.rubiconproject.com/ Name: khaos_p
Value: M5OP6AAS-1J-AHB8
.ambientdsp.com/ Name: _aGeoIp
Value: NZ-Auckland
.ambientdsp.com/ Name: _aUID
Value: 17k383jwctfn
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEA1byiFFa6hgQMgmg3CPdmA&KRTB&16514-CAESEA1byiFFa6hgQMgmg3CPdmA&KRTB&23025-CAESEA1byiFFa6hgQMgmg3CPdmA&KRTB&23386-CAESEA1byiFFa6hgQMgmg3CPdmA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-9-PbKfLl1Hns49x28bHBdqK233rs4tt3o7B0qj17&KRTB&22979-9-PbKfLl1Hns49x28bHBdqK233rs4tt3o7B0qj17&KRTB&23462-9-PbKfLl1Hns49x28bHBdqK233rs4tt3o7B0qj17&KRTB&23661-9-PbKfLl1Hns49x28bHBdqK233rs4tt3o7B0qj17
.adform.net/ Name: uid
Value: 2906470911267902406
.pubmatic.com/ Name: KRTBCOOKIE_1290
Value: 23368-17k383jwctfn
.simpli.fi/ Name: suid
Value: 1B0B7D20A3E24257A7EB0D2B7D1438AF
.adsrvr.org/ Name: TDCPM
Value: CAESGQoKbGl2ZWludGVudBILCIbYvrS1l9g9EAUSFwoIcHVibWF0aWMSCwjQmf7itZfYPRAFEhYKB3J1Ymljb24SCwj-qqrqtZfYPRAFGAEgAigCMgsI6o-BkMyX2D0QBTgBWghwdWJtYXRpY2AC
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: d7199b81fcb45bea6a019a4c36c3cb73
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-7311848131479909779&KRTB&23231-7311848131479909779&KRTB&23263-7311848131479909779&KRTB&23481-7311848131479909779
.mathtag.com/ Name: uuid
Value: d42a677f-3186-4600-b0dc-e5f2f8914138
.creativecdn.com/ Name: g
Value: rmd2tqskQp07vRzGIQYQ_1736388998752
.creativecdn.com/ Name: ts
Value: 1736388998
.pubmatic.com/ Name: SPugT
Value: 1736388997
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:1B0B7D20A3E24257A7EB0D2B7D1438AF&KRTB&23486-uid:1B0B7D20A3E24257A7EB0D2B7D1438AF&KRTB&23489-uid:1B0B7D20A3E24257A7EB0D2B7D1438AF
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:d42a677f-3186-4600-b0dc-e5f2f8914138
.adx.opera.com/ Name: UID
Value: OPU8982bd441c394da0b5343f7410b7638b
.eskimi.com/ Name: __eConsent
Value: 1
.eskimi.com/ Name: __eDId
Value: 1252c95d-1b8b-40d3-9185-379612b9f8f2
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU8982bd441c394da0b5343f7410b7638b&KRTB&23485-OPU8982bd441c394da0b5343f7410b7638b&KRTB&23524-OPU8982bd441c394da0b5343f7410b7638b&KRTB&23575-OPU8982bd441c394da0b5343f7410b7638b
.pubmatic.com/ Name: PugT
Value: 1736388999
.rubiconproject.com/ Name: audit_p
Value: 1|WD0cx+9RTMJ19ciInLxZE0vjZfuaiEilTI6C5aYwItZP4rTkBDOj1FqzWI8KNFzLAkC/3U/nZEMoFV4wOMyUsYHBYBng8VdAE8kPERaZW8EA/t9NOrAfVSYbB5SW5XQ3oR8jWETL01GpRkKTm0WCRg==
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMJ19ciInLxZE0vjZfuaiEilTI6C5aYwItZP4rTkBDOj1FqzWI8KNFzLAkC/3U/nZEMoFV4wOMyUsYHBYBng8VdAE8kPERaZW8EA/t9NOrAfVSYbB5SW5XQ3oR8jWETL01GpRkKTm0WCRg==
.semasio.net/ Name: SEUNCY
Value: 4FE9FA11CB654B74

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'; upgrade-insecure-requests
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5df34df397ca2b2d6ecd69b4ccb224fa.safeframe.googlesyndication.com
aa.agkn.com
acdn.adnxs.com
ads.pubmatic.com
analytics.google.com
b-code.liadm.com
b.cdnst.net
bee.imrworldwide.com
bidder.criteo.com
btlr.sharethrough.com
c.amazon-adsystem.com
c2shb.pubgw.yahoo.com
cdn-gl.imrworldwide.com
cdn.static.zdbb.net
cdn.ziffstatic.com
cm.g.doubleclick.net
diffuser-cdn.app-us1.com
dpm.demdex.net
eus.rubiconproject.com
fastlane.rubiconproject.com
gum.criteo.com
gurgle.zdbb.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id5-sync.com
idx.liadm.com
jogger.zdbb.net
js-sec.indexww.com
lb.eu-1-id5-sync.com
loadus.exelator.com
match.adsrvr.org
match.prod.bidr.io
morningrainblock07.cezmal.workers.dev
mug.criteo.com
ookla-d.openx.net
pagead2.googlesyndication.com
prebid.media.net
prism.app-us1.com
ps.eyeota.net
rp.liadm.com
rp4.liadm.com
rtb.openx.net
sb.scorecardresearch.com
secure-us.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
www.google.co.nz
www.google.com
www.googletagmanager.com
zdbb.net
jogger.zdbb.net
www.google.com
104.18.25.18
104.18.26.193
104.21.96.1
104.254.151.36
107.23.230.104
108.158.12.153
13.237.11.119
13.250.54.29
141.95.33.120
142.250.66.194
142.251.221.66
142.251.221.67
15.197.193.217
162.19.138.83
18.232.18.89
18.67.110.38
18.67.93.103
18.67.93.123
182.161.73.136
2001:4860:4802:34::181
207.65.33.78
23.221.132.242
23.46.179.27
23.48.247.235
23.50.217.157
2404:6800:4003:c1c::9c
2404:6800:4006:809::2001
2404:6800:4006:810::2008
2404:6800:4006:811::2001
2404:6800:4006:814::2002
2406:2600:7:100::1
2406:2600:7:100::1b
2406:2600:7:100::9
2600:1415:3c00::17d6:589a
2600:1f18:730:b120:136b:414c:557b:5fda
2600:9000:2215:a400:8:8845:1500:93a1
2600:9000:277c:3c00:2:42d9:3100:93a1
2600:9000:277c:6200:2:42d9:3100:93a1
2602:803:c006:158::65
2606:4700::6811:1fae
2a04:4e42:600::731
3.105.148.211
34.120.63.153
34.229.3.43
34.238.92.28
35.186.253.211
35.244.159.8
35.79.218.36
52.221.158.172
54.225.224.75
54.236.128.166
54.66.83.57
54.68.98.107
0210bcf8c6f9fb41e1db722e8ec3c318101342f5922c59331321c993df1720d1
034f831963d30419cdac507a4c3a2a9ff950419fea6aee7eee1b400f69d696b9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0832d681a79fddbc7bc10709ffd8b7d7e565646a41ab22716cabc679dcf94333
098a547bed95eef83a2a0ffa76f1d9961f12d38bb8fd9e1080e2b4ba83353351
0d23c759f4302ff762012a6ff00cbd124858dd9b387ea06eafa727c5e726fd77
0d93c445a67d71996119f9eff796d49f0345670d58ce927b278fa2de7b9397e9
0f291b0ff90907f8b3c94f4b3f74181fdae98ec1b43ebb0507ab89b59ea981d5
136008d56c092250908bab1352101d1fb75e25fae87ffda47aa45dbc910c5afe
13e7566d054737bc7b77f9122efb4c87c904696e9c5203318db3d09242381598
1633c36d872f99bc24d752e1f7ffde2864c675d8620b07224753193cac48b7a9
1a00aa81f6ca32a692772c6a8bc908b62198154ce3eef1eeef346d80100b8e04
1a41d9341fa3c80b1721ed6bef0ac275522dd4ff5c5c2838c05058d702e22260
26db36707844fa367f47c47b4b614db27a608286fe71d9ff8c3012dbe71c5499
2a10681e6824547e850f4de65c5b57cf60f2562bbc4d74eaba140f388aa259d0
2e0da7b78f6365146f0889b05e139587016e6b5e2e1a8d778dbc3272ad0a6278
308713a4824fa8f19b7b9305a93189d25a412bd838d1773b1ff81c260fc3cda0
30cabd65315139eaac2a9d894be6dfbacc9364599dead8c493eccf3d101e44f5
32b0ffbdaf288de753cd11b89e702c4c5c140b7a86037c852ebc341ad99c5f47
32b79f49ad238f7718e7ba9aa4cbb32e74a8a11a8a32dbcfdbfa926228c783f5
370eee13ce1673854df0e6f943214ddbed5310f2bdfadfb4961ea37013778d35
3786cc25e83fb0492695a4df1c6ead9e6cededfe54398112faba0e3b7b967f93
3f6004a6c9021e04ec32ca88df8f9a5785e53da23511f1bf0d56defc1b9759f8
3ff66387417489de93fa393db6d511581ea6c3b5c75d35190309be9cd916a9a7
40c42fdb05ad3423f2c92adddbd52b35591625cf2cac7f71003ce72df8731c86
4196d95ab415218fc8dce5037601f39e1824f2e57c6ebebf5557ddb3f11b537c
44f56b40b7478c6e011d8f633d2594e5f5163f3ba32b746f7c9198184585d048
49fcbcfb583d3b91eacf6542685a7f654b272672fde46565098bec9e6d99bbd2
4d031cfd80dc73f7d5e4ac9fd8dcb3efaf30545f09184fe939c86d02044ced06
51248129aced21c60268725b5fed0c1ad30538e3c5a1f562a01110959e09860d
528d84fafc0378019f428a0aeadf3623f14c4c212d40d069e418322570b48f01
53ef39c91fa4b4f2d68d15483dcd7a2bc4b089c954e7b5a6808c6560740c887f
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
60f378585104f050fb8c3e12ab387cba8a27b87c5d75e380898adb516d654fd7
65bdb275db1476d23eb0e3708a4a538c8f705f66cfd948f98ff2b2bdd9a5991f
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6a9908c1d68a193c2e279e0af45c862ba863d5b1be56501899b08b27fe746908
6bf839966d1e9d5a1c56621998697aed1037c4ba2877e1a0994dfb2502503657
72632a67254e78f0f1bb538e85274611d5c430d0b6eae3ac8637fdf2720ae669
7728cce2b609178959c30b82b9b781f370ef9d9381298bf6e0ba2e87b8c780ac
79a2810c7875d0f93755d565ae015d1b0d219f84806567924af696db632fbb40
7a6dc30cd24b8b804cb3924315cecd288d87ba0fbdf9c40151e459c2dfb74de2
7b2669736565cf357ad02fb29b5a1577dde4f0f6c8cb1044695bd70f1a5ce43d
7b73d32b556ccfe32f67773b30233eba938da9bf578d96b3d09870a8e668733c
8a2edaf760102f3e7af939dc9588499dc6a4e43bfcba033ab1daad094f8073c6
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
960a7810fdc586df7185948813a1d4b04bef5bb569a3b5f7b47a778f1e3219dc
9bb0ed8cd90e0c8e1eb1f98d2431a565b594641c7a382d3346fc42f97c16630b
9c234a39335c68efa876173f1af885a07eb982fde169e3627c70956ba0088313
9f30799e7ea5caddb7b79f074957baeaecccf1a31846993414008331c257d242
a57afdd6754979c57621fbe1c0fa37b20d48c19a478be1752258b532185abd3b
aea75483e6961d526af59b5a09af5fb3262d7ce210e90e590162e4613c9f06b2
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
b00588e879a7d9abc2a57ab668243ad8950bcd0c200a4a116df926131811b961
bbac26dc8947882cecfb0a68faec3feff055ea9da308640d3dbf5be913a3c569
bc19268eec3eefcab0d73c5e55fde322325236ec0a6da08af2da48d3afa2212f
c0193511cfcd9864e09c2e7175e6d22d6f1e0ad9199b4dc404197a2c65358e93
c5d5575d81c2b07ff3064aa426d7c4152206b7907903c2b8a29bce96ac3fd3b2
c71a9e85bc2da13a44a223a7e82ae8e2f7057da730cc9535b8cbb1e1e5e33e6e
c8c53488bb9f95e6c21bc5ccadfeeb12c1c55ff1474ad8098323fbf0f9f130f2
d0473941def2fa41a2cdfb2cef129d9c5b9d8bbc0060ec20b768bd94fcba9fe9
d1f2f875e8de26d6ebeac9e06d444f88124d4981eb91f48f632d6de0ea2b0c83
d3c3db2b5256d7c5fa7f2502e752ced784853fe0fdd01d8a219bd9e041a579c7
d41a000598f3e16b305de7eb737f58300f8e2364a8551838267a486b0f16e09d
d69319cf807139aa2fe5007897a14d8c8dd9d8ff8dd78c0c08b588d873a30ba8
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
e0971910cdc9f2e2935dda6d6f8018a6e55c690808334cd6de4b7c85b320b2ee
e228891b15bd5240c2da3a0d8e01c9795f13239c94de6ee383f7f8f908dbc417
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b2b4f5e11c0b73429c3ede6bcd9c9b99e7c8fe596c7d0a29e6639ad678d21c
e430ac99d48aa7aa291fe9ef82398d2e7f599643dd1732d026947ba15edf718f
e551239f9d963f64d1fd39d40285586400f4073acda91be5658c32117f6bc6ae
e6ae535eb518c43725fe696276420b218482a64d86b64aa279343e9cdd842a85
e7b271b035368e87b56face139744dfa682088dfbd3af7ae825e9095188c7780
ec0aeff46b4ac549eb3e5c9dff9d6c51e1964cac2022b48e277f6392a719e13f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f0fd431055f542877ddcc63055b31802011034e9dab36b59b02927548d9fde66
f296b7388d26c659d451819449df427b865bbe63cd2d9dd1e814f3f10e81446c
f39fe248cbe98f852b56d28c1af36f1d08541646075f14d853b99247be66e0be
f40d718d090a7d9fa4db0b9c2570cb05f7729e6c998c32c1c688f421ca7ac8c0
f413ed52238836f8e47dbe95fb447bbafbe200ffc0795325e53fdf3d1796768d
f5677dde8ee0b0017335b08a8de494b90646e4bce5e107ddb85cec7d7662915d
f5cc43d7aa4836a5e0a45998487e34895b735a0f8b534c418aa23621d357635f
f983d992f18cc6a5024a1fb94062872c8c1c9ddd3d936289cfb01b720a0c03d8
fe9dc95ef160d8b66c92cf394e2b853187cef88dda50e030d94cbbc7bc4a323d