novza510.gameyas.com Open in urlscan Pro
2606:4700:3032::ac43:a36a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://novza510.gameyas.com/
Submission: On January 11 via api (January 11th 2024, 3:18:28 pm UTC) from US — Scanned from US

Summary HTTP 144 Redirects Behaviour Indicators

Summary

This website contacted 28 IPs in 2 countries across 15 domains to perform 144 HTTP transactions. The main IP is 2606:4700:3032::ac43:a36a, located in United States and belongs to CLOUDFLARENET, US. The main domain is novza510.gameyas.com.
TLS certificate: Issued by E1 on December 7th 2023. Valid for: 3 months.

This is the only time novza510.gameyas.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
48	2606:4700:303... 2606:4700:3032::ac43:a36a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	34.107.231.31 34.107.231.31	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:38::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9b	15169 (GOOGLE) (GOOGLE)
18	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
15	2607:f8b0:400... 2607:f8b0:4006:823::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2004	15169 (GOOGLE) (GOOGLE)
2	35.241.31.249 35.241.31.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80a::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81e::2006	15169 (GOOGLE) (GOOGLE)
6 8	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
4 8	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.181.211 68.67.181.211	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.80.38 142.250.80.38	15169 (GOOGLE) (GOOGLE)
2	184.29.161.102 184.29.161.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.196.3.203 23.196.3.203	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.35.93.38 13.35.93.38	16509 (AMAZON-02) (AMAZON-02)
2	54.226.129.254 54.226.129.254	14618 (AMAZON-AES) (AMAZON-AES)
9	23.56.162.52 23.56.162.52	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:261... 2600:9000:261f:3200:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
2	18.214.86.156 18.214.86.156	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:141b:1c0... 2600:141b:1c00:30::1739:5a6c	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
144	28

48 2606:4700:3032::ac43:a36a (United States)

ASN13335 (CLOUDFLARENET, US)

novza510.gameyas.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com

p.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:824::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:38::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2607:f8b0:4006:81f::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2607:f8b0:4006:823::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2004 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.31.249 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.31.241.35.bc.googleusercontent.com

data00.adlooxtracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:822::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::2006 (Colchester, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.40.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.36.155 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.181.211 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.80.38 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.29.161.102 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-161-102.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.196.3.203 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-196-3-203.deploy.static.akamaitechnologies.com

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.93.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-38.jfk50.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.226.129.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-226-129-254.compute-1.amazonaws.com

d9.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.56.162.52 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-162-52.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:261f:3200:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.214.86.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-86-156.compute-1.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:30::1739:5a6c (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	gameyas.com novza510.gameyas.com	2 MB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	213 KB
18	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 ad.doubleclick.net — Cisco Umbrella Rank: 199	259 KB
15	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 1579 d9.flashtalking.com — Cisco Umbrella Rank: 3209 cdn.flashtalking.com — Cisco Umbrella Rank: 2086 ad-events.flashtalking.com — Cisco Umbrella Rank: 2563 stat.flashtalking.com — Cisco Umbrella Rank: 2806 secure.flashtalking.com — Cisco Umbrella Rank: 4453	82 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 1194	4 KB
7	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 5038 data.ad-score.com — Cisco Umbrella Rank: 4832	162 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	6 KB
6	adlooxtracking.com p.adlooxtracking.com — Cisco Umbrella Rank: 20371 data00.adlooxtracking.com — Cisco Umbrella Rank: 17170	64 KB
4	google.com analytics.google.com — Cisco Umbrella Rank: 266 www.google.com — Cisco Umbrella Rank: 6	1 KB
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 3648 agen-assets.ftstatic.com — Cisco Umbrella Rank: 3216	29 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 407	95 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	130 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	168 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 2290	63 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	1 KB
144	15

	Domain	Requested by
48	novza510.gameyas.com	novza510.gameyas.com
18	pagead2.googlesyndication.com	securepubads.g.doubleclick.net novza510.gameyas.com 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com novza510.gameyas.com 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	data.ad-score.com	js.ad-score.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	securepubads.g.doubleclick.net	novza510.gameyas.com securepubads.g.doubleclick.net
4	stat.flashtalking.com
4	cdn.flashtalking.com	ajs-assets.ftstatic.com cdn.flashtalking.com
4	p.adlooxtracking.com	novza510.gameyas.com p.adlooxtracking.com
3	googleads.g.doubleclick.net	novza510.gameyas.com 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com pagead2.googlesyndication.com
3	03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	analytics.google.com	www.googletagmanager.com
2	ad-events.flashtalking.com
2	d9.flashtalking.com	ajs-assets.ftstatic.com d9.flashtalking.com
2	servedby.flashtalking.com	03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
2	s0.2mdn.net	03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com cdn.flashtalking.com
2	www.googletagservices.com	novza510.gameyas.com 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
2	data00.adlooxtracking.com	p.adlooxtracking.com
2	www.googletagmanager.com	novza510.gameyas.com www.googletagmanager.com
1	secure.flashtalking.com
1	code.createjs.com	cdn.flashtalking.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	ad.doubleclick.net	03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
1	fonts.googleapis.com	03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	stats.g.doubleclick.net	www.googletagmanager.com
144	30

This site contains no links.

Subject Issuer	Validity	Valid
gameyas.com E1	`2023-12-07` - `2024-03-06`	3 months	crt.sh
p.adlooxtracking.com GTS CA 1D4	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adlooxtracking.com R3	`2023-12-18` - `2024-03-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-10-22`	a year	crt.sh
tag.device9.com Go Daddy Secure Certificate Authority - G2	`2023-07-19` - `2024-08-19`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-08` - `2024-03-10`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://novza510.gameyas.com/
Frame ID: CF1A8F284C2CA8D548DD452B48511545
Requests: 68 HTTP requests in this frame

Frame: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B389F1FA23458E7F0AB7C4C81081ADE5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4907DB064F0A9419500D8D5EAC904679
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 61E15AE35B07ED2C1086A366FFD097A4
Requests: 2 HTTP requests in this frame

Frame: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 04067B1D8931D0DC2F04A31E6770B3E8
Requests: 3 HTTP requests in this frame

Frame: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2DBF1C2317A39D9E6742E94DAA62CB78
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNix6QEQmf2z2wIY7IraggIwAQ&v=APEucNUXYb5bCJxoz2puaVWJDt9acuKy5xbBvhvmKxk5PQf0bZB9UqbdqkNHS5voCROI_jrrW9wqM0CLQMkWTw7Ncqi6ZZpPtg
Frame ID: AAE1CF719A098AAB3C9C69F3387284DE
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js
Frame ID: 098AD2E09D2929A15EE10B4CAF4FCF29
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARil--z_ATAB&v=APEucNUWrnXsJlSvNDyTFqCRAcQRulp1Fj955dHdgjfIUQM1M2S0F6KpxyvM-qA-gfuUAyUXtE-5PCWlZwUZO3bEEaIMmcwKmQ
Frame ID: AE8B982EDF9A3295C22AF92EF3769911
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 1C50EE92B42E0746B820702663571CFA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8D8C44E4C4068D926BDE0F3F2E60D33C
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html
Frame ID: 1F6E2E7D31B8DB1459FB6013F6C7060B
Requests: 5 HTTP requests in this frame

Frame: data://truncated
Frame ID: 16C309CA66AF14070EEC4AE17D65337F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Online Game - The best casual game center which you don't need to download any app!

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

144
Requests

92 %
HTTPS

52 %
IPv6

15
Domains

30
Subdomains

28
IPs

2
Countries

3812 kB
Transfer

6418 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1

Request Chain 95

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaAGvHszmwuc-bSFoHquFAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1

Request Chain 97

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEyMjYzMTQ2OTk2OTExODUzMQ%3D%3D

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1

Request Chain 99

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaAGvG-nHf038C-YXYKjKAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1

Request Chain 101

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc0MTY0MzE2MTg1Nzg2Njg4MQ%3D%3D

144 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
novza510.gameyas.com/ 10 KB
3 KB 186ms
73ms Document
text/html 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2841573e524fdb7cb94e9ec57639e8290279c1748e3388ba2454fc78a0b3cb81

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: HIT
cf-ray: 843e21a5ccc2749b-MIA
content-encoding: br
content-type: text/html;charset=utf-8
date: Thu, 11 Jan 2024 15:18:17 GMT
last-modified: Thu, 11 Jan 2024 09:37:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yfZimSitwnUokexRtvpMzUHT4eYRbOkiPZbXrVrf4RGnSP0xomeOVvLk0ajvg19480%2BHgcmfbDKIIfwNDYlKQqjQw1rOiT9PQa6oDXe978ngPpsyJNDukJp1%2FIVUf9%2FidztEovonUoRIS%2FJbxDTf9Imo%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 main.css
novza510.gameyas.com/onlinegame/css/ 12 KB
3 KB 131ms
125ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/css/main.css
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ea92029939d4a73b0d11a4a46a0a73f2aef168e8452846244be498b18e000d7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 10 May 2023 01:54:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"645af952-3147"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjMFSUSQcT%2BmTet5JdfjN8nasgLirfH7AqWfoQ2ZFqX7Nt6FIUIRoeQsaTNhvYwdXVtgLByiYiFEyCjuNmAlnAXfDi%2FpbI2TnMqn1a0A1KBSsruPK6eyvDI%2FbWIzwzr4XyhDCiSS9R8mYWQCdXEHW0DHgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a64e10749b-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 iconfont.css
novza510.gameyas.com/onlinegame/font/ 816 B
690 B 83ms
78ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/font/iconfont.css
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 583c9ca964cb867154a55b119bd9a947e77a90fa131b7e3f8a5ba6a4bf4f160f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 08 May 2023 06:54:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64589ca6-330"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1LkbqBW5gL99nSK8FQaGK7GCg6rDUOmeq2MWfj4VooCI0vd7DckgPHLL7vkzjikXDV%2BCNVDK9ga7YBkbjgTMZErcwDra62xuKVzMxWDK4cKkfS%2F%2F59T%2BN4p%2FjVeaLt4Vj7v2PSuAfTrz0ScoG%2FRhinEkig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a64e12749b-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 layui.css
novza510.gameyas.com/layui/css/ 93 KB
16 KB 133ms
128ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/layui/css/layui.css
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf3313e29df4eee15cec39aae8f7f9f94684347075b42a7419bb9d3493a127e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 06:42:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"644a196a-1736e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OggRX0srIVqDXDyI2mAhKOA2kp5o8wTMKKXwicL1f%2Fw%2B6v9xdGUZuYLxU%2Bxxy%2FKlhlVJiPmEm1HhBEhvf7ouCZEqi3sK9Ew1Xqx715YqTzLJp0F58isrTYbbovCkgzxycWRVAikZEKeHkvODquPN0Na8Hw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a64e16749b-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 swiper-bundle.min.css
novza510.gameyas.com/onlinegame/css/ 15 KB
4 KB 132ms
127ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/css/swiper-bundle.min.css
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7402bd513ccb678c77b86d239fbd2c2fe052cd89d869a9ff1ffa858d1a16346a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 08 Oct 2021 09:19:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61600d1a-3db3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evbm7ZJc4X76NRQRfwQEdsZ%2BdkOaaENUBJdlM9MXVybfSPF%2FejT4oVL3oFeRsH1sytIhG6tgYNGFq%2Fqo06p9aMLN6ru34kL%2FEKCpxeSgqUtQHa5xy1IsU7RLsJEip8fj%2BRKAF5vLwBsKzGBmKOcQSVRU2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a65e18749b-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 layui.all.js Show response
novza510.gameyas.com/layui/ 272 KB
90 KB 92ms
87ms Script
application/javascript 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/layui/layui.all.js
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca5c6a525813e0a61282b95d60110dc8eae2d46db789d0377b610017a35dcf50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=278671
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 26 Nov 2020 16:02:36 GMT
server: cloudflare
etag: W/"5fbfd19c-4408f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mm3%2BwAHbd43y7rqDtv4PwNLqcHe1OZ9SnwOay%2BHe3mRwJ6iaZjvMXi7PsBk4pgLyCJrJZHDRWLEbcQ%2Fdo9SxdiaHOkWjdqBgiy0ho0zWhJ5BEylcenyp853NMTGl7JgEkKSdMTyKOj9a9pFkaFVkEdwLpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 843e21a65e1a749b-MIA
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 jquery.min.js Show response
novza510.gameyas.com/onlinegame/js/ 82 KB
30 KB 133ms
129ms Script
application/javascript 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/js/jquery.min.js
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 333c29e8bc3e1ab7b66e03bec3f64469da990700b9ace77b36c0f37f2f3b30b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 12 Mar 2021 02:48:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"604ad66c-14988"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnmYsrbw2L6Z77bXXnjrUYmDklbagRrWIsyUU737Oyg8DB1d9JP4jNPiB2mYUbtkBSjPjXrtwVm6v%2BH0x5Y6Kegi3I547u9sjrE8PvbxEERtfzTagatcZgoepceQES%2FakRmeJUKYFcv4kQcgdw%2BT0CPxcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 843e21a65e1b749b-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 lazyload.js Show response
novza510.gameyas.com/onlinegame/js/ 2 KB
1 KB 86ms
81ms Script
application/javascript 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/js/lazyload.js
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d35c9801629eaa1f4b339877bcb034072e08d78bde788ac29826aca4cc4301c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 20 Apr 2021 02:54:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"607e4256-8a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a99%2BbfsjJ1TsdHDOH%2B0Hg06RIH7EGWtAwzWe97rBqTZeif%2BfrS1VMICmDao7%2B3DIv9RPX3oh%2Bqnfd8wd14RSIbqLI8Ix4SzaUHKfkZ4a%2BolivwD9AyrEZ8YitAUKymIzsIDJ7R3%2BecnJqC9jroquRKxDNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 843e21a65e1c749b-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 fastclick.js Show response
novza510.gameyas.com/onlinegame/js/ 11 KB
3 KB 130ms
126ms Script
application/javascript 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/js/fastclick.js
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11663
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 30 Apr 2021 02:12:48 GMT
server: cloudflare
etag: W/"608b67a0-2d8f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAdXlVMkFcldZy5uKnF0XrEFi0H6MpgAhM857Lk8BFhbhFQJ43VGPOW8eNCUeU6v%2BJr4gLobiWYWGfqAK8Aks6qcNaRWNK6IfX9WQWTamXJ74%2FPBvlBDwzE1PaxN%2BYS6pSGPd0e6a8QldMfYv%2BlBZjn3Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 843e21a65e1d749b-MIA
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 a.js Show response
p.adlooxtracking.com/gpt/ 8 KB
4 KB 127ms
40ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/a.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

e2f6686b3b8831bde352e4c25ce585f362fce2a631474ca568a31762e12b5be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 14:22:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3375
etag: W/"e40ed32242b473292fd489ff1e4856c3"
last-modified: Thu, 11 Jan 2024 14:19:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3548

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 333ms
177ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44e241ce90c3acc1b9824b52e3d94117171e397973eb88033d23e124a0326a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29446
x-xss-protection: 0
server: cafe
etag: 294 / 19733 / 31080328 / config-hash: 1407827963928654873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:18:17 GMT

GET
H2 200 logo.png
novza510.gameyas.com/onlinegame/img/ 16 KB
17 KB 130ms
125ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/onlinegame/img/logo.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c185a5aa56abbed75d542012a29d58c92ffd97be4299e1f5428fffce134135

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 16497
last-modified: Fri, 16 Jun 2023 06:11:32 GMT
server: cloudflare
etag: "648bfd14-4071"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfBTbBrENPSyUzoiVKeIej97R9tLMAa%2Bqh%2B8VssuKNFMoxRyV2vHoCeM33LJmux%2BA0Uz84TNgTAxFGZ1G%2FuXU9%2F5hCpWe2n9O8%2BlVlKfIYp02D9hR3asE%2FrnbAsp%2FR2ccFrb%2B%2Fl7NoVsgquhiPgKK2ctBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a65e1e749b-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H2 200 lazy.png
novza510.gameyas.com/onlinegame/img/ 6 KB
7 KB 129ms
125ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/onlinegame/img/lazy.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5af5814aadd9fdb39884c5bbf644590aa68129fc12ace71f420fa84d4fd548

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 6218
last-modified: Fri, 16 Jun 2023 06:11:30 GMT
server: cloudflare
etag: "648bfd12-184a"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M5IiA7UPf1uSL%2F4AVKAH4wCWzWmgN71K2hVK0bKTvIurr76NPOGcGkyKLsNyWdId4082WzONJ4VQdhpA8sjkZRPG5PQu1tFNl7xmT3ZsVrt6JfE2880C24sjuECBwZkueIXou9EXnRiGL7wMCRe6mgybMw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a65e21749b-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 main.js Show response
novza510.gameyas.com/onlinegame/js/ 857 B
857 B 75ms
74ms Script
application/javascript 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/js/main.js
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d254ff85989551d19e8d7a2160f4896653c0e7ae2e5b286be6f88c70355e956d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=1146
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 08 May 2023 07:03:34 GMT
server: cloudflare
etag: W/"64589ec6-47a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ORFnU3%2ByhBQvTf5H691OgRobLRRKDMc3KqtTUlFzGw7BlAqZt8e0ZzP9%2Fp5lJjFvkLKEsftDQ7LLJjVWilvCX9IkmdExsj1ESoKvYaTnGzqkDEfaNqpSlbTzXdPT8tMU48Ufi4RELdMpfm0seU1WmFToQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 843e21a76e61748a-MIA
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 233 KB
76 KB 226ms
92ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

050e8da78e197f6c4bb8b51ae19ca42e5251a7bd1d7bb6c25c9b8e596fb915d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77647
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Jan 2024 15:18:17 GMT

GET
H3 200 laydate.css
novza510.gameyas.com/layui/css/modules/laydate/default/ 7 KB
2 KB 84ms
81ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/layui/css/modules/laydate/default/laydate.css?v=5.0.9
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/layui/layui.all.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2feb6be9bb9eaa0e5c1c8222e0bb4ce3d585f5015248238b44bba8ac346a1eee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Nov 2020 16:02:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fbfd19a-1d58"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctF8g%2FiGM9aqX3DAbfA39kimBesECFNJnaMurHP1WKctydlwVxW2gs3eO5tL8fFk2jpV8gpiKWBQjjZXprnBS6q0Nc9zuXKw1z8EMRS84Cya7opXJ%2F90UMc7e5zjIl%2BY%2FMmNYE%2Fmq%2FIpWvF%2F9dffjqkzhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a75e34748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H3 200 layer.css
novza510.gameyas.com/layui/css/modules/layer/default/ 14 KB
3 KB 79ms
78ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/layui/css/modules/layer/default/layer.css?v=3.1.1
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/layui/layui.all.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6133577aee8bea9e518571972d3a178078ede55b99c35cb5c2fb11bc71da49de

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Nov 2020 16:02:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fbfd19a-3840"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTiKkGXqvjikl0uSF%2FpvONj8bOSRMJ433YmIMYMXRbOB9hVWqlUMs93W25ZS1rgxa7WBfK2ed0%2BrdswqysUOqGnjDRZ1tHdYOT0oJ7ZeXLER4BRiG0qoTwrzESbODajHDOIlhD6DULyfNOcn9nxjclDJ1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a75e50748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H3 200 code.css
novza510.gameyas.com/layui/css/modules/ 1 KB
889 B 79ms
78ms Stylesheet
text/css 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/layui/css/modules/code.css
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/layui/layui.all.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1950bc4aad12d33b806d66ae99b4bfdb668967e0e41a89fab21f832072b2400d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 26 Nov 2020 16:02:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5fbfd19a-40e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrUVc0%2BlSXi1WokQ3WWNlpKeKBgo0wXy9MsWk37YhZ8yZG4%2FOcySoKceRoi8%2FvS0%2BVaQoDYODQgKiIl44a2mFquRHAk9Xg5vFZXIl7lfSguDqO2KAMMUpTf3a8Wnm9qY3fGTjS8bshLTkMhaxSWTq1UE2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 843e21a76e5d748a-MIA
alt-svc: h3=":443"; ma=86400
expires: Fri, 12 Jan 2024 03:18:17 GMT

GET
H3 200 iconfont.woff2
novza510.gameyas.com/onlinegame/font/ 2 KB
2 KB 89ms
87ms Font
font/woff2 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/font/iconfont.woff2?t=1683528869239
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/onlinegame/font/iconfont.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05f86db2d333fc3941ed3beb5cc92d8d203494b4dc154a3fe4ad4e57a13fceb9

Request headers

Referer: https://novza510.gameyas.com/onlinegame/font/iconfont.css
Origin: https://novza510.gameyas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
last-modified: Mon, 08 May 2023 06:54:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "64589ca6-648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmPi%2B6t0Qa24vy2mBfduYU1vT5Vz8fD1ZMP7CnBzNLzqwx15S7K56zm6AoTe1vDHMsQ4V9Ywmot2tY6xVR0GYH3wfc3dItuKkYXM1BZ%2Bc4BdEFbB6A9MFODigDELhFRPM4wWloIkBZ%2BCkivi5iQGMO8Daw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 843e21a77e87748a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 1608

GET
H3 200 Fredoka-Light.ttf
novza510.gameyas.com/onlinegame/css/ 48 KB
49 KB 79ms
78ms Font
application/octet-stream 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/css/Fredoka-Light.ttf
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/onlinegame/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 071cab417f05b84dd145be81b598aaa84d329e9ff3949bda495eebb4322c3e04

Request headers

Referer: https://novza510.gameyas.com/onlinegame/css/main.css
Origin: https://novza510.gameyas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 14 Dec 2021 16:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b8bf80-c154"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AUZDvNcldG7XYlQ3LgWhbb0jC6zXgmDzjVGi%2BQDzuvgOiHyf32Yw3qzJ5e23WgpquXDfn0jIohxKOwNiOBoBR956PpBpJ%2F%2FamqHLB4AKnT5sF0LbauzjeHPov%2FtKwYy6clMd0sAcl2nm6KQgy1qhkacx%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 843e21a77e8b748a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 49492

GET
H3 200 Fredoka-Medium.ttf
novza510.gameyas.com/onlinegame/css/ 48 KB
49 KB 147ms
146ms Font
application/octet-stream 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://novza510.gameyas.com/onlinegame/css/Fredoka-Medium.ttf
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/onlinegame/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af648c3dc087d065aa888d0f01b19faf0343bcd3093244e29476914e73e540ed

Request headers

Referer: https://novza510.gameyas.com/onlinegame/css/main.css
Origin: https://novza510.gameyas.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
last-modified: Tue, 14 Dec 2021 16:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61b8bf80-c170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDBbGflvozPYGooBOyCRvgbw4Ttqg7ger4aqiJC6%2FBjL4t%2BAMqvBWyqtdrfym6k5LMeSG1LgT%2F7nvVbe%2FcUe59sjVym3MnFT3Jz88KgR9NuuFvJZ%2BduxAmnIx8%2BzTSiyC51g3%2FB55vP%2B3hwVqOdttGsAkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 843e21a77e8d748a-MIA
alt-svc: h3=":443"; ma=86400
content-length: 49520

GET
H3 200 7b110d039bbdaf253b5d734036e6c28f.jpg
novza510.gameyas.com/uploads/gamepic/20231211/ 220 KB
220 KB 130ms
127ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231211/7b110d039bbdaf253b5d734036e6c28f.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f7c559833b16788d4404407462ad6f123b5ed75bc21ca908a88d56a6751d466

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 224958
last-modified: Mon, 11 Dec 2023 08:50:02 GMT
server: cloudflare
etag: "6576cd3a-36ebe"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAKR%2F168PwUVFYFeWrbkX8UyM1z9iCP2iLMoUomfCS39XvE0jsU%2FM9KavYycAO3g6%2B1eW5DKoL5jcXZeEM3sPxUkiKH%2FfnfrJayIZod2DD%2FyvCVkcEjyA1j3QdFNDH%2B7iS7TlkgwGs6E7%2FTsgFY%2B9D7HzA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a82f97748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Fruits_Skewer_512x512.jpeg
novza510.gameyas.com/uploads/gamepic/20230221/ 90 KB
90 KB 168ms
154ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230221/Fruits_Skewer_512x512.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5dc24d84a10e561f3f80c8ee619d61cd09ca7961f0c570228b79218089b737

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 91812
last-modified: Tue, 21 Feb 2023 07:00:09 GMT
server: cloudflare
etag: "63f46bf9-166a4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=chDAWwVqZ3NpAF7laZp%2Bl3U%2BZYuRqS2m2n5Skju9miZDRqF6kgDDeOMJ5PxjVXi13u3f4itwscvH8tVOqMEuLaK3JNSiMdx%2FpfjDIc%2BtdKZT24yDwmfuPjZ8wlMpiqrhl2%2Fj%2BxoS2j9VVf96KlQ8PXKi2g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fb5748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 b7e3ae57c60013b7530106221d3eab77.jpg
novza510.gameyas.com/uploads/gamepic/20230817/ 58 KB
58 KB 176ms
163ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230817/b7e3ae57c60013b7530106221d3eab77.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ec2054954eb5df4e120fcc8090fffb3c11277501ff0cb02fe0670e1262791ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 59336
last-modified: Thu, 17 Aug 2023 09:31:12 GMT
server: cloudflare
etag: "64dde8e0-e7c8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rvzq9pivkc%2BxFOhfPZ%2BRCKZ91v5n1i0ojYhLf4v%2Fn1Xtj1bkazRRdEFjG3IiLMK%2FR%2Fxe5Bmp3ZaSwgFJ8wv8PowGLECLv6DFYSGsMYPnY4AwdvKvqM0Ny7U3Tc70%2BdB2zsTOo5W7XdqdIh4dlSDCCSaCRw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fb6748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Magic_Garden_Princess_512x512.jpg
novza510.gameyas.com/uploads/gamepic/20230203/ 104 KB
105 KB 195ms
182ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230203/Magic_Garden_Princess_512x512.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f1bd200dcb1a81e6e3cd54903763d2b70fc90a6ce0d528f01c94f104f8a1fc7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 106982
last-modified: Fri, 03 Feb 2023 03:19:52 GMT
server: cloudflare
etag: "63dc7d58-1a1e6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzoNNXN1G7UsgN1huaw7p96G2PzLZD3Glj07qA5E7NcCInh2MqZoY%2FiyzeB2jO8PI29iAf%2F8SAbGpH0sQTXARq6nOwzqQJ7CdXISnPsUjY3L5p5%2FkufKtlzQ4l3jokVinZerKw4fvhNgouVE4A6BoGdLeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fb7748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 fa1ce81fa732e12aeda803f1d9c1f58a.jpg
novza510.gameyas.com/uploads/gamepic/20231207/ 296 KB
296 KB 95ms
82ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231207/fa1ce81fa732e12aeda803f1d9c1f58a.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00238c9318ec92f80fbf629fe4f3c37fce79d3c5558fd004db8b7a3b2c8bd684

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 302915
last-modified: Thu, 07 Dec 2023 03:35:10 GMT
server: cloudflare
etag: "65713d6e-49f43"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M084J3JSWVJy%2FWX1lpDXqHlJZJVsq3CbfB64FrLKYDkDyGK%2F1iXlcwiKVKPz6qGCcgOXpiZQggP8G5T2mWuXuP1Xxm54j0vYA6jQak3pMjX39qXiFOvWHEs9zQ2iGtVQcI70GLa1fDruk5TxgpbSRnWSAg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fb9748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Super_Action_512_512.png
novza510.gameyas.com/uploads/gamepic/20231129/ 49 KB
49 KB 210ms
197ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231129/Super_Action_512_512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16d4eef115ac19e6f244a4603305b325293488c8553e2c0e706b3fe41d23c709

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 49743
last-modified: Wed, 29 Nov 2023 06:58:55 GMT
server: cloudflare
etag: "6566e12f-c24f"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGUPkWlwrW8j4vjq0HplHJO8X56EWVa0rDasjoJOPMbDUpTtE5yhIya0NXKDDkOOZRDsGvOlhjVvERAlGxce5aUmTSPIMxxomX62Hvs7HjjemrCganngqPqfHFeQMb2yxGGtQRKOCHFkzIiw9S6pe97rNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fbc748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 b6126b9cadf6ea68756b3f05179b9863.jpeg
novza510.gameyas.com/uploads/gamepic/20230918/ 46 KB
46 KB 215ms
204ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230918/b6126b9cadf6ea68756b3f05179b9863.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8e4c9da3be8b3b8f482e62381312cf8a6a02a19bbb08957ec2fa304e79dc8bd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 46631
last-modified: Mon, 18 Sep 2023 03:42:49 GMT
server: cloudflare
etag: "6507c739-b627"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxQkXKW3FAPYo4Wce9oNvnbhhqaUYIvXRfSEdrw5X%2Fhykpgb8ZG%2BiPM2NObuaecibOdnHBiCgfDm72F60dYFnLiXkd5nExeCtL777luoeWSRQplH12R1JckMkP9TAzsHOYy9sK8TgVgNglPs50Ayz9kwVw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fbd748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 princess-fashion-salon_512x512.png
novza510.gameyas.com/uploads/gamepic/20230424/ 117 KB
117 KB 225ms
214ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230424/princess-fashion-salon_512x512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dbef800d089d64288d3b2de392136ee35704187a33531dd4aa1f75def65ced3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 119419
last-modified: Mon, 24 Apr 2023 09:30:41 GMT
server: cloudflare
etag: "64464c41-1d27b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qcxLLeCqZ%2BEXs%2BOcsCzBfCVrGmdcXyZOgIDQFHkGwwzJeCigU1AYCPAMNCBsHgPnfw2wlhKCEkkydgsRYLAvfeXF7KzksXJGuXFmVF2f50z0v1BBveMJuYMu86KnC8ej4SKCZV21ERIqX0uw6ZBjYaPgrg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fbf748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 251cd622605b0259d9ec688f4ad4cfd9.jpg
novza510.gameyas.com/uploads/gamepic/20231204/ 83 KB
83 KB 231ms
220ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231204/251cd622605b0259d9ec688f4ad4cfd9.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1a4ecd05aa651ae718615ecaddc38988cfa43e8b2712f0e660d2bb62128243

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 84794
last-modified: Mon, 04 Dec 2023 08:13:32 GMT
server: cloudflare
etag: "656d8a2c-14b3a"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSaQZcVKrxI91kUfsmbwx32DyY7tZoyfwP%2F5B8sG9mZacuCHPp%2F41NJVyG5fRLuv3ynUZZN4CYpWrVv0L6cfTXgp16A2PPCVLjHjhe%2FTj2X66gONk9CDq6Qp0EkVyRNiWjn9LmZBd6GxIP52TvKq3e%2BPBA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fc1748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Bubble_Pop_Master_512x512.png
novza510.gameyas.com/uploads/gamepic/20230322/ 87 KB
88 KB 234ms
224ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230322/Bubble_Pop_Master_512x512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5375a418ebcdbee43b197ff2ce4a67e609fad7cd676938a79838042ffd7524c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 89523
last-modified: Wed, 22 Mar 2023 02:10:50 GMT
server: cloudflare
etag: "641a63aa-15db3"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4Te0fYUpqa9e8q%2B%2BhCWpd8Dw1OOfIDTJqjmX1iAmLvN2tOb3R7103pt20zNqSbhczN9dz6qG3pt21LmUDoXN9EhL6Qk6PimK9EfHwIHOb6Fe2PShcmefxarHDDOz9fhls4z8BTl4q4If9R%2FbI1GbdR8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fc2748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 17120f1d4d6f456e06af98a8f3019bdf.jpg
novza510.gameyas.com/uploads/gamepic/20231109/ 74 KB
75 KB 236ms
226ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231109/17120f1d4d6f456e06af98a8f3019bdf.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a35bbd5a4d59bd4a3d9c62690ed4f052c945f4a51e1501703a2ef2dbbdec9963

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 76212
last-modified: Thu, 09 Nov 2023 06:23:45 GMT
server: cloudflare
etag: "654c7af1-129b4"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMDQOZSNfkAii17ziZ%2FYMKXVwfIcYTQCY85ytZshQ%2FPm1TxyuiNyueWs2xLbob9aerBKRxhan3uOAW9IkPksLmsXQjaTYKIZodvzJ9ynhfaPeqg3ThGQU0f5FI5W84MNcQiNZDEK3dYcPP7lE7OptdvqyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fc4748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Block_Shooter_512_512.png
novza510.gameyas.com/uploads/gamepic/20231129/ 66 KB
66 KB 279ms
269ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231129/Block_Shooter_512_512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 491637f454de65ffa3d5291c72235930711c8d34b4da72ed8322536fed315d84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 67527
last-modified: Wed, 29 Nov 2023 06:58:13 GMT
server: cloudflare
etag: "6566e105-107c7"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g1tdWwCBO%2BRudf1%2BfFqQWVOdNyA9TjvsFElD83gJlzmGM6y%2FuVSCaUG3T94wmrkfUQUO1k8CqJU%2F5rbsvf3tLBvKGJ7ZDWPDHuJsAZ3Hdro3JDTv%2BpDUcsxMkOCjaESZJnHapXplmWpBNAK3ay%2BN%2BQu5wA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fc5748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 1b8f35921da72acff5c035290e3fcc6b.jpeg
novza510.gameyas.com/uploads/gamepic/20240104/ 14 KB
15 KB 238ms
229ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20240104/1b8f35921da72acff5c035290e3fcc6b.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14e2795f369cecf180f9dbf8b23efca08f6411705fe6dc601ade1d8d7b952b02

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14579
last-modified: Thu, 04 Jan 2024 06:27:44 GMT
server: cloudflare
etag: "65964fe0-38f3"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I54yfJRQH2%2FYAuqEQsNah0Xj6dIQ2P%2BAQ%2BeEbwTWl%2BGrhvgizB%2F3B6IipUqUWDDT%2BRSX7aTlb10kZBFBPLdYbgTHg5xnSaqU245aJz4lGa2MErqqfbeL9mggd1MBLqF0J13KuvJoa5X7zNSJiCxLjPYpqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fc8748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Tap_Unlock_512x512.jpeg
novza510.gameyas.com/uploads/gamepic/20230111/ 25 KB
26 KB 239ms
230ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230111/Tap_Unlock_512x512.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f418727d3fc0d69b39fe0b7e34dd6cf15ea9f2bcc2e5737b5a2962e130f66d4c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25934
last-modified: Wed, 11 Jan 2023 06:52:32 GMT
server: cloudflare
etag: "63be5cb0-654e"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BT7cPCf%2BalMm7rjIvyOc4LR8g5ZxWa9HXAnox25R0S0GMzWqpbE6tIdZ87gTUfACXuwAe2OSqs2u4ky3qhI8X8iNGWmJvMkZ5CsXz%2FFj%2BLD%2FC6Uux842emKjC8FCr6zN5JQC65oJ5c0yeudMfuUDYdR7%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fc9748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 f6b7e173d2fce11f3a57d4e1366e8dc7.jpg
novza510.gameyas.com/uploads/gamepic/20231114/ 34 KB
34 KB 245ms
231ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231114/f6b7e173d2fce11f3a57d4e1366e8dc7.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06aaa24dba99c32cd0462ea535e10efc9d4ea2463c48b6196501a00236e45661

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34675
last-modified: Tue, 14 Nov 2023 07:39:00 GMT
server: cloudflare
etag: "65532414-8773"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BcHMEjYR8NvNYPA%2BUxXnet5Bh9UC63nxIhjfyORCRCxmiNtmeEiCw9coeS41aFfBuSlOSHNsx67%2F8G2oUonUhW4fEx5BbZHlQcf9W1FPzkdXqQ%2FexmLAXq4zC%2FkBIkimJliMQ8ueA5ti2k%2Fyl5UWjPfrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fd3748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 5e8ba6e1249188b8f64db359ca2106a3.jpg
novza510.gameyas.com/uploads/gamepic/20230509/ 33 KB
33 KB 248ms
234ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230509/5e8ba6e1249188b8f64db359ca2106a3.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 819c5fc60fdde0655e0790e931f1e635d133e0b5ded58a324fbd8b509adcf6d8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33310
last-modified: Tue, 09 May 2023 07:34:35 GMT
server: cloudflare
etag: "6459f78b-821e"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AlKWL0TV%2FbZxtga1fQreheMCO9H2EHWAWVcYkgNza2qsXY86bdt0nw35okfeICZLmq3aU7k2P%2B5GkfaTIljFs5X78xuwBbyd7tzLlti%2Ffv%2F4ENhB5ONOrX1RQe1NPbmYQ%2BkKBajKAlcVCafh0pTFivlv9A%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fd7748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 05ed50926410e2c737e6ba26bd2fa4e5.jpg
novza510.gameyas.com/uploads/gamepic/20231207/ 87 KB
87 KB 251ms
238ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231207/05ed50926410e2c737e6ba26bd2fa4e5.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f49ad2465be0d60e5ca21854bab732fe58c9b9241a0d9b4523d61a5ca95b7de7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 88621
last-modified: Thu, 07 Dec 2023 06:23:19 GMT
server: cloudflare
etag: "657164d7-15a2d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DaABMxDaZSKaKg%2BgFsBloKzcz5a5okvwgl80BirbshGw08IiHDuqIpQtax5SQmouP%2FNFDjZeCuLODigHHAdtzfSA9Y%2FjzrTHndu9Gryhvv11pDI6xaeiMgwNt1ZkNLwExbRrkKi9b0H%2B9KVmIPQFoLRo0w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fdb748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Boss_level_Shooting_512x512.png
novza510.gameyas.com/uploads/gamepic/20230307/ 77 KB
78 KB 295ms
281ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230307/Boss_level_Shooting_512x512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c02883d2f59bec4019879f8410432ce645d292aabafdb7f9bb2b0735a7d80d1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 78955
last-modified: Tue, 07 Mar 2023 07:13:47 GMT
server: cloudflare
etag: "6406e42b-1346b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rF3N6suShZ%2Be3i1eK9uaanVl7jXHyNaJZYKi8SzQrpZ1PkUtawcys8nyMeppIkxj5KfEeKh%2BXkmiiFhA4hKEoH9vnh%2FP6yXW5fiM8bFIwMciU6%2BXOkcmAF%2FDHXA83xJM2XbB8EIcDEJs1E9StdmUM1tOZA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fdd748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 52a875a89a431fbdc6a2dee2c4ba39a6.jpeg
novza510.gameyas.com/uploads/gamepic/20230605/ 34 KB
34 KB 295ms
282ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230605/52a875a89a431fbdc6a2dee2c4ba39a6.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d569e8e13ae9ae1af8bc6f48f015a258e330c5d01a2679c61c3a78e5f5fed5d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34640
last-modified: Mon, 05 Jun 2023 08:56:05 GMT
server: cloudflare
etag: "647da325-8750"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkEs8COUD%2BE%2BdpEeNjHJiRGm7X6MOJEArozPLSK2mSm09aQpv%2Fce5KVtDHKFV3zUz4rawhFqWFkvdo86k3tu%2FCeeWVWnwrDdrhiRVR15cBkswff9jkmeGl80RMnEYBbJ4SYbqO7CLD%2FNAzx7o5BUOryKkA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fe1748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Jack_O_Gunner_512x512.png
novza510.gameyas.com/uploads/gamepic/20230307/ 51 KB
51 KB 301ms
288ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230307/Jack_O_Gunner_512x512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7961bb8a423a8e45b19bc46ed7910b0b214caca4cd07af2ba9ad3cd28477f544

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 51919
last-modified: Tue, 07 Mar 2023 07:13:46 GMT
server: cloudflare
etag: "6406e42a-cacf"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J%2Frj9FriegIPbgMn3VdD52OiJfhbe31WKMTLzxzLeg%2BV4zM50O1HTG%2B8A%2Fa7m3jN4cp3R0ljtJdqUvTdr1vMxmo0HR4sYKOqJS3A72DvKrRWpvfUTh6TCCGgsTaQfo4krVq6W2w4ja%2BXK8rX0hZ3uLhruw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fe5748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 2a945cd1786f6f3642cad4cd06c0fcce.jpg
novza510.gameyas.com/uploads/gamepic/20231109/ 33 KB
33 KB 258ms
245ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231109/2a945cd1786f6f3642cad4cd06c0fcce.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f9027e9e96d7901aa1dc1863bfffaa17a3458120fea0c5a9065489c16bc06c5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 33530
last-modified: Thu, 09 Nov 2023 07:18:59 GMT
server: cloudflare
etag: "654c87e3-82fa"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBmyCk39UuFWvaabkON2Cp2hm6oEWdYQEIVmBW0cIM2EFI2K%2FLV9J3jA5D3GUvjfwysO%2BDfePRzmLw2RMDScDwItaZfdAqLxWHt8FBKMqGOLwVzriv5ml1%2BZw8s07mYLW9rBpWZgSC0soN3F%2BnVhNBGIXg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fe7748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Army_Commander_2_512x512.jpeg
novza510.gameyas.com/uploads/gamepic/20230221/ 73 KB
73 KB 259ms
246ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230221/Army_Commander_2_512x512.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eebd12398a1a948b123d1e9f18fe8fa56f6ebb6bccfa5c8a6f22c3cc79594b49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 74674
last-modified: Tue, 21 Feb 2023 07:00:14 GMT
server: cloudflare
etag: "63f46bfe-123b2"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9wW68E932pv8FYRo1yUSV1PspTX0S%2BDgRJTWUzHs7GqrAHu7TI4X8ISlX4Pc3%2FporhkxVipHRshMSnYMXzwSYqY222q5BqEs7bzQYb7nelOP3we6O4mkbAhHI0SLsCTq7LFyFgAKSlgPmD4Y3gVL%2B6%2FHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fe9748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 38d6ea8053217ca6cc00df669d2be378.jpeg
novza510.gameyas.com/uploads/gamepic/20231010/ 40 KB
40 KB 261ms
248ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231010/38d6ea8053217ca6cc00df669d2be378.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 923b9fdf5e2d0012e7c783dea7a5a91ebc46b0eb5c46cb7de415ada937eb63cd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 40509
last-modified: Tue, 10 Oct 2023 10:18:43 GMT
server: cloudflare
etag: "65252503-9e3d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9WX0xOAcxgQLJgFIIABX2qtyn6Pq7HdghWjR73WwJLga9OT2axYp77YfYZVfbBJAi09lgKKM1rrwXqnBiKIuzPo69OQ9SJIMnx4F%2FOOZkQvO9nYSxr3qZfQXC9FVG1SL6bw809ZDzByQRJ1DQSDfaVNz2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83feb748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 CrazyBoxer_512x512.jpeg
novza510.gameyas.com/uploads/gamepic/20230221/ 72 KB
72 KB 301ms
289ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230221/CrazyBoxer_512x512.jpeg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7579180b68c71e444cd6dea3db5ad03f9e3ba9f674b1a045810287aa9a5065e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 73497
last-modified: Tue, 21 Feb 2023 07:00:07 GMT
server: cloudflare
etag: "63f46bf7-11f19"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIUOfBWXuKCZ4pb0%2BKuWICBkqQgSGEzOvWVn4kqIswQ5tpnPrXqJMTPFrAMNJoKG5vxQzwyCvOPmdjRD4wK%2Bq4y0r9Ipz0vcq7GVxwNcR43SSvVvUQ6icLEqp9gW1dLJHpjR6eYceT1pkgEehTViLw8UEw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83fef748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 574c9321c6629f32613f36820199c0eb.jpg
novza510.gameyas.com/uploads/gamepic/20231129/ 21 KB
21 KB 303ms
293ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231129/574c9321c6629f32613f36820199c0eb.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddf41c228260b6c62a3ec30120f84a2f81391bd1847dc55789f3b13c89c8755e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21247
last-modified: Wed, 29 Nov 2023 06:23:40 GMT
server: cloudflare
etag: "6566d8ec-52ff"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViKxwWHeLH7TecDMEJOQU5LSmG6LpGn%2BPXxkGevxYRA%2Frsac7b7qFTaDiZkraI3PDsNCGBUjKYJPzFcTDuY8Z54ubBbcMCWRPJtop7jRRTDwwsy2uKXJh6Q77mi590yD0AEisnKXIW82IG6AkSwzH21FCA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83ff4748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 ConnBlock_512x512.png
novza510.gameyas.com/uploads/gamepic/20230322/ 53 KB
54 KB 263ms
253ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230322/ConnBlock_512x512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d466c0eb94581bb1c2d458c83a977dcab9e2e64b572e7c3ecd0dcec4cdb182a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 54295
last-modified: Wed, 22 Mar 2023 02:10:53 GMT
server: cloudflare
etag: "641a63ad-d417"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lZ5w499S8HN1JCIjUH34PyP3ykTwD8oHHqphcCJbMtPtRqaFLilgF5VKkzYYTL5yC6WYDTGB7GDge9Lk%2F0gjY8WqhMFO%2BM0HwjCWzmTYmHeKT6XefkQw1903nJ9xgMzzgPZxx6x167aXJKQrJz8ecvwsSA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83ff6748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 d9b771d89b0f7c3abbd5cebe66a86282.jpg
novza510.gameyas.com/uploads/gamepic/20230707/ 41 KB
42 KB 264ms
254ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230707/d9b771d89b0f7c3abbd5cebe66a86282.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b016c02d9d824d06113ee7b6de6ad1f63a2355a67232478dcfc43897890efac2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 42320
last-modified: Fri, 07 Jul 2023 03:51:47 GMT
server: cloudflare
etag: "64a78bd3-a550"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IeBsqgIrgi2HgZRwRHxZHaHb3vyI5L%2FgCW9yzOM%2F5sRe%2FjtXMgniDc9EWYxPTKEWWBRgqfCNTZ785aGqoMWJsliZYMjUgCPJFQ%2BPyQmA%2FDsEd9PO2%2BlgyINM0cPcie5TD5Co2RrMbk04Tet31AEqrukLPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83ff7748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Jewel_Christmas_Story_512x512.jpg
novza510.gameyas.com/uploads/gamepic/20230203/ 117 KB
117 KB 266ms
256ms Image
image/jpeg 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230203/Jewel_Christmas_Story_512x512.jpg
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df9c315005d6e5b100fa0edf68a91738219b4228dfa6f8bf91d5377e8de1877b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 119730
last-modified: Fri, 03 Feb 2023 03:20:16 GMT
server: cloudflare
etag: "63dc7d70-1d3b2"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3uohzbaD9tIX8%2Faxcodf5u9DDN6dgkIk8gtVv4%2FOyQCA69MrI5VJSqcI%2BYJQ8eW%2Br8jmRwMmBE5hbQ7TM9PiN%2BPsvGjUz3266Rwc43j8FQmwq%2F76Cn%2Fxb%2FD66P0NuktvkShMgncpyUkej0JxJAq1RkBprQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83ffb748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 3d0d5d001fa660ae24c45a6963ae9d71.png
novza510.gameyas.com/uploads/gamepic/20230830/ 60 KB
60 KB 309ms
299ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20230830/3d0d5d001fa660ae24c45a6963ae9d71.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db13f496a6a9c98239d48dc2eedf4cf905b2c4e9c1995b99d00a00bbe49d5ac9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 61016
last-modified: Wed, 30 Aug 2023 09:08:16 GMT
server: cloudflare
etag: "64ef0700-ee58"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t66TzWUWFVO9HLhJ%2BLOwsSA55v4wrUZ01gZh4LLVpSC5APuoBcEXr%2Fll5Ceq5Q9TR2E18xl4CbRkKMKx9UCz07fV9zVGfL5PdfUxu1qJGoiM4f7kvNFEu3v%2B2aupUzci9MFotr43QRO8ZwY6XPru5mQsSw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83803748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H3 200 Drop_Merge_512_512.png
novza510.gameyas.com/uploads/gamepic/20231129/ 92 KB
92 KB 311ms
301ms Image
image/png 2606:4700:3032::ac43:a36a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://novza510.gameyas.com/uploads/gamepic/20231129/Drop_Merge_512_512.png
Requested by: Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:a36a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34fa2245efce0dd75f2ea479d898cd980b01d6fbfd71250ce7eb29e662bdeb3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 94019
last-modified: Wed, 29 Nov 2023 06:58:30 GMT
server: cloudflare
etag: "6566e116-16f43"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: image/png
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0veke9bcNEGiMHnOshINYEQuDJAjD4ZlrXOT6VRxxtyEiep730pd2w0VrkhWaAqi5J6KB94eXkDlKFwxuWp2fwiK%2B%2FAEN1c8Ou87aoCPNY6kTSetZCqsuU%2BYM8y9UcVEzeYHSMARBV2uoyj4kUeeHnz%2BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 843e21a83806748a-MIA
access-control-allow-headers: X-Requested-With
expires: Sat, 10 Feb 2024 15:18:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 281 KB
92 KB 96ms
91ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MDCVHGD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16fb763ecc006b16edbcade5cc7c819c3a23f9b7886dc0af2940e73f28350263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94317
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 11 Jan 2024 15:18:17 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/ 437 KB
138 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:16:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 111
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140670
x-xss-protection: 0
server: cafe
etag: 10621281385585276585
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 10 Jan 2025 15:16:27 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
248 B 151ms
47ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je4180v887060490z8812775298&_p=1704986297332&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=2086853310.1704986298&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704986298&sct=1&seg=0&dl=https%3A%2F%2Fnovza510.gameyas.com%2F&dt=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=998
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://novza510.gameyas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 203ms
66ms Ping
text/plain 2607:f8b0:4004:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C3W7T6H5QW&cid=2086853310.1704986298&gtm=45je4180v887060490z8812775298&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://novza510.gameyas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 q Show response
p.adlooxtracking.com/ 32 B
72 B 140ms
72ms XHR
application/json 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/q?v=gpt-f17492c-dirty&c=705&t=1831&p=363&pn=%2F&s=%2F22664637707%2Fh5-bwg-game%2F300x250-hometop4061-id01868-bwg%09div-gpt-ad-hometop17010714961852-0&s=%2F22664637707%2Fh5-bwg-game%2F320x480-outofpage4061-id01868-bwg%09gpt_unit_%2F22664637707%2Fh5-bwg-game%2F320x480-outofpage4061-id01868-bwg_0

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

96510de80358e213c6df93b510bc66a3e7efe088de14f65c9d70098519898caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

x-adloox-pubint-version: 20240111073023
date: Thu, 11 Jan 2024 15:18:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-real-ip: 38.132.118.77
x-adloox-pubint-commit: 54ac68f
via: 1.1 google
x-adloox-pubint-commit-db: de7316828-dirty
server-timing: conn;dur=0.009, ua;dur=0.028, segment_pipeline;dur=0.295, segment_ip;dur=0.005, segment_iab-valid;dur=0.043, segment_iab-spider;dur=0.879, segment_bs;dur=0.006, segment;dur=1.441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server: nginx
vary: Accept-Encoding, origin, user-agent
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control: private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age: 600
timing-allow-origin: *
access-control-allow-headers: x-cloud-trace-context

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 1132ms
1130ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4033890353368412&correlator=2792531394587658&eid=31080255%2C31080258%2C31080286%2C31080300%2C31080328&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fif&iu_parts=22664637707%2Ch5-bwg-game%2C300x250-hometop4061-id01868-bwg&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704986298348&lmt=1704965872&adxs=650&adys=314&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnovza510.gameyas.com%2F&vis=1&psz=1366x15&msz=300x0&fws=0&ohw=0&ga_vid=2086853310.1704986298&ga_sid=1704986298&ga_hid=1884778582&ga_fc=true&dlt=1704986297306&idt=872&prev_scp=adl_atf%3D90%2C80%2C70%2C60%2C50%26adl_dis%3D-1&cust_params=adl_ok%3D1&adks=303743046&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7979e494de51915479899d53817e2747ce90736b02da27f214bd08c3be060b1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12695
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://novza510.gameyas.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 121 KB
43 KB 695ms
693ms Fetch
text/plain 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4033890353368412&correlator=2792531394587658&eid=31080255%2C31080258%2C31080286%2C31080300%2C31080328&output=ldjh&gdfp_req=1&vrg=202401080101&ptt=17&impl=fif&iu_parts=22664637707%2Ch5-bwg-game%2C320x480-outofpage4061-id01868-bwg&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704986298359&lmt=1704965872&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fnovza510.gameyas.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=2086853310.1704986298&ga_sid=1704986298&ga_hid=1884778582&ga_fc=true&dlt=1704986297306&idt=872&prev_scp=adl_dis%3D-1&cust_params=adl_ok%3D1&adks=2147319079&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

709552f1b806acca316a3becc2d12679f2a20822957f2c0310077008146d8bd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44418
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://novza510.gameyas.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b.js Show response
p.adlooxtracking.com/gpt/ 76 KB
30 KB 38ms
36ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/b.js

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d9390855c5ff640774053011d25915f36af8f918724a799548839dbce7a91255

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 14:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3360
etag: W/"891799646d565d3c197be1429d90e5ae"
last-modified: Thu, 11 Jan 2024 14:19:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30516

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 550ms
98ms XHR
application/json 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401080101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2305f69e97084873f56302e6bf59d50b8b760b76a46103e1f220ac3d1b584004

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12262
x-xss-protection: 0

GET
H2 200 container.html Show response
03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B389 6 KB
3 KB 528ms
76ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novza510.gameyas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:18:18 GMT
expires: Fri, 10 Jan 2025 15:18:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/ 40 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl_page_level_ads.js?cb=31080328

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe122998b63668fd4e45beccf9bd45418c364992ca7632e4ea030a81b79589e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 08:51:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23228
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13832
x-xss-protection: 0
server: cafe
etag: 766117289044644492
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 10 Jan 2025 08:51:10 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 92ms
85ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Jan 2024 15:18:19 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4907 13 KB
5 KB 75ms
74ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novza510.gameyas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 78
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:17:01 GMT
expires: Fri, 10 Jan 2025 15:17:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 61E1 829 B
1 KB 239ms
86ms Document
text/html 2607:f8b0:4006:80c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2004 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

007b1a4bc0859b24e4d74058061d7b85fe498fe2b6858cebca0630f37841e620

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OXbS2vszXm9u_lpjPRvDrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://novza510.gameyas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-OXbS2vszXm9u_lpjPRvDrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:18:19 GMT
expires: Thu, 11 Jan 2024 15:18:19 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 container.html Show response
03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0406 6 KB
3 KB 80ms
77ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novza510.gameyas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:18:18 GMT
expires: Fri, 10 Jan 2025 15:18:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
analytics.google.com/g/ 0
45 B 54ms
53ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je4180v887060490&_p=1704986297332&gcd=11l1l1l1l1&dma=0&cid=2086853310.1704986298&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=2&sid=1704986298&sct=1&seg=0&dl=https%3A%2F%2Fnovza510.gameyas.com%2F&dt=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=ad_impression&_c=1&ep.query_id=CPOkqfXQ1YMDFT-tWgUdnNgOnw&_et=1095&tfd=2095
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://novza510.gameyas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ 88 B
563 B 144ms
66ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=1831&client=woso_ads_network&ts=pg-2099~1_fo-2099~1_vpw-2099~1600_vph-2099~1200_scw-2099~1600_sch-2099~1200_sco-2099~1_sca-2099~0_srx-2100~0_sry-2100~0_ev-2096~sb.2100~rp.2100~rvp.2100~rap.2331~ss&att=0.0.1600~1200&visite_id=39453976101&seq=0&timezone=600&js=tfav_adl_705.js&date_regen=798a672&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=gpt_unit_%2F22664637707%2Fh5-bwg-game%2F320x480-outofpage4061-id01868-bwg_0&id2=%2F22664637707%2Fh5-bwg-game%2F320x480-outofpage4061-id01868-bwg&id3=5185895185&id4=3133397197&id7=1600x1200&id8=4033890353368412&id9=2792531394587658&id11=%24ADLOOX_WEBSITE&p_d=0.237&fai=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app%21&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fnovza510.gameyas.com%2F&activetab=1&cf=1
Requested by: Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-79c7777877-prv8s
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://novza510.gameyas.com
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H2 200 container.html Show response
03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2DBF 6 KB
3 KB 69ms
61ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401080101/pubads_impl.js?cb=31080328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://novza510.gameyas.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:18:18 GMT
expires: Fri, 10 Jan 2025 15:18:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 b.js Show response
p.adlooxtracking.com/gpt/ 76 KB
30 KB 35ms
35ms Script
text/javascript 34.107.231.31
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://p.adlooxtracking.com/gpt/b.js

Requested by

Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

31.231.107.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

d9390855c5ff640774053011d25915f36af8f918724a799548839dbce7a91255

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 14:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 google
server: nginx
age: 3361
etag: W/"891799646d565d3c197be1429d90e5ae"
last-modified: Thu, 11 Jan 2024 14:19:29 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public,max-age=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30516

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 47ms
47ms Ping
text/plain 2001:4860:4802:38::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-C3W7T6H5QW&gtm=45je4180v887060490&_p=1704986297332&gcd=11l1l1l1l1&dma=0&cid=2086853310.1704986298&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&_s=3&sid=1704986298&sct=1&seg=0&dl=https%3A%2F%2Fnovza510.gameyas.com%2F&dt=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app!&en=ad_impression&_c=1&ep.query_id=CJCPy_XQ1YMDFTarWgUdYKkErA&_et=334&tfd=2438
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C3W7T6H5QW&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:38::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://novza510.gameyas.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0406 4 KB
1 KB 366ms
79ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 11 Jan 2024 14:45:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Jan 2024 15:18:19 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AAE1 624 B
505 B 371ms
93ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNix6QEQmf2z2wIY7IraggIwAQ&v=APEucNUXYb5bCJxoz2puaVWJDt9acuKy5xbBvhvmKxk5PQf0bZB9UqbdqkNHS5voCROI_jrrW9wqM0CLQMkWTw7Ncqi6ZZpPtg

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:18:19 GMT
expires: Thu, 11 Jan 2024 15:18:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ Frame 098A 23 KB
9 KB 216ms
85ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/abg_lite_fy2021.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:48:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9005
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 12:48:14 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 098A 7 KB
3 KB 229ms
98ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:02:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58559
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:02:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 098A 41 KB
14 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 00:18:13 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 098A 3 KB
1 KB 106ms
105ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 15:08:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 098A 20 KB
8 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:18:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 098A 205 KB
65 KB 344ms
78ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:18:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 098A 42 B
63 B 230ms
105ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CfNHcgFcw5ajmQ25K1KT0f6BoqwcCjIz7Lj5RxrhwH0hP2SS3RjpJz-dVrQQShQqeSf7vOWEOx38AECJRlnfOecrEm6LnYCG1Czdx9ezfL1Cf5QWI

Requested by

Host: novza510.gameyas.com
URL: https://novza510.gameyas.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/ Frame 0406 22 KB
9 KB 77ms
77ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 23:02:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 23:02:25 GMT

GET
H2 200 7195048492592632285
s0.2mdn.net/simgad/ Frame 098A 67 KB
68 KB 326ms
64ms Image
image/jpeg 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/7195048492592632285

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6af7184b3f203ac034c549831eafe5fb5783d471484f28068910c8390a150d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

expires: Tue, 07 Jan 2025 13:21:05 GMT
date: Mon, 08 Jan 2024 13:21:05 GMT
x-content-type-options: nosniff
age: 266234
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68695
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 22:40:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AE8B 624 B
825 B 337ms
92ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARil--z_ATAB&v=APEucNUWrnXsJlSvNDyTFqCRAcQRulp1Fj955dHdgjfIUQM1M2S0F6KpxyvM-qA-gfuUAyUXtE-5PCWlZwUZO3bEEaIMmcwKmQ

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 15:18:19 GMT
expires: Thu, 11 Jan 2024 15:18:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2DBF 89 KB
31 KB 221ms
115ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:18:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DBF 42 B
63 B 210ms
105ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BRdGhRQ469uU8JABADluDD5r85P2PXKar8p8vMlpmMMzVc0Zv3DLZ8lB_lf_dY8w9zzFy7uP7fKOvUKViTanDUMzq25cx541CfeLub0dH4DgEMazQ

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2DBF 3 KB
1 KB 86ms
85ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:08:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 595
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 15:08:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 2DBF 20 KB
8 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:18:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54008
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 00:18:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DBF 205 KB
65 KB 437ms
193ms Script
text/javascript 2607:f8b0:4006:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Jan 2024 15:18:19 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 4907 39 KB
15 KB 162ms
63ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 20:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 20:12:05 GMT

GET
H2 200 ic5.php Show response
data00.adlooxtracking.com/ads/ 88 B
150 B 67ms
66ms XHR
application/json 35.241.31.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data00.adlooxtracking.com/ads/ic5.php?tagid=1831&client=woso_ads_network&ts=pg-2518~1_fo-2518~1_vpw-2518~1600_vph-2518~1200_scw-2518~1600_sch-2518~1200_sco-2518~1_sca-2518~0_srx-2518~0_sry-2518~0_ev-2506~sb.2518~rp.2518~rvp.2518~rap.2536~ss&att=0.0.1600~1200&visite_id=80539508960&seq=0&timezone=600&js=tfav_adl_705.js&date_regen=798a672&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=div-gpt-ad-hometop17010714961852-0&id2=%2F22664637707%2Fh5-bwg-game%2F300x250-hometop4061-id01868-bwg&id3=5185895185&id4=3133397197&id7=300x250&id8=4033890353368412&id9=2792531394587658&id11=%24ADLOOX_WEBSITE&p_d=0.03&fai=Online%20Game%20-%20The%20best%20casual%20game%20center%20which%20you%20don%27t%20need%20to%20download%20any%20app%21&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fnovza510.gameyas.com%2F&activetab=1&cf=1
Requested by: Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 249.31.241.35.bc.googleusercontent.com
Software: / PHP/7.4.33
Resource Hash: f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: PHP/7.4.33
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma: no-cache
x-route: ads-prod-79c7777877-spr7h
accept-ch: UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary: Accept-Encoding
accept-ch-lifetime: 86400
content-type: application/json
access-control-allow-origin: https://novza510.gameyas.com
access-control-allow-methods: POST, OPTIONS
cache-control: no-cache, no-store, must-revalidate
access-control-max-age: 86400
access-control-allow-headers: Content-Type, X-Requested-With
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 61E1 0
0 150ms
104ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401080101&jk=4033890353368412&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 1C50 38 KB
13 KB 65ms
64ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 54001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 00:18:18 GMT
expires: Fri, 10 Jan 2025 00:18:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DBF 0
20 B 92ms
91ms Ping
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3995387408601&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DBF 0
20 B 103ms
102ms Ping
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3995387408601&version=m202309260101&ct=77&x=1&cor=12022758857968058000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2DBF 33 KB
19 KB 115ms
114ms Script
text/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3XXe5qsh9tgwpPknve4phGb-oi93YnWTGiARNytmXSx4HlGj-vpcVQbtFTocOsVzRyc-zwSgbty-wcMfTN63AiUiqjMu3Ul3lRMiAYpkQdSVs5tj4ZGkTmv80XA1SznRSieLa3pnMSp6z70lhWsyRpUQN5zSEUzsTC9-8Gf5dUupZVQo&cry=1&dbm_d=AKAmf-CGy5JWR0iBwnhqtgS-cIriMTwOjGwLrtewpOZbMeUXtTADbbnVILrCPDuN9s__5q2R6E0Tahete20pOHxGp3nu_z8rYWENeAwsWe4Ry-s1ctg58uP01CK_DOm-_hWOz_XkDHEHCwH0scDCzyK6tr9XfpBhACDlnVbdVQvfS_BsK6_4bS1GWoGllYOr1tD1UOit4P-RLBwG-n36d6-qMwgok1WAvSxn5iL0XTL5GF3S1mAzOczscSkF71hsWaIZAfZg8cG58Av1TQvnBOIxD419Lfho39Ytb9MSYcuYAb6ROy6x4X35n4h6103pjm7HEO_VANHFhk3g3xvLM9LFmZMNIHEAalbjT0xEOE8vxB8H70JDD4kYg5kM5XG-8Yn8APqyCN4KmbNbvnHKVWE9cmK4TWWEhEpyNCr8y7DzGnBvlMQLCpbaN5M4P1Y2pKrBArIvsz6856Ff90olAbisKImJqfNKY4fBBuioS2q2sM3sogieAThARZfnq9GcZsLRBBN7cZ5tpVrkyb8h1vIaS4pe-2eIK2XmchTEzS5xOaivX1rZ67a5ICyYPS95eqSMdRIg-52rq5LGcgP7_UMB6WYRk-h27voTsnWbQ8WGjs6aaxMzn9Tx3Ug5JUGToxIm63HG06aaVa2cammeLCeeXFTC7QLIDXi98aR9cBbZAiwh4umfo4ascyLhhqI5Qlv0p_GvZUVzxmTXmQchc4EYWY-CIh4yjtuePe78g6f0R-gWGt-ihKsxj89Rj7X70L1qOgGkgLSxD4tC9jEHGmVackJbMWNatXOgXnaDe5bTA9XWv39MvwgEMotm5Klp2_QKa2JU-HCm3mGvTuQmsjnGxExPhqmomdfepFHW9tB_uPqGG7qUV8VjlYxuR2XAutxq457JyxQiUNGJEsGMoeJQr25G1X8fGAe9JFtcELpC1KUkR2LMT4EVvHuZQkQRYltR7zQsOArKbC-Tz0cmJ-uh7aTUkXn2jGlMKKH-nCwa42WJKPYOyIDq-8uHgimGqJZITQ-I5mVAta_wJC3Ea0AVFS3IPjKswE7aF4jEOv7FuSQlRQBA3YebqWwkyqoFbdLpkhVKmVT34HtpmiHfZaRkwPg3t22FVdNSiBAJaHUFgTyFzC2Tt2l_H7BY8_K-IJV7eODDT3M5a_MpsAaj0lZV2IykliCTHRws_it2r5v18tvUwUsoK8QO9-9jOq5AQFYZ8kVYyW3el6O5FjIyRAxvOACjWvKSpKgurkoc3Go4siX8Oa4XN8uNybXggfnWSFTHShPhECF8YGZmq-SbybyXTC-oOaY1lnYFnaQtAD8XYTMdgirSyMlFLWV3bMKr4RGu7rkmSrtOoL2AJfF0J9-tbeE1N-6jEJeVzOCiDKFG-LeTxiJQRmXkz4RmLGLYnBDTs1KsiVvc3ydkxHIe_pXRdkJ1GjKWaF0W5__V9b4jZ0B8nOPcizx9glhEmT9FkAuwgmBZR3GFAg8bIUSr9JrqLPlK9HoYEHPmVPgcB2HFN877Npf61FYPlwCUfU7GNCnRtLaE7kViqBtiLQZ7SOk7ZmaGlv9VfMmLaYbWY3QXd42bW_RQcJvrZueKgbykz_BOYb7qC-Zr7EQeyZy8tjvvPa3mQzyEf6raJPBbuRwBRN9clRAWpR2Hv0igj0n3AG7uOXL6rmlMiIC4pA06J1PP-7KlPF5Y7lKb0AD0W5GlL8gYM06RcQP4r_ZlZg8ft0eVDfdvu8QqYId0r0b7KQslWnr5iY0-MQdatJyUzC9xFvnb2J5ZKaU_O1W5bqFxDGc7z7dlur7ZTA_mnkN8JDXk46i-I3u8OzS2cyflm0Bhtf53z8sjTN8Qa8bSLt6LuzbrLpxEMmM-F1Brn5jM15FaL7NXDswwkQ4QRlckKa1uy3fqXsTd6s05DZMb3uSTHlLOXVhE8cLVflDGyPiCvA61ZbCJm6HA9KuHqQLy8zAA0zjvzCFFqhTMDXTh1FJTcf5OZXh34ZyysjJy5kAm6R_5a1fgbPj8Hvw0NF9QZecWVdyeAI3NJGXQ5zCA5IyRO3iKpdbGe6khW3zQuNR2ecba8180X7DBnEToM1GEPh3SS8cUjb6uezdJw-KVg2BB-A-gNAtM7G_qdl4zF_fereul_HJ83-7aiGENJIhZ13fOEnUBJrcAkgtm78Z3Xp89QjHKkZGVjyZtFD3IIG2ZhszQlJuWTjUzJnfP24WBuvcEQY5Q1Mlmk8hdnHjXSsrD49xKQdvoI6MFRutGbY_RaPqYarksYhEC5Htwvo9ANBy46qQWmMVtmQq0l4YEmKVKYKbG69Ui17u79ghz-zFGj7WMAYShKPRLnUWJ1YjH-dMM62c16yR2A3zPRVqG8SknDkDu59scg0m_euCMyfdfR6VBULCAGzxu1M_Qm_Vp0yvg1WIs48n-dfpafuvQtcdiAtnmHh4xGfF9lHVB6mVe3Td_7es-lu6Mh4nSBAV1XNlNDIi_aVEiajMHuiBmKMLqrPzsiGUCLTJ8L89kgm8Bv7oZ2qoibtXefPhzLpvV4vIFIrDwMFNute6MCkoMdyNf2OEwZWRxswXBMMAZoDHF-Eva7p5XgSVo6JADtYHDY4k8aXhgboiQc3JUP1jrf9I4UCl2oOuFj36BDgY7gFHcD1bn1gBuvJvtM04BCoByrEn_5lAF5RC0WHsVbqXvcUFLqeHi0FpQAiVq7OxgrtOJEAXpOWsMINhE2MVLZc6_lWhTL40LBuYuDaVVwIRNZKUrFzU7NVrwgFec373RoOUPHxzvZe7sGSqJXVr97s2A76BZrpHf4IW9jB75EUc1xx8DXeLJqJbN2jaXV0fiDVCCytXa1Hl_iv9SaqAokcMgBvRvaeZSZb4H-htLa7nedIwiBmalSQddWrpH8WKMLvufzFnNrmwua67BSBTH9EcCUVpzmXUsCrZr7XTcKBJriX4Ti2nD23TyBgHPmIkgLW1ALbCgmigQk4qAheszNehbD8fQxKrBZjcsUcAGZOlMnQgn3_WR9TN33rV2Cio1rxivp49FWWzmQVFLkwvLYkLOWsWocIp0V3atdzbiWxoLtsStTMpvbbwQMLZoDjYmjaujgLAV2t8q_lXJstWdPuO29-qs9Eg5SKr9-N5smaosyA0HB16WJYzgRcDIO7ZNVD6m-qu1366UCnIVeH7jm2bqYcRJnFnHDZ9YRU_6XFh4r6tulDXTidzTRftTAZ_U88ZiZsetlZHb2O_duYsv0YQb2ctTJRLwIF0dN71F2yOzfrREJIT7pjQTkzKMZsGM-QvCPkAUTqI3nBlrOZsnCuYOmQ4rrpjDcc0sfWADuMH2FTcytQ6f3yXQxOhdGn0RRuwqKds1T0gfP9TgJ2n9_hT7CAmWrjfmKLUcuwXENZ0obOMdIp6zwstsRMOc1qFHC7xbU2dRCKJf8GN8hezFqH3icAk9wztGKvXxS9jQhVNzEmUHkLEBSuk_Iy7xxwZXnfhQb4KRj5bzV_5AQV2J0TUGWcE9O3Atws5aaCNUSSoK0okp8AhDFvwrI7I4gTr-VdW3btCCFl1-dni3nxyvNpmdo2SpefuB99N5U_5nWN4kbW5YYIdQ-CUG5FiJnJLFINzRA9RB4Als2Mpe_U4Pe0f6oirfHAmt8z5tZ3RtmRrBisxct33g2hKO_PJGKZsRJZUWzLE8GZx7PhRHskHMRIKtDVPZiFzdlWrYAJN0kdm49LBRsZriRipMKhOKPYHFpGF04LdeUxkbFJigIT25sldwn0ge5N595UmfY5BPOwtLDXK3jYAjjo3XR5Vjq5fHNvBK1O3Pq6mouH9iSQ7OZQ2uDooJwKycyHsWRsEytCf7nFCcO2IwCvgppUjrMjStcATA-1QU9ZdC110gujI7pEQsDzZODUAJu5KNHxCPxuu7dfO-lc69qVB_3_e0kXx4JwcrHBVm7vNEe2P3TcjU5l-Gjs2Rw1L8reh_zAN41XITX0SdvQB4xZVtBXbFUUrKi6HveErlvpf3AASbyqNxE7-_cgdPCZRmVZhRhUM&cid=CAQSTwAvHhf_Jk9zPHWfL0ghDc7o3gcJ5hkbPdQUBfY6_DG3BQv8kDAUnHSSa1DqKfAIbnnJWf7jAyg-BjDUFKNmvbJtk0bStQbThBazn00YPLsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnovza510.gameyas.com%2F&ds=l&xdt=1&iif=1&cor=12022758857968058000&adk=1964084971&idt=266&cac=0&dtd=37

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a842e9976b2a872112215b3ed7f6fe2584290ee1a3c5f0b5daf544c7501ec940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AE8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1

43 B
328 B

92ms
92ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARil--z_ATAB&v=APEucNUWrnXsJlSvNDyTFqCRAcQRulp1Fj955dHdgjfIUQM1M2S0F6KpxyvM-qA-gfuUAyUXtE-5PCWlZwUZO3bEEaIMmcwKmQ
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YeiKmfDT843bpw2Iji5JBidwiH%2BHdP4edI0S0x2XPJyMiP0dIZuRLQ2%2F16cNWr%2Bl6LQkJJxdZXTxW09wiS%2F7k5XvvQV4BR1lGBkO3rc6pllHb2dME%2FswNpPQsDbqcE2Fe0prCqVC8LjlVA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843e21b9b81a31cc-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AE8B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaAGvHszmwuc-bSFoHquFAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1

43 B
735 B

82ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARil--z_ATAB&v=APEucNUWrnXsJlSvNDyTFqCRAcQRulp1Fj955dHdgjfIUQM1M2S0F6KpxyvM-qA-gfuUAyUXtE-5PCWlZwUZO3bEEaIMmcwKmQ
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gXG57wNI4crSXO74Cez04N%2FEwtSLAUsVbSF6csIGNgOvwbi%2FqpvUqGrAzJ6fOTosl%2BLwp4vX1IQZr8%2FAJpoZSxlxEFuZsphCjC61ywmvMaxorMFDh4Dau5gM4bVsx9oguoAkR%2FXmQ%2FSNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843e21baeb2a221e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AE8B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1

43 B
1007 B

106ms
106ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARil--z_ATAB&v=APEucNUWrnXsJlSvNDyTFqCRAcQRulp1Fj955dHdgjfIUQM1M2S0F6KpxyvM-qA-gfuUAyUXtE-5PCWlZwUZO3bEEaIMmcwKmQ

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
an-x-request-uuid: 4720d786-df82-428b-af92-65a3be639832
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.77; 38.132.118.77; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AE8B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEyMjYzMTQ2OTk2OTExODUzMQ%3D%3D

170 B
232 B

83ms
82ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEyMjYzMTQ2OTk2OTExODUzMQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
an-x-request-uuid: 87949473-801a-48ed-9646-38160e2e3968
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTEyMjYzMTQ2OTk2OTExODUzMQ%3D%3D
x-proxy-origin: 38.132.118.77; 38.132.118.77; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame AAE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1

43 B
347 B

81ms
80ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNix6QEQmf2z2wIY7IraggIwAQ&v=APEucNUXYb5bCJxoz2puaVWJDt9acuKy5xbBvhvmKxk5PQf0bZB9UqbdqkNHS5voCROI_jrrW9wqM0CLQMkWTw7Ncqi6ZZpPtg
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EMWzEflyGq%2Fx9OVmkO1Zz%2BltRN%2BGRcNIW%2BMPRDbUBsy6aNTcVcEKTUWbXVZ1dczIzv%2B%2ByBBVqGTNT2fMlCLFXlZzcIhnP5OYo3XnHsAHxWJ8BkghUKEoOyQavsECJOc%2BHQlqrP%2BhhxUvnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843e21b9b81831cc-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO56OUJFKCMRqbJjKcIuKHk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame AAE1
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZaAGvG-nHf038C-YXYKjKAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1

43 B
766 B

77ms
77ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNix6QEQmf2z2wIY7IraggIwAQ&v=APEucNUXYb5bCJxoz2puaVWJDt9acuKy5xbBvhvmKxk5PQf0bZB9UqbdqkNHS5voCROI_jrrW9wqM0CLQMkWTw7Ncqi6ZZpPtg
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2FjB6SEvdMwLo5vUt%2B%2F7iEEchxqOOpxbmApPmL4qtVRqq1lwSCsY5qFfaunYlsuTVVpA13xKPzhy1W8ntYiYnlzgvGlOU5HA5POCC1O2ihQUOWxOSfoajx3FNpTsHwPQam2NbLw5i2a7vw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 843e21babada221e-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELvjS-bBa0dI2C6iPeVKyq8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame AAE1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1

43 B
1007 B

73ms
73ms

Image
image/gif

68.67.181.211
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNix6QEQmf2z2wIY7IraggIwAQ&v=APEucNUXYb5bCJxoz2puaVWJDt9acuKy5xbBvhvmKxk5PQf0bZB9UqbdqkNHS5voCROI_jrrW9wqM0CLQMkWTw7Ncqi6ZZpPtg

Protocol

Server

68.67.181.211 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
an-x-request-uuid: 9d96a0d3-d148-4595-9805-521050fb8e99
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.77; 38.132.118.77; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFo448TIE-MHbCgmvgtXLGc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame AAE1
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc0MTY0MzE2MTg1Nzg2Njg4MQ%3D%3D

170 B
243 B

83ms
82ms

Image
image/png

142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc0MTY0MzE2MTg1Nzg2Njg4MQ%3D%3D

Requested by

Protocol

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
an-x-request-uuid: 7d6b6086-1710-44bf-bf83-f8da4efcf6ec
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDc0MTY0MzE2MTg1Nzg2Njg4MQ%3D%3D
x-proxy-origin: 38.132.118.77; 38.132.118.77; 584.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C50 39 KB
15 KB 64ms
64ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 20:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 20:12:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 2DBF 31 KB
12 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A3XXe5qsh9tgwpPknve4phGb-oi93YnWTGiARNytmXSx4HlGj-vpcVQbtFTocOsVzRyc-zwSgbty-wcMfTN63AiUiqjMu3Ul3lRMiAYpkQdSVs5tj4ZGkTmv80XA1SznRSieLa3pnMSp6z70lhWsyRpUQN5zSEUzsTC9-8Gf5dUupZVQo&cry=1&dbm_d=AKAmf-CGy5JWR0iBwnhqtgS-cIriMTwOjGwLrtewpOZbMeUXtTADbbnVILrCPDuN9s__5q2R6E0Tahete20pOHxGp3nu_z8rYWENeAwsWe4Ry-s1ctg58uP01CK_DOm-_hWOz_XkDHEHCwH0scDCzyK6tr9XfpBhACDlnVbdVQvfS_BsK6_4bS1GWoGllYOr1tD1UOit4P-RLBwG-n36d6-qMwgok1WAvSxn5iL0XTL5GF3S1mAzOczscSkF71hsWaIZAfZg8cG58Av1TQvnBOIxD419Lfho39Ytb9MSYcuYAb6ROy6x4X35n4h6103pjm7HEO_VANHFhk3g3xvLM9LFmZMNIHEAalbjT0xEOE8vxB8H70JDD4kYg5kM5XG-8Yn8APqyCN4KmbNbvnHKVWE9cmK4TWWEhEpyNCr8y7DzGnBvlMQLCpbaN5M4P1Y2pKrBArIvsz6856Ff90olAbisKImJqfNKY4fBBuioS2q2sM3sogieAThARZfnq9GcZsLRBBN7cZ5tpVrkyb8h1vIaS4pe-2eIK2XmchTEzS5xOaivX1rZ67a5ICyYPS95eqSMdRIg-52rq5LGcgP7_UMB6WYRk-h27voTsnWbQ8WGjs6aaxMzn9Tx3Ug5JUGToxIm63HG06aaVa2cammeLCeeXFTC7QLIDXi98aR9cBbZAiwh4umfo4ascyLhhqI5Qlv0p_GvZUVzxmTXmQchc4EYWY-CIh4yjtuePe78g6f0R-gWGt-ihKsxj89Rj7X70L1qOgGkgLSxD4tC9jEHGmVackJbMWNatXOgXnaDe5bTA9XWv39MvwgEMotm5Klp2_QKa2JU-HCm3mGvTuQmsjnGxExPhqmomdfepFHW9tB_uPqGG7qUV8VjlYxuR2XAutxq457JyxQiUNGJEsGMoeJQr25G1X8fGAe9JFtcELpC1KUkR2LMT4EVvHuZQkQRYltR7zQsOArKbC-Tz0cmJ-uh7aTUkXn2jGlMKKH-nCwa42WJKPYOyIDq-8uHgimGqJZITQ-I5mVAta_wJC3Ea0AVFS3IPjKswE7aF4jEOv7FuSQlRQBA3YebqWwkyqoFbdLpkhVKmVT34HtpmiHfZaRkwPg3t22FVdNSiBAJaHUFgTyFzC2Tt2l_H7BY8_K-IJV7eODDT3M5a_MpsAaj0lZV2IykliCTHRws_it2r5v18tvUwUsoK8QO9-9jOq5AQFYZ8kVYyW3el6O5FjIyRAxvOACjWvKSpKgurkoc3Go4siX8Oa4XN8uNybXggfnWSFTHShPhECF8YGZmq-SbybyXTC-oOaY1lnYFnaQtAD8XYTMdgirSyMlFLWV3bMKr4RGu7rkmSrtOoL2AJfF0J9-tbeE1N-6jEJeVzOCiDKFG-LeTxiJQRmXkz4RmLGLYnBDTs1KsiVvc3ydkxHIe_pXRdkJ1GjKWaF0W5__V9b4jZ0B8nOPcizx9glhEmT9FkAuwgmBZR3GFAg8bIUSr9JrqLPlK9HoYEHPmVPgcB2HFN877Npf61FYPlwCUfU7GNCnRtLaE7kViqBtiLQZ7SOk7ZmaGlv9VfMmLaYbWY3QXd42bW_RQcJvrZueKgbykz_BOYb7qC-Zr7EQeyZy8tjvvPa3mQzyEf6raJPBbuRwBRN9clRAWpR2Hv0igj0n3AG7uOXL6rmlMiIC4pA06J1PP-7KlPF5Y7lKb0AD0W5GlL8gYM06RcQP4r_ZlZg8ft0eVDfdvu8QqYId0r0b7KQslWnr5iY0-MQdatJyUzC9xFvnb2J5ZKaU_O1W5bqFxDGc7z7dlur7ZTA_mnkN8JDXk46i-I3u8OzS2cyflm0Bhtf53z8sjTN8Qa8bSLt6LuzbrLpxEMmM-F1Brn5jM15FaL7NXDswwkQ4QRlckKa1uy3fqXsTd6s05DZMb3uSTHlLOXVhE8cLVflDGyPiCvA61ZbCJm6HA9KuHqQLy8zAA0zjvzCFFqhTMDXTh1FJTcf5OZXh34ZyysjJy5kAm6R_5a1fgbPj8Hvw0NF9QZecWVdyeAI3NJGXQ5zCA5IyRO3iKpdbGe6khW3zQuNR2ecba8180X7DBnEToM1GEPh3SS8cUjb6uezdJw-KVg2BB-A-gNAtM7G_qdl4zF_fereul_HJ83-7aiGENJIhZ13fOEnUBJrcAkgtm78Z3Xp89QjHKkZGVjyZtFD3IIG2ZhszQlJuWTjUzJnfP24WBuvcEQY5Q1Mlmk8hdnHjXSsrD49xKQdvoI6MFRutGbY_RaPqYarksYhEC5Htwvo9ANBy46qQWmMVtmQq0l4YEmKVKYKbG69Ui17u79ghz-zFGj7WMAYShKPRLnUWJ1YjH-dMM62c16yR2A3zPRVqG8SknDkDu59scg0m_euCMyfdfR6VBULCAGzxu1M_Qm_Vp0yvg1WIs48n-dfpafuvQtcdiAtnmHh4xGfF9lHVB6mVe3Td_7es-lu6Mh4nSBAV1XNlNDIi_aVEiajMHuiBmKMLqrPzsiGUCLTJ8L89kgm8Bv7oZ2qoibtXefPhzLpvV4vIFIrDwMFNute6MCkoMdyNf2OEwZWRxswXBMMAZoDHF-Eva7p5XgSVo6JADtYHDY4k8aXhgboiQc3JUP1jrf9I4UCl2oOuFj36BDgY7gFHcD1bn1gBuvJvtM04BCoByrEn_5lAF5RC0WHsVbqXvcUFLqeHi0FpQAiVq7OxgrtOJEAXpOWsMINhE2MVLZc6_lWhTL40LBuYuDaVVwIRNZKUrFzU7NVrwgFec373RoOUPHxzvZe7sGSqJXVr97s2A76BZrpHf4IW9jB75EUc1xx8DXeLJqJbN2jaXV0fiDVCCytXa1Hl_iv9SaqAokcMgBvRvaeZSZb4H-htLa7nedIwiBmalSQddWrpH8WKMLvufzFnNrmwua67BSBTH9EcCUVpzmXUsCrZr7XTcKBJriX4Ti2nD23TyBgHPmIkgLW1ALbCgmigQk4qAheszNehbD8fQxKrBZjcsUcAGZOlMnQgn3_WR9TN33rV2Cio1rxivp49FWWzmQVFLkwvLYkLOWsWocIp0V3atdzbiWxoLtsStTMpvbbwQMLZoDjYmjaujgLAV2t8q_lXJstWdPuO29-qs9Eg5SKr9-N5smaosyA0HB16WJYzgRcDIO7ZNVD6m-qu1366UCnIVeH7jm2bqYcRJnFnHDZ9YRU_6XFh4r6tulDXTidzTRftTAZ_U88ZiZsetlZHb2O_duYsv0YQb2ctTJRLwIF0dN71F2yOzfrREJIT7pjQTkzKMZsGM-QvCPkAUTqI3nBlrOZsnCuYOmQ4rrpjDcc0sfWADuMH2FTcytQ6f3yXQxOhdGn0RRuwqKds1T0gfP9TgJ2n9_hT7CAmWrjfmKLUcuwXENZ0obOMdIp6zwstsRMOc1qFHC7xbU2dRCKJf8GN8hezFqH3icAk9wztGKvXxS9jQhVNzEmUHkLEBSuk_Iy7xxwZXnfhQb4KRj5bzV_5AQV2J0TUGWcE9O3Atws5aaCNUSSoK0okp8AhDFvwrI7I4gTr-VdW3btCCFl1-dni3nxyvNpmdo2SpefuB99N5U_5nWN4kbW5YYIdQ-CUG5FiJnJLFINzRA9RB4Als2Mpe_U4Pe0f6oirfHAmt8z5tZ3RtmRrBisxct33g2hKO_PJGKZsRJZUWzLE8GZx7PhRHskHMRIKtDVPZiFzdlWrYAJN0kdm49LBRsZriRipMKhOKPYHFpGF04LdeUxkbFJigIT25sldwn0ge5N595UmfY5BPOwtLDXK3jYAjjo3XR5Vjq5fHNvBK1O3Pq6mouH9iSQ7OZQ2uDooJwKycyHsWRsEytCf7nFCcO2IwCvgppUjrMjStcATA-1QU9ZdC110gujI7pEQsDzZODUAJu5KNHxCPxuu7dfO-lc69qVB_3_e0kXx4JwcrHBVm7vNEe2P3TcjU5l-Gjs2Rw1L8reh_zAN41XITX0SdvQB4xZVtBXbFUUrKi6HveErlvpf3AASbyqNxE7-_cgdPCZRmVZhRhUM&cid=CAQSTwAvHhf_Jk9zPHWfL0ghDc7o3gcJ5hkbPdQUBfY6_DG3BQv8kDAUnHSSa1DqKfAIbnnJWf7jAyg-BjDUFKNmvbJtk0bStQbThBazn00YPLsYAQ&dv3_ver=m202309260101&rfl=https%3A%2F%2Fnovza510.gameyas.com%2F&ds=l&xdt=1&iif=1&cor=12022758857968058000&adk=1964084971&idt=266&cac=0&dtd=37

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 11:54:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12227
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11885
x-xss-protection: 0
server: cafe
etag: 16863283086342074828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Jan 2024 11:54:33 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2DBF 41 KB
14 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 00:18:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54007
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Jan 2025 00:18:13 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk4NjI5OTk5ODEyNQogIHNlcnZlcl9pcDogMTE3NDE3NzMKICBwcm9jZXNzX2lkOiA1NzA3MDIwMjgKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogOTIxMjI1Mgph...
ad.doubleclick.net/ddm/activity/ Frame 2DBF 0
859 B 261ms
91ms Image
image/png 142.250.80.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNDk4NjI5OTk5ODEyNQogIHNlcnZlcl9pcDogMTE3NDE3NzMKICBwcm9jZXNzX2lkOiA1NzA3MDIwMjgKfQpmbG9vZGxpZ2h0X2NvbmZpZ19pZDogOTIxMjI1MgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vYWRvYmUuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDY2MTc1NTYzNTYyOTM4ODIzNTcKZGVidWdfa2V5OiAxNDg2MDEwNzU1Mzg4MTgzMDQ5NAppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDEtMTEiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA5MjEyMjUyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgyNjIwMzg0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0MDA0OTMxCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwMjMzNjk1MDk1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTM2NTU5MDEzCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2Fkb2JlLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2ZsYXNodGFsa2luZy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.80.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s34-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x6c209138538476fb0000000000000000","13":"0x5fcaca7e9731b180000000000000000","14":"0x2b1e662ccff39b030000000000000000","15":"0x96dcb0cbde8a9c4d0000000000000000"},"debug_key":"14860107553881830494","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"6617556356293882357"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4907 0
10 B 63ms
63ms Image
text/plain 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?F3r32g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 2DBF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68176a7eafebc3055efc326f5ed34621439d43ce6ad67f50e79b5a8c4fa2f6fd

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/225291;7892167;201;jsappend;DV360;DV360FY24AcrobatBEHAudExUSDSKBAN300x250/ Frame 2DBF 2 KB
1 KB 218ms
75ms Script
text/javascript 184.29.161.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/225291;7892167;201;jsappend;DV360;DV360FY24AcrobatBEHAudExUSDSKBAN300x250/?ftOBA=1&ft_domain=novza510.gameyas.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://novza510.gameyas.com/&us_privacy=${US_PRIVACY}&site_url=https://novza510.gameyas.com/&pub_id=1&sup_platform=1&cachebuster=483961.31894386717

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.29.161.102 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-161-102.deploy.static.akamaitechnologies.com

Software

prod-xre-app25.ash11 /

Resource Hash

73b5ec2f7f5bdfa7c1dd0645de8566c7138adddb73f3480617271409aa12dae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:20 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app25.ash11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 926
Expires: Thu, 11 Jan 2024 15:18:20 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D8C 38 KB
13 KB 69ms
69ms Document
text/html 2607:f8b0:4006:823::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 54002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 11 Jan 2024 00:18:18 GMT
expires: Fri, 10 Jan 2025 00:18:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C50 0
20 B 93ms
92ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BJJl1ugagZfPfGr_a6toPnLG7-AkAAAAAOAHgBAI&bg=!QUKlQg3NAAaumcC-jpk7ADQBe5WfOFwRZnVjUlGUY-uP0TS8Ex3Kab3F6d-a_qEtnJh2GIQIk7fwIeSiWHzTCVOMLN4mAgAAAHZSAAAABGgBB5kDWPpwO3LO11nMel8ZX7B8EevCKihsN1__-np-NqRogtkLlSeTIQAcgdmHo_Uz0_VXGat25yMQHDD4B7s932pv0hn714WPpDsT0qrQ-IZoOQSE_nncku_JyKoppHk3-RoxzEGyXggdQx88uFZlAdr2PEq3JlHV9w9Dz7JsGjScIfwyaritlILb94hSvLHvFqa7xi87NgUnxvHNROIlBnRP6YlsEtEa_vwDzpsNXk6JBb1VH_IY-f7ubablpQiv-OFK5Di6y5buAt9PTMwVw_YyqDlQuXJF8eKaIysx25xZjCvsMUslkFixWWjnUTKdPbp2Few80ow79oZfPiCLiGL_DNkC5Q83NEZW4H63QObGJ8fz_7i4YVfKzgY-8m1DaFG5cF68QwIHcDq1WAzYt0ICFj0gqeIQMekIUqaatIWQ-IkXVaXXd_NXZWlMnUE41-3YTo7K5MHAvEgCCg8uc_1zkEriQtbXluHxx1cr-gZhwzC6Cbm0CB13b50bCqJNIlowz9xDztwmcSIGjD3N-ozZ7zRf0GkxoLj2el5FQUQPIM26TCcglGcZcX7umsDs-Drb5oTE9JKiM1iASprnmxP5GvEmsv_vnmdSEyjUDl0ybjGKpLNxR6mULDf5WKG_hIDem8DwGAyEELkGHyk54HH3QeL-KyCCaiIx7VqhdMk_gxX0Suv-dndFSdcTtK5ei5sogFsrLY8Ed-lWEIcVpIQiIdb1a_knsncREns9pKQ6pL9fU5q8R0PxB4iHd8DYrx0FBYaZUYEPVmUz5lfIRDctYwD4EdfyJ0fA6JeJCPd0jdvbPu7WZWVW33SVhOBJLeP1CU3Dy04-sdKD3kJwbqWtM7STeWN-VOypbFxlmk5SvJpdnZ2IF7I4X9xUrsZhgcgYp0aef7_mF_I87bNGi0Vg6YqocNahrwSyLl_CwrBmK5VE_-1rFwqa5fbo3dIjBd6KuShXCVJh5ykhXPi_w50vGLRh_vfo7VsTL7Djg7Y6qFZjSwqBw3as0rFR629ps6whXBW85JLoCOxBR6bpqGmE3WenzHxktKKsIww3_dvr6xSDxa5DM3PZ_6XUR7vSBcQBV4cAHpU-mKwv1JUIqJ79THpJlYvCEThboKFgbE1TxtTSIVw0zPWxGUc

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D8C 39 KB
15 KB 65ms
63ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 20:12:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68775
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 09 Jan 2025 20:12:05 GMT

GET
H/1.1 200
OK ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame 2DBF 85 KB
26 KB 235ms
86ms Script
application/javascript 23.196.3.203
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/225291;7892167;201;jsappend;DV360;DV360FY24AcrobatBEHAudExUSDSKBAN300x250/?ftOBA=1&ft_domain=novza510.gameyas.com&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://novza510.gameyas.com/&us_privacy=${US_PRIVACY}&site_url=https://novza510.gameyas.com/&pub_id=1&sup_platform=1&cachebuster=483961.31894386717
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.196.3.203 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-196-3-203.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 10707c1987c2d6abacf5140d5c82d73f302fd8dcd1091bb2c6f1f30ebe7b321e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 15:18:20 GMT
Content-Encoding: gzip
Akamai-Cache-Status: Miss from child
x-amz-request-id: ATBH5ZX4NTX9NP4W
x-amz-server-side-encryption: AES256
Connection: keep-alive
Content-Length: 26266
x-amz-id-2: B7mcV2ESJYmOnTxtalcqgkVoWzUJ6rrYeG8YIO64/LoSox3OeYLZcAZO2UVua55LAvQgkGqnpKI=
Last-Modified: Wed, 25 Oct 2023 13:28:37 GMT
Server: AmazonS3
ETag: W/"9854f5d95c23f23d3d344dcd83f89d38"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding, Accept-Encoding
Cache-Control: max-age=86400
X-Varnish: 260212183 213944112
Accept-Ranges: bytes
Expires: Fri, 12 Jan 2024 15:18:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D8C 0
20 B 94ms
93ms Image
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BQoNmuwagZe31PM3UzLUPzPGQkAIAAAAAOAHgBAI&bg=!a2ilaCfNAAaumcC-jpk7ADQBe5WfOLPb6Y_C5seX96X4alhhEgOpB_5d5GfHy2zWftrShvB6S0Pu52M3bAjphns--E4TAgAAAFJSAAAAA2gBBwoAc6AqzYIXfSaaWI6fVnCUkFk9kCoD_XZkAS77RfQIo_pOENYjRXCxUnwcT_rmZru4x6Xkr7faeAULjWybmVhmZ0bYxfjMHJ2dMPlCAI0zqwYX55cV66SJgNLLiLOTV1NdVpYtXj0_oSGIcjU7JB4odJuMIcaZAxAdarqbyv11fXt-kHHOeUi835_pP04mcZROB9XvbFvdA4yYVV-K9a7mmgmD68EKtLHW7_XEdtiQbkOUfSY0lJjWZvCxgllhiGNAFxdTdewgJW1s9cjftSTy8lcJitVufKyxVYzbKOe7tUjecLG_H6o-dj67hAeOkXQyXv05Yl84Ha7KDkdBSg-SaMZPZ8Z_UiYWtzuWa8e0R6bnDNT6WuzBLhYVADfr0Uz2DGwS-OdeSuOjF8oF-WE66OKdd2amXfLVBXqMSYrSsfrv_LblVscXke_ru2m2Uq4UeQh0XVlIp8bENt0HX7lM3VN50ARy8l60Me-Pk9KZRmB4uxxrKgktZDVsqRMF8H0I38kdLsoeMZAcS9QiEd_IplheGV9KNZjjOsYKIsTDlmapgJD1EU2iXZzslsCxMkkui_MA3z7GXEjvXd7likfGJKY8cJwVSOJz_efu2JnxjP9InCGDLJ-AC3K2Q-n4QphAPS-k3LA7d_ETejAZlKhEOhyRUZ6lyKSBj50Mnng-pvYwzqe6CtMIPZ251KPVkiuXd0KxML2BAQ6bUnTtILGlU5wo3p65-aX_8n9jjZilmux1tTFcpbPNdXYsdpZtbtyHDkgOf5rgbTwo56X2uJNjJHGTXNYbOVjRIxx-hKfjfO2x-dDII0jiO37VODDZvYI8HMj7NKYF00VzPCayEf74UwR1GeWiKAQvjuUsrhWDfYaFMXn6l6co0Bs0BjtZ1HIsg9lZrHbK5EMn15WqiIzPJNf0s4Uu6Z56Ab-OWIzRZ88ETy8gjhjv-F87hr3vN4vlOo6vBORscywcxgTKxNNB493xPOR_X3mjMADv6Sc4dxIBjRb84RUIJEjdwMmnGwhO9qHSuYuuosBMKIbMwL5XdTSX-rryOiyBGjwULYJMn3-2zReevO2Ic-2vNp8GjqCHhYz_ThQE-qP6ySljb6QrozN7WjpPsGCWIDyz3F17KaJJODosc1DUdcwET8z7tpHhlmCPmwt69tJdwItANcw6ZmByFixz-qV43UQ24QWIKkg3gE5d0QKk

Requested by

Host: 03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
URL: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4450760.json Show response
agen-assets.ftstatic.com/display/7892167/ Frame 2DBF 4 KB
2 KB 232ms
63ms XHR
application/json 13.35.93.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7892167/4450760.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.93.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-93-38.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 41313da2f7f2db37c6f96892e6d0052bce5c5d6bdb495187f0f3f5efa19fcf0e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:13 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.1), 1.1 b8a14e264cc616c0c59fba7aea8f19be.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P8
age: 7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1793
last-modified: Wed, 10 Jan 2024 19:48:18 GMT
server: AmazonS3
etag: W/"952bb2f61a45f665483d56462a92a979"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 26129570 26519866
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: cBKAJEUabAMEojMgiDEpevPKYBRJRMTQp_kRU4_VvIPKuCQ3OH3AOQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 99ms
99ms Image
text/html 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401080101&jk=4033890353368412&bg=!xsWlxYrNAAaumcC-jpk7ADQBe5WfOHqyxeUCN-GzwpnGPeKBk5akPXBylwVrBexJ33G1-isTQHPylBceIs76zqTEg4nMAgAAAa9SAAAAA2gBBwoAcGi00-y6y8z4CBgaptXaoTsvv9j3pIxu1X3XXSp6Ji_7EWtWGRLllXCJPNuEaAzDA1WyAYJr02QsP52tR15sIIgbhx4DERAPFN4VSiyoTxkAvKjlOgWk7Bezb7jXx-OWmkO4Upq6fyI3b5jYLQxO91uZAshEF0ecTCH0U4YpJPWyUwI-vqAUKrOIMMo9XseBehkvkg4WlOjZ9qefCVwsbOaPpYfPU9jaz1qkEx8wLR79B4ycN4eSTrygL2iQwsMPw1v5LyXnM1JeOzVnbLw0NXwGEXpyQ50CbCXfjN1uZoiPvxH4--HT1VEY6CockwW2GPJZedHlFAym5pHYj6Fn1e8G97_ZbqwZWn_wuAJArFmBUizEuxcL40Q0jcF5YqEKasS4JF5ELs7U7tacYJvkw55E8K7btoh47Tan_AVT7_Nem1ADmCJxCwW4aUa13txU4ER4ZkEeL3XrRUw-7c631GsOXoDdVcNOTomdAUbT3OCK7pCE-6jQKFCzHz0Gd-V2UbYQ0rjlBQqF8n5SJZHUToYzaLh9xUgsRISFahMtsItqnukeax6gM9P5LnWdV7dY7whMfeD4HkH33IYOcNDOPrWxnKamp1PY6Bu1rc4vTG6k1m64G1VjDzAcXoj_hUO5be-osvc5MUb7Aw0zuiVvfrrdsvUbHVrO6idZvemC-EFmZaJnBohq4pv-xMlDxLa97oqlEknSw2BCKbAWxWjAbUFUL8yGrg_MhkG-QfAL3VeCkmA2ot3EI_MwPRo6lcfK5hpLAzLngbQjuzwqA-sTYtg3BQdGNRd0fdRrtrH2bl3LyKlV3-R98F1rJhwgeZYVrvA1J3dmQqLH59GxT2-zcUTroO7fuk76Y0CgyhLoS2fNIEa_6EVvRsg3_0JgUuJUnwKm3UAW7e4ANRBLyQzTTffDpBUNs5lc650OIcO4T6RrKHuyllN3gCPpHdY9Al23pIWW2lDwoQqUj6Mx6YdTvhN10o9euavdEptrVm5dR1rcQfPHNSkm17qdnayWmIutqKdHXicE_m-9JvZC7DxcMTy-g8a3QEyTT5d3U0P4xN9GYtbjGsy0LR5qpD0quUnFzDMHJOo8vQi8JofZ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://novza510.gameyas.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

GET
H2 200 d9core Show response
d9.flashtalking.com/ Frame 2DBF 11 KB
11 KB 465ms
116ms Script
application/javascript 54.226.129.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/d9core
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.129.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-129-254.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 7ee3d6c22a1ac96642221970f7c6f443392736e2540c5e877bce002bec36ea66

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:21 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
etag: 5bc31bf7d4a298e1bef9d35fce222bfc
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: d9.flashtalking.com
content-type: application/javascript;charset=utf-8
cache-control: private, must-revalidate, proxy-revalidate, max-age=172800
access-control-allow-credentials: true

GET
H/1.1 200
OK Adobe_Review_300x250.html Show response
cdn.flashtalking.com/116264/4450760/ Frame 1F6E 3 KB
2 KB 406ms
81ms Document
text/html 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 857bb4f81472f2fb56bff33802935b17c2a6522d9adb6b91d0d4cf587767e086

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Cache-Control: max-age=790
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1240
Content-Type: text/html
Date: Thu, 11 Jan 2024 15:18:21 GMT
ETag: W/"8df3c03b27ddeb9224c49907da0504b3"
Expires: Thu, 11 Jan 2024 15:31:31 GMT
Last-Modified: Mon, 11 Sep 2023 19:25:45 GMT
Server: Flashtalking (AKA)
Vary: Accept-Encoding
X-FT-Origin: us
X-Varnish: 798700062

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame 2DBF 547 KB
159 KB 417ms
75ms Script
application/javascript 2600:9000:261f:3200:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:261f:3200:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c28210cdceff39dc578c45b25844acd15b1dcbe2bb526a21812dc781ca6b06bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 23:53:51 GMT
Content-Encoding: br
Via: 1.1 08c35fba3c05c07f78b1292e4a5f949a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P3
Age: 55470
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 10 Jan 2024 23:53:51 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: pBbGjs7l00T5Lq5OpuB3-eGuqhWAaDEJFsRNuilknClGociK4Bw-1A==
Expires: Thu, 11 Jan 2024 23:53:51 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame 2DBF 17 KB
6 KB 394ms
64ms Script
application/javascript 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 15:18:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
X-FT-Origin: us
Vary: Accept-Encoding
X-Varnish: 413862034 236107414
Content-Type: application/javascript
Cache-Control: max-age=75961
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Fri, 12 Jan 2024 12:24:22 GMT

GET
DATA 200
OK truncated
/ Frame 2DBF 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DBF 42 B
174 B 94ms
93ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEtav4UrgEeAQvut9vQeYhSFo3ohPXhK-fgUGzsUYmxLIHNoODw7GhDZUU7PDdSzEotL74FJUaMcObgsYZnUqkdEkEeidp9LUKvdflUSKTuEARXAFZWmMk9ESWY_mSKxyXFfdgxP_WIF9v-FOXm25EkMS7&sai=AMfl-YTcIJxEl5-IPEu_0NNLQlM9RELbxbh6DGlPY9lKyBrcA1a9Z0baxgqsvJtY-LRQ6h2BvweP_DYtj24ud7mt2DsNp3QYsXSbIG0Wj3pv3xa2eX0eIUpzdIM79grW8QbQG6TWZeLGI9tBOK65eGBPnQ&sig=Cg0ArKJSzBBRCLyHXQfMEAE&cid=CAQSTwAvHhf_Jk9zPHWfL0ghDc7o3gcJ5hkbPdQUBfY6_DG3BQv8kDAUnHSSa1DqKfAIbnnJWf7jAyg-BjDUFKNmvbJtk0bStQbThBazn00YPLsYAQ&id=lidar2&mcvt=1000&p=313,650,563,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=303743046&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704986299514&rpt=698&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7892167;4450760;0;271;5523FF06-8979-D1A9-1350-9D780AD552C0/ Frame 2DBF 0
67 B 235ms
57ms Image
text/plain 18.214.86.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7892167;4450760;0;271;5523FF06-8979-D1A9-1350-9D780AD552C0/?cachebuster=194964377
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.86.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-86-156.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:21 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 2DBF 1 B
377 B 264ms
69ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7892167;4450760;0-304-0-0-732175568
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Thu, 11 Jan 2024 15:18:21 GMT

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 1F6E 236 KB
63 KB 258ms
73ms Script
text/javascript 2600:141b:1c00:30::1739:5a6c
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:141b:1c00:30::1739:5a6c Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:21 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Thu, 11 Jan 2024 15:33:21 GMT

GET
H2 200 gsap_3.11.5_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1F6E 70 KB
27 KB 81ms
76ms Script
text/javascript 2607:f8b0:4006:81e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js

Requested by

Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27946
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:06:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Jan 2024 15:18:21 GMT

GET
H/1.1 200
OK Adobe_Review_300x250.js Show response
cdn.flashtalking.com/116264/4450760/ Frame 1F6E 29 KB
6 KB 68ms
65ms Script
application/javascript 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.js?1693241679118
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: f83708a6e1fb7c94eec7de755be78c077d883f9420f81844df48ed1d94e10497

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 15:18:21 GMT
Content-Encoding: gzip
X-FT-Origin: us
Connection: keep-alive
Content-Length: 5484
Last-Modified: Mon, 11 Sep 2023 19:25:45 GMT
Server: Flashtalking (AKA)
ETag: W/"829456772a296bbcac12af6eab1a0858"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary: Accept-Encoding
Cache-Control: max-age=791
X-Varnish: 798344944
Accept-Ranges: bytes
Expires: Thu, 11 Jan 2024 15:31:32 GMT

POST
H2 200 lgc Show response
d9.flashtalking.com/ Frame 2DBF 103 B
575 B 98ms
97ms XHR
application/json 54.226.129.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://d9.flashtalking.com/lgc
Requested by: Host: d9.flashtalking.com
URL: https://d9.flashtalking.com/d9core
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.226.129.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-226-129-254.compute-1.amazonaws.com
Software: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash: 8c200e10d9f2b4e1dca01e31ff0e58a2e3c984975061ed200360d04b5fc8c54b

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 11 Jan 2024 15:18:21 GMT
server: Apache/2.4.58 (Amazon Linux) OpenSSL/3.0.8
access-control-allow-methods: GET,POST,SERVER
p3p: policyref="localhost/w3c/D9_p3p_.xml", CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
access-control-allow-origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
content-type: application/json;charset=ISO-8859-1
access-control-allow-credentials: true
content-length: 103

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 2DBF 1 B
377 B 227ms
63ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7892167;4450760;0-306-0-0-477107517
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Thu, 11 Jan 2024 15:18:21 GMT

GET
H/1.1 200
OK /
servedby.flashtalking.com/state/7892167;4450760;0;401;5523FF06-8979-D1A9-1350-9D780AD552C0/ Frame 2DBF 42 B
343 B 73ms
72ms Image
image/gif 184.29.161.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://servedby.flashtalking.com/state/7892167;4450760;0;401;5523FF06-8979-D1A9-1350-9D780AD552C0/?ft_data=d9:2d1c332599b94856b30707dfb5e11fd8;d9s:2d1c332599b94856b30707dfb5e11fd8&cachebuster=145861135

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.29.161.102 Piscataway, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-29-161-102.deploy.static.akamaitechnologies.com

Software

prod-xre-app36.ash11 /

Resource Hash

47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:21 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app36.ash11
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 42
Expires: Thu, 11 Jan 2024 15:18:21 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 2DBF 121 B
717 B 405ms
87ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=kqyzivYfHxHoHnbdMHrsvlbGwBiXRQdc-FE7fPshldVTrKD8a3XLJFUzJPA==-E03BOMRka1rhNw==&pm_ct=5415dedcc21ddc339782c775&pm_pl=1704986301619&pm_td=34&pid=1000925&en=1.1&callback=__pm_glbl_E2gs1RudRQnWkGi4JHdZR49O._gc1&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 8e02338960bfce38bb7402a175b3663815efd7a822da5b7db8769dfa0d92250e

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:22 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 121

GET
DATA 200
OK truncated
/ Frame 16C3 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 2DBF 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 557370c6-dc52-4516-a1a7-2afb4e72c87c
https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/ Frame 2DBF 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/557370c6-dc52-4516-a1a7-2afb4e72c87c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK ca7c0ee1-6149-4ba0-8237-f48c5d018525
https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/ Frame 2DBF 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/ca7c0ee1-6149-4ba0-8237-f48c5d018525
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DBF 0
20 B 100ms
99ms Ping
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3995387408601&version=m202309260101&ct=77&x=1&cor=12022758857968058000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Jan 2024 15:18:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 2DBF 6 KB
6 KB 268ms
66ms Image
image/png 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 15:18:22 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-FT-Origin: us
X-Varnish: 977502517 975897158
Content-Type: image/png
Cache-Control: max-age=607
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Thu, 11 Jan 2024 15:28:29 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 2DBF 1 B
320 B 140ms
139ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=kqyzivYfHxHoHnbdMHrsvlbGwBiXRQdc-FE7fPshldVTrKD8a3XLJFUzJPA==-E03BOMRka1rhNw==&pm_ct=5415dedcc21ddc339782c775&pm_pl=1704986301619&pm_td=829&pid=1000925&en=1.1&callback=__pm_glbl_E2gs1RudRQnWkGi4JHdZR49O._gc2&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
Date: Thu, 11 Jan 2024 15:18:22 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
BLOB 200
OK ad4bda1f-fbbb-48ad-b51f-7bb6c374b0a2
https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/ Frame 2DBF 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/ad4bda1f-fbbb-48ad-b51f-7bb6c374b0a2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H/1.1 200
OK Adobe_Review_300x250_atlas_1.png
cdn.flashtalking.com/116264/4450760/images/ Frame 1F6E 46 KB
47 KB 91ms
90ms Image
image/png 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/116264/4450760/images/Adobe_Review_300x250_atlas_1.png?1693241679094
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 6a82ea712e3b091a607f4010cd340a9a47410c8eb4d80bd7b609dc5f0c71668d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.flashtalking.com/116264/4450760/Adobe_Review_300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 15:18:22 GMT
X-FT-Origin: us
Connection: keep-alive
Content-Length: 47491
Last-Modified: Mon, 11 Sep 2023 19:25:45 GMT
Server: Flashtalking (AKA)
ETag: W/"c4a82d70ca521f057dd022dc8f671806"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=790
X-Varnish: 32929854 31505832
Accept-Ranges: bytes
Expires: Thu, 11 Jan 2024 15:31:32 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 2DBF 1 B
320 B 69ms
69ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=kqyzivYfHxHoHnbdMHrsvlbGwBiXRQdc-FE7fPshldVTrKD8a3XLJFUzJPA==-E03BOMRka1rhNw==&pm_ct=5415dedcc21ddc339782c775&pm_pl=1704986301619&pm_td=1083&pid=1000925&en=1.1&callback=__pm_glbl_E2gs1RudRQnWkGi4JHdZR49O._gc3&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
Date: Thu, 11 Jan 2024 15:18:22 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 2DBF 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 2DBF 1 B
320 B 70ms
69ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=kqyzivYfHxHoHnbdMHrsvlbGwBiXRQdc-FE7fPshldVTrKD8a3XLJFUzJPA==-E03BOMRka1rhNw==&pm_ct=5415dedcc21ddc339782c775&pm_pl=1704986301619&pm_td=1157&pid=1000925&en=1.1&callback=__pm_glbl_E2gs1RudRQnWkGi4JHdZR49O._gc4&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
Date: Thu, 11 Jan 2024 15:18:22 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 2DBF 1 B
320 B 73ms
72ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=kqyzivYfHxHoHnbdMHrsvlbGwBiXRQdc-FE7fPshldVTrKD8a3XLJFUzJPA==-E03BOMRka1rhNw==&pm_ct=5415dedcc21ddc339782c775&pm_pl=1704986301619&pm_td=1360&pid=1000925&en=1.1&callback=__pm_glbl_E2gs1RudRQnWkGi4JHdZR49O._gc5&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
Date: Thu, 11 Jan 2024 15:18:23 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 2DBF 1 B
377 B 64ms
63ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7892167;4450760;0-307-0-0-18283728
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:23 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Thu, 11 Jan 2024 15:18:23 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7892167;4450760;0;202;5523FF06-8979-D1A9-1350-9D780AD552C0/ Frame 2DBF 0
66 B 61ms
58ms Image
text/plain 18.214.86.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7892167;4450760;0;202;5523FF06-8979-D1A9-1350-9D780AD552C0/?cachebuster=568643201
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.86.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-86-156.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 15:18:23 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame 2DBF 1 B
320 B 70ms
70ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=kqyzivYfHxHoHnbdMHrsvlbGwBiXRQdc-FE7fPshldVTrKD8a3XLJFUzJPA==-E03BOMRka1rhNw==&pm_ct=5415dedcc21ddc339782c775&pm_pl=1704986301619&pm_td=1866&pid=1000925&en=1.1&callback=__pm_glbl_E2gs1RudRQnWkGi4JHdZR49O._gc6&tt=g&v=68d29ed
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
Date: Thu, 11 Jan 2024 15:18:23 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame 2DBF 1 B
377 B 64ms
63ms Image
text/plain 23.56.162.52
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7892167;4450760;0-310-0-0-424898740-50x0x1x0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.56.162.52 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-56-162-52.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.216 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Jan 2024 15:18:27 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Thu, 11 Jan 2024 15:18:27 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gameyas.com/	1970-01-21 03:12:26	Name: _ga Value: GA1.1.2086853310.1704986298
.gameyas.com/	1970-01-21 02:58:02	Name: __gads Value: ID=954c0b1838c4d478:T=1704986298:RT=1704986298:S=ALNI_MaBpNysqU4IvF8DeVoUApGm8QM5-g
.gameyas.com/	1970-01-21 02:58:02	Name: __gpi Value: UID=00000a072640a126:T=1704986298:RT=1704986298:S=ALNI_MbBJ8t7hszw-N34OAallPtyNJdqng
.gameyas.com/	1970-01-21 03:12:26	Name: _ga_C3W7T6H5QW Value: GS1.1.1704986298.1.0.1704986299.59.0.0
.doubleclick.net/	1970-01-21 03:12:26	Name: IDE Value: AHWqTUm1Q8eiGhAoQGOLKlR3qyTCOBetOkWe_VIy931h8mf6ItPMeQ90ClDYeEEEjKE
.doubleclick.net/	1970-01-20 21:55:38	Name: APC Value: AfxxVi7Q0Bt9Z7Q_exn4bG3gVzttAoeeIf3UhMXNg9vkXMzIXHaUpw
.casalemedia.com/	1970-01-20 19:46:02	Name: CMPS Value: 2695
.doubleclick.net/	1970-01-20 18:19:38	Name: ar_debug Value: 1
.flashtalking.com/	1970-01-21 03:05:50	Name: flashtalkingad1 Value: "GUID=58546894C465EE"
.adnxs.com/	1970-01-20 19:46:02	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Il`@q9P4!@wnfH8K6pQK`!5=E<*L5?%K5mt-K[e:'e@k0EFy7lzzY/k:WgAc^%Hdhjw+P(hw9P-HC_#tu/X)s%(c
.casalemedia.com/	1970-01-21 02:22:02	Name: CMID Value: ZaAGvHszmwuc-bSFoHquFAAA
.casalemedia.com/	1970-01-20 19:46:02	Name: CMPRO Value: 1605
.adnxs.com/	1970-01-21 03:12:26	Name: XANDR_PANID Value: d3jBd74j3GbswBy_rmazsi9NmvehCaoYOtaro_R2PK4Jiwrd2nKe5NV0wsq_1TCrXSgrDdv8K1FVc9q1HmZJMMbHNYI-d5nw6g-lYlW1V5o.
.adnxs.com/	1970-01-20 19:46:02	Name: uuid2 Value: 4741643161857866881
.flashtalking.com/	1970-01-21 02:22:02	Name: _D9J Value: 76628b4e382d4627a0942c2d3034d165

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000925&tt=g&tid=13539&l1=225291&l2=DV360&l3=7892167&l4=4450760&l5=1&l6=1&utid=5523FF06-8979-D1A9-1350-9D780AD552C0&creative_type=display&adid=ftdiv7892167&pub_app=&pub_domain=https://novza510.gameyas.com/&uid=&cb=568760.5080842839&pub_ts=1704916096&371687203(Line 1) Message: Failed to create WebGPU Context Provider

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

03c5d37d76c653595a45ae9cfb9641eb.safeframe.googlesyndication.com
ad-events.flashtalking.com
ad.doubleclick.net
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
analytics.google.com
cdn.flashtalking.com
cm.g.doubleclick.net
code.createjs.com
d9.flashtalking.com
data.ad-score.com
data00.adlooxtracking.com
dsum-sec.casalemedia.com
fonts.googleapis.com
googleads.g.doubleclick.net
ib.adnxs.com
js.ad-score.com
novza510.gameyas.com
p.adlooxtracking.com
pagead2.googlesyndication.com
s0.2mdn.net
secure.flashtalking.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
stat.flashtalking.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.36.155
13.35.93.38
130.211.115.4
142.250.80.38
142.251.40.162
18.214.86.156
184.29.161.102
2001:4860:4802:38::181
23.196.3.203
23.56.162.52
2600:141b:1c00:30::1739:5a6c
2600:9000:261f:3200:a:deb0:3380:93a1
2606:4700:3032::ac43:a36a
2607:f8b0:4004:c06::9b
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80c::2004
2607:f8b0:4006:80e::2008
2607:f8b0:4006:81e::2006
2607:f8b0:4006:81f::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2002
34.107.231.31
35.241.31.249
54.226.129.254
68.67.181.211
00238c9318ec92f80fbf629fe4f3c37fce79d3c5558fd004db8b7a3b2c8bd684
007b1a4bc0859b24e4d74058061d7b85fe498fe2b6858cebca0630f37841e620
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
050e8da78e197f6c4bb8b51ae19ca42e5251a7bd1d7bb6c25c9b8e596fb915d6
05f86db2d333fc3941ed3beb5cc92d8d203494b4dc154a3fe4ad4e57a13fceb9
06aaa24dba99c32cd0462ea535e10efc9d4ea2463c48b6196501a00236e45661
071cab417f05b84dd145be81b598aaa84d329e9ff3949bda495eebb4322c3e04
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d35c9801629eaa1f4b339877bcb034072e08d78bde788ac29826aca4cc4301c
0dbef800d089d64288d3b2de392136ee35704187a33531dd4aa1f75def65ced3
0f9027e9e96d7901aa1dc1863bfffaa17a3458120fea0c5a9065489c16bc06c5
10707c1987c2d6abacf5140d5c82d73f302fd8dcd1091bb2c6f1f30ebe7b321e
14e2795f369cecf180f9dbf8b23efca08f6411705fe6dc601ade1d8d7b952b02
16d4eef115ac19e6f244a4603305b325293488c8553e2c0e706b3fe41d23c709
16fb763ecc006b16edbcade5cc7c819c3a23f9b7886dc0af2940e73f28350263
1950bc4aad12d33b806d66ae99b4bfdb668967e0e41a89fab21f832072b2400d
2305f69e97084873f56302e6bf59d50b8b760b76a46103e1f220ac3d1b584004
2841573e524fdb7cb94e9ec57639e8290279c1748e3388ba2454fc78a0b3cb81
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f1bd200dcb1a81e6e3cd54903763d2b70fc90a6ce0d528f01c94f104f8a1fc7
2feb6be9bb9eaa0e5c1c8222e0bb4ce3d585f5015248238b44bba8ac346a1eee
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
333c29e8bc3e1ab7b66e03bec3f64469da990700b9ace77b36c0f37f2f3b30b5
34fa2245efce0dd75f2ea479d898cd980b01d6fbfd71250ce7eb29e662bdeb3f
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3fe6546296a0a64c38f102a952b0e3d2cef6f8b99dc4f162dbb2b8baad21b190
41313da2f7f2db37c6f96892e6d0052bce5c5d6bdb495187f0f3f5efa19fcf0e
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44e241ce90c3acc1b9824b52e3d94117171e397973eb88033d23e124a0326a52
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
491637f454de65ffa3d5291c72235930711c8d34b4da72ed8322536fed315d84
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ea92029939d4a73b0d11a4a46a0a73f2aef168e8452846244be498b18e000d7
5375a418ebcdbee43b197ff2ce4a67e609fad7cd676938a79838042ffd7524c8
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583c9ca964cb867154a55b119bd9a947e77a90fa131b7e3f8a5ba6a4bf4f160f
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
6133577aee8bea9e518571972d3a178078ede55b99c35cb5c2fb11bc71da49de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
68176a7eafebc3055efc326f5ed34621439d43ce6ad67f50e79b5a8c4fa2f6fd
6a82ea712e3b091a607f4010cd340a9a47410c8eb4d80bd7b609dc5f0c71668d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c02883d2f59bec4019879f8410432ce645d292aabafdb7f9bb2b0735a7d80d1
6d466c0eb94581bb1c2d458c83a977dcab9e2e64b572e7c3ecd0dcec4cdb182a
709552f1b806acca316a3becc2d12679f2a20822957f2c0310077008146d8bd5
73b5ec2f7f5bdfa7c1dd0645de8566c7138adddb73f3480617271409aa12dae7
7402bd513ccb678c77b86d239fbd2c2fe052cd89d869a9ff1ffa858d1a16346a
7961bb8a423a8e45b19bc46ed7910b0b214caca4cd07af2ba9ad3cd28477f544
7979e494de51915479899d53817e2747ce90736b02da27f214bd08c3be060b1f
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7bf3313e29df4eee15cec39aae8f7f9f94684347075b42a7419bb9d3493a127e
7ee3d6c22a1ac96642221970f7c6f443392736e2540c5e877bce002bec36ea66
7f7c559833b16788d4404407462ad6f123b5ed75bc21ca908a88d56a6751d466
819c5fc60fdde0655e0790e931f1e635d133e0b5ded58a324fbd8b509adcf6d8
857bb4f81472f2fb56bff33802935b17c2a6522d9adb6b91d0d4cf587767e086
8c200e10d9f2b4e1dca01e31ff0e58a2e3c984975061ed200360d04b5fc8c54b
8e02338960bfce38bb7402a175b3663815efd7a822da5b7db8769dfa0d92250e
8ec2054954eb5df4e120fcc8090fffb3c11277501ff0cb02fe0670e1262791ca
923b9fdf5e2d0012e7c783dea7a5a91ebc46b0eb5c46cb7de415ada937eb63cd
96510de80358e213c6df93b510bc66a3e7efe088de14f65c9d70098519898caa
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9dfbb8e1be036059aea6dd87bdbefa7ecada3617fb3f404ba4647ebbbf8160b1
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a35bbd5a4d59bd4a3d9c62690ed4f052c945f4a51e1501703a2ef2dbbdec9963
a842e9976b2a872112215b3ed7f6fe2584290ee1a3c5f0b5daf544c7501ec940
af648c3dc087d065aa888d0f01b19faf0343bcd3093244e29476914e73e540ed
b016c02d9d824d06113ee7b6de6ad1f63a2355a67232478dcfc43897890efac2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
c211e8775861eb70a495edc9b39d509002676809a57ed8090817e78f764b57fe
c28210cdceff39dc578c45b25844acd15b1dcbe2bb526a21812dc781ca6b06bf
c2c185a5aa56abbed75d542012a29d58c92ffd97be4299e1f5428fffce134135
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c8e4c9da3be8b3b8f482e62381312cf8a6a02a19bbb08957ec2fa304e79dc8bd
ca5c6a525813e0a61282b95d60110dc8eae2d46db789d0377b610017a35dcf50
cfe122998b63668fd4e45beccf9bd45418c364992ca7632e4ea030a81b79589e
d254ff85989551d19e8d7a2160f4896653c0e7ae2e5b286be6f88c70355e956d
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d569e8e13ae9ae1af8bc6f48f015a258e330c5d01a2679c61c3a78e5f5fed5d3
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d9390855c5ff640774053011d25915f36af8f918724a799548839dbce7a91255
db13f496a6a9c98239d48dc2eedf4cf905b2c4e9c1995b99d00a00bbe49d5ac9
db5af5814aadd9fdb39884c5bbf644590aa68129fc12ace71f420fa84d4fd548
db5dc24d84a10e561f3f80c8ee619d61cd09ca7961f0c570228b79218089b737
dc1a4ecd05aa651ae718615ecaddc38988cfa43e8b2712f0e660d2bb62128243
ddf41c228260b6c62a3ec30120f84a2f81391bd1847dc55789f3b13c89c8755e
df9c315005d6e5b100fa0edf68a91738219b4228dfa6f8bf91d5377e8de1877b
e2f6686b3b8831bde352e4c25ce585f362fce2a631474ca568a31762e12b5be6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e5118140a15e5dbb471f19c06816bcfa44170878bd8fe0ade80c24b7a988d8ba
e7579180b68c71e444cd6dea3db5ad03f9e3ba9f674b1a045810287aa9a5065e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
eebd12398a1a948b123d1e9f18fe8fa56f6ebb6bccfa5c8a6f22c3cc79594b49
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f418727d3fc0d69b39fe0b7e34dd6cf15ea9f2bcc2e5737b5a2962e130f66d4c
f49ad2465be0d60e5ca21854bab732fe58c9b9241a0d9b4523d61a5ca95b7de7
f5ae4ffcd2ccec86bb700f620571c2f53474183f97a3879af125935dc2afd40e
f6af7184b3f203ac034c549831eafe5fb5783d471484f28068910c8390a150d6
f83708a6e1fb7c94eec7de755be78c077d883f9420f81844df48ed1d94e10497

novza510.gameyas.com Open in urlscan Pro 2606:4700:3032::ac43:a36a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

144 Requests

92 %HTTPS

52 %IPv6

15 Domains

30 Subdomains

28 IPs

2 Countries

3812 kBTransfer

6418 kBSize

15 Cookies

0 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

novza510.gameyas.com Open in urlscan Pro
2606:4700:3032::ac43:a36a Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

92 %
HTTPS

52 %
IPv6

15
Domains

30
Subdomains

28
IPs

2
Countries

3812 kB
Transfer

6418 kB
Size

15
Cookies

144 HTTP transactions
5 data transactions