of.zanzatoys.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://of.zanzatoys.com/
Submission: On June 28 via api (June 28th 2024, 4:31:41 am UTC) from US — Scanned from NL

Summary HTTP 153 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 54 IPs in 7 countries across 39 domains to perform 153 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is of.zanzatoys.com.
TLS certificate: Issued by GTS CA 1P5 on May 14th 2024. Valid for: 3 months.

This is the only time of.zanzatoys.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
64	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:264... 2600:9000:2646:a000:18:1fcd:354:4b41	16509 (AMAZON-02) (AMAZON-02)
1	174.138.117.212 174.138.117.212	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:fd7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	18.66.112.4 18.66.112.4	16509 (AMAZON-02) (AMAZON-02)
3	13.32.27.39 13.32.27.39	16509 (AMAZON-02) (AMAZON-02)
1	151.101.129.91 151.101.129.91	54113 (FASTLY) (FASTLY)
7	104.18.25.111 104.18.25.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	18.244.18.38 18.244.18.38	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	199.232.192.134 199.232.192.134	54113 (FASTLY) (FASTLY)
1	2a04:4e42:400... 2a04:4e42:400::714	54113 (FASTLY) (FASTLY)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:215... 2600:9000:2156:a00:c:9327:ccc0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	142.250.185.195 142.250.185.195	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:ba1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	3.161.82.30 3.161.82.30	16509 (AMAZON-02) (AMAZON-02)
3	13.224.186.120 13.224.186.120	16509 (AMAZON-02) (AMAZON-02)
1	2400:52e0:1a0... 2400:52e0:1a00::1067:1	200325 (BUNNYCDN) (BUNNYCDN)
2	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
3	34.194.164.15 34.194.164.15	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:215... 2600:9000:2156:1600:c:9327:ccc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.36 216.58.206.36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:2251:bc00:15:c08e:ec40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.69 18.66.122.69	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:4c00:1f:d766:dd80:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:800:3:c079:7fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	3.33.163.81 3.33.163.81	16509 (AMAZON-02) (AMAZON-02)
1	79.127.227.46 79.127.227.46	60068 (CDN77 _) (CDN77 _)
1	52.209.249.92 52.209.249.92	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:10:... 2606:4700:10::ac43:293c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.58.206.70 216.58.206.70	15169 (GOOGLE) (GOOGLE)
2	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
1	2600:9000:223... 2600:9000:223f:1000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.30 99.86.4.30	16509 (AMAZON-02) (AMAZON-02)
1	108.138.8.164 108.138.8.164	16509 (AMAZON-02) (AMAZON-02)
1	34.195.163.189 34.195.163.189	14618 (AMAZON-AES) (AMAZON-AES)
1	23.197.10.19 23.197.10.19	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.235.152.162 54.235.152.162	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:1331	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.5.10.193 3.5.10.193	14618 (AMAZON-AES) (AMAZON-AES)
153	54

64 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

of.zanzatoys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geoip.gamurs.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2646:a000:18:1fcd:354:4b41 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.138.117.212 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

geniuslinkcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:fd7 (United States)

ASN13335 (CLOUDFLARENET, US)

gamurs.group	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-4.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-39.fra56.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.25.111 (None, )

ASN13335 (CLOUDFLARENET, US)

rockagainst.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.244.18.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-38.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 199.232.192.134 (United States)

ASN54113 (FASTLY, US)

themarysue.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:a00:c:9327:ccc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

silo48.p7cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:ba1f (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-30.fra56.r.cloudfront.net

p.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.186.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-120.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1067:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

cdn.pbxai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.growthbook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.194.164.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-164-15.compute-1.amazonaws.com

p2.gcprivacy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1600:c:9327:ccc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

silo48.p7cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.36 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:bc00:15:c08e:ec40:93a1 (United States)

ASN16509 (AMAZON-02, US)

ua.p7cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-69.fra60.r.cloudfront.net

location.p7cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:4c00:1f:d766:dd80:21 (United States)

ASN16509 (AMAZON-02, US)

d2tbszkvx1p56e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:800:3:c079:7fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

lal.p7cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.163.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: a938864f9581ea3da.awsglobalaccelerator.com

aggle.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.127.227.46 (Amsterdam, Netherlands)

ASN60068 (CDN77 _, GB)
PTR: unn-79-127-227-46.datapacket.com

id.a-mx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.209.249.92 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-249-92.eu-west-1.compute.amazonaws.com

id.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:293c (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.70 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.198 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:1000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-30.fra6.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.8.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-8-164.fra56.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.195.163.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-163-189.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.10.19 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-10-19.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.235.152.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-152-162.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1331 (United States)

ASN13335 (CLOUDFLARENET, US)

images.getadmiral.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.10.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	zanzatoys.com of.zanzatoys.com	1 MB
7	rockagainst.com rockagainst.com — Cisco Umbrella Rank: 515785	278 KB
7	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 5290 r.skimresources.com — Cisco Umbrella Rank: 5116 t.skimresources.com — Cisco Umbrella Rank: 5384 p.skimresources.com — Cisco Umbrella Rank: 6823	22 KB
6	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235 ad.doubleclick.net — Cisco Umbrella Rank: 164	176 KB
5	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 357 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 746 aax.amazon-adsystem.com — Cisco Umbrella Rank: 494	82 KB
5	p7cloud.net silo48.p7cloud.net — Cisco Umbrella Rank: 98522 ua.p7cloud.net — Cisco Umbrella Rank: 38541 location.p7cloud.net — Cisco Umbrella Rank: 38508 lal.p7cloud.net — Cisco Umbrella Rank: 56386	41 KB
4	gcprivacy.com p.gcprivacy.com — Cisco Umbrella Rank: 22916 p2.gcprivacy.com — Cisco Umbrella Rank: 19511	19 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137	227 KB
3	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	63 B
3	disqus.com themarysue.disqus.com — Cisco Umbrella Rank: 568783	4 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 188	3 KB
3	htlbid.com htlbid.com — Cisco Umbrella Rank: 9091	145 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	265 KB
3	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1688 mab.chartbeat.com — Cisco Umbrella Rank: 2945	26 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 4352	128 B
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11706	1 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1092	1 KB
2	btloader.com btloader.com — Cisco Umbrella Rank: 1087 api.btloader.com — Cisco Umbrella Rank: 1198	19 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 279	2 KB
2	aggle.net aggle.net — Cisco Umbrella Rank: 16969	1 KB
2	growthbook.io cdn.growthbook.io — Cisco Umbrella Rank: 9910	3 KB
2	google.de www.google.de — Cisco Umbrella Rank: 8088	126 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	89 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3745 pixel.wp.com — Cisco Umbrella Rank: 3684	3 KB
1	amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 11040	460 B
1	getadmiral.com images.getadmiral.com — Cisco Umbrella Rank: 33051	2 KB
1	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1368	17 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1451	201 B
1	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 758	482 B
1	crwdcntrl.net id.crwdcntrl.net — Cisco Umbrella Rank: 3065	318 B
1	a-mx.com id.a-mx.com — Cisco Umbrella Rank: 1713	269 B
1	cloudfront.net d2tbszkvx1p56e.cloudfront.net	279 B
1	pbxai.com cdn.pbxai.com — Cisco Umbrella Rank: 11101	867 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	22 KB
1	workers.dev geoip.gamurs.workers.dev — Cisco Umbrella Rank: 111371	593 B
1	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4752	56 KB
1	gamurs.group gamurs.group — Cisco Umbrella Rank: 113603	2 KB
1	geniuslinkcdn.com geniuslinkcdn.com — Cisco Umbrella Rank: 91575	2 KB
153	39

	Domain	Requested by
63	of.zanzatoys.com	of.zanzatoys.com
7	rockagainst.com	of.zanzatoys.com rockagainst.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com of.zanzatoys.com
4	pagead2.googlesyndication.com	of.zanzatoys.com pagead2.googlesyndication.com
3	p2.gcprivacy.com	p.gcprivacy.com of.zanzatoys.com htlbid.com
3	c.amazon-adsystem.com	htlbid.com c.amazon-adsystem.com
3	securepubads.g.doubleclick.net	htlbid.com securepubads.g.doubleclick.net
3	themarysue.disqus.com	of.zanzatoys.com themarysue.disqus.com
3	sb.scorecardresearch.com	1 redirects of.zanzatoys.com
3	htlbid.com	of.zanzatoys.com htlbid.com
3	www.googletagmanager.com	of.zanzatoys.com www.googletagmanager.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	counter.yadro.ru	1 redirects of.zanzatoys.com
2	p.skimresources.com	of.zanzatoys.com
2	t.skimresources.com	of.zanzatoys.com s.skimresources.com
2	r.skimresources.com	s.skimresources.com
2	ad-delivery.net	of.zanzatoys.com
2	ib.adnxs.com	2 redirects
2	aggle.net	p.gcprivacy.com aggle.net
2	cdn.growthbook.io	cdn.jsdelivr.net of.zanzatoys.com
2	www.google.de	of.zanzatoys.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	silo48.p7cloud.net	of.zanzatoys.com silo48.p7cloud.net
2	connect.facebook.net	of.zanzatoys.com connect.facebook.net
2	static.chartbeat.com	of.zanzatoys.com
1	ams-pageview-public.s3.amazonaws.com
1	images.getadmiral.com
1	secure.cdn.fastclick.net	of.zanzatoys.com
1	ping.chartbeat.net	of.zanzatoys.com
1	aax.amazon-adsystem.com	c.amazon-adsystem.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	static.adsafeprotected.com	of.zanzatoys.com
1	ad.doubleclick.net	of.zanzatoys.com
1	api.btloader.com	btloader.com
1	btloader.com	htlbid.com
1	id.crwdcntrl.net	p.gcprivacy.com
1	id.a-mx.com	p.gcprivacy.com
1	lal.p7cloud.net	silo48.p7cloud.net
1	d2tbszkvx1p56e.cloudfront.net	silo48.p7cloud.net
1	location.p7cloud.net	silo48.p7cloud.net
1	ua.p7cloud.net	silo48.p7cloud.net
1	www.google.com	of.zanzatoys.com
1	cdn.pbxai.com	htlbid.com
1	p.gcprivacy.com	htlbid.com
1	cdn.jsdelivr.net	www.googletagmanager.com
1	geoip.gamurs.workers.dev	of.zanzatoys.com
1	mab.chartbeat.com	static.chartbeat.com
1	pixel.wp.com	of.zanzatoys.com
1	s.skimresources.com	of.zanzatoys.com
1	cdn.p-n.io	of.zanzatoys.com
1	stats.wp.com	of.zanzatoys.com
1	gamurs.group	of.zanzatoys.com
1	geniuslinkcdn.com	of.zanzatoys.com
153	54

This site contains links to these domains. Also see Links.

Domain
themarysue.myspreadshop.com
twitter.com
facebook.com
www.instagram.com
www.youtube.com
www.surveymonkey.com
www.liveinternet.ru
getadmiral.com

Subject Issuer	Validity	Valid
zanzatoys.com GTS CA 1P5	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2024-05-15` - `2025-06-06`	a year	crt.sh
geniuslinkcdn.com R3	`2024-04-30` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
gamurs.group GTS CA 1P5	`2024-05-01` - `2024-07-30`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2023-11-28` - `2024-12-28`	a year	crt.sh
pushlycdn.com Amazon RSA 2048 M03	`2023-12-16` - `2025-01-12`	a year	crt.sh
htlbid.com Amazon RSA 2048 M01	`2023-09-21` - `2024-10-18`	a year	crt.sh
*.skimresources.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-09` - `2025-05-11`	a year	crt.sh
rockagainst.com E1	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-06` - `2024-07-05`	3 months	crt.sh
*.disqus.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-16` - `2025-04-16`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-11` - `2024-12-10`	a year	crt.sh
gamurs.workers.dev E1	`2024-06-05` - `2024-09-03`	3 months	crt.sh
*.p7cloud.net Amazon RSA 2048 M02	`2023-11-11` - `2024-12-09`	a year	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.jsdelivr.net Sectigo RSA Domain Validation Secure Server CA	`2024-05-04` - `2025-05-04`	a year	crt.sh
*.gcprivacy.com Amazon RSA 2048 M03	`2023-11-03` - `2024-12-01`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh
cdn.pbxai.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
cdn.growthbook.io R3	`2024-05-27` - `2024-08-25`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
aggle.net Amazon RSA 2048 M01	`2023-07-30` - `2024-08-27`	a year	crt.sh
id.a-mx.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-12` - `2024-11-10`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M02	`2023-10-08` - `2024-11-06`	a year	crt.sh
btloader.com WE1	`2024-06-12` - `2024-09-10`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2024-06-04` - `2024-09-02`	3 months	crt.sh
ad-delivery.net GTS CA 1P5	`2024-05-17` - `2024-08-15`	3 months	crt.sh
*.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
skimresources.com WR3	`2024-05-22` - `2024-08-20`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
alt1-3ps.amazon-adsystem.com Amazon RSA 2048 M03	`2024-03-29` - `2025-04-28`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
secure.cdn.fastclick.net DigiCert TLS RSA SHA256 2020 CA1	`2023-10-03` - `2024-10-03`	a year	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2023-11-27` - `2024-12-25`	a year	crt.sh
getadmiral.com WE1	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://of.zanzatoys.com/
Frame ID: C88BCC6DD061E646183D820F91916A59
Requests: 151 HTTP requests in this frame

Frame: https://silo48.p7cloud.net/if.html?gdpr=true&gdprConsent=false&tpd=true&md=false
Frame ID: A30C1601FFCCF575A9EE371084BF2C3A
Requests: 1 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.25370412022328814
Frame ID: 376CF4784E59D292CCEAC9D394BA938C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Mary Sue - The Nexus of Pop Culture and the Uncharted Universe

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

153
Requests

98 %
HTTPS

35 %
IPv6

39
Domains

54
Subdomains

54
IPs

7
Countries

3063 kB
Transfer

8430 kB
Size

21
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://themarysue.myspreadshop.com/
Title: Store

Search URL Search Domain Scan URL

URL: https://twitter.com/TheMarySue
Title: twitter

Search URL Search Domain Scan URL

URL: https://facebook.com/TheMarySue
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/themarysue/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheMarySueTube
Title: youtube

Search URL Search Domain Scan URL

URL: https://www.surveymonkey.com/r/7XSDNLM
Title: Have feedback?

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

URL: https://getadmiral.com/pb/?utm_source=of.zanzatoys.com&utm_medium=pb&session=5-64bc901a9d13eaf0a671768a6fa24d5c-6763652d6575726f70652d7765737431-0
Title: Powered By

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://sb.scorecardresearch.com/cs/36750692/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 115

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fpid%3D6CP1D%26id%3D%24UID%26gcid%3Db4cf7811-74de-4796-ab7a-5de3f5f1bbf7 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fpid%253D6CP1D%2526id%253D%2524UID%2526gcid%253Db4cf7811-74de-4796-ab7a-5de3f5f1bbf7 HTTP 302
https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=6621001029539184917&gcid=b4cf7811-74de-4796-ab7a-5de3f5f1bbf7

Request Chain 128

https://counter.yadro.ru/hit?t43.6;r;s1600*1200*24;uhttps%3A//of.zanzatoys.com/;hThe%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe;0.769662330862477 HTTP 302
https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//of.zanzatoys.com/;hThe%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe;0.769662330862477

153 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
of.zanzatoys.com/ 826 KB
74 KB 501ms
258ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2abea24f77da0c7ba1026892f9407e9f9d6d5b6d3debb74f7f9290d932084f6

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=14400
cf-cache-status: DYNAMIC
cf-ray: 89aaf29899b63825-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 28 Jun 2024 04:31:30 GMT
expires: Fri, 28 Jun 2024 08:31:30 GMT
last-modified: Fri, 28 Jun 2024 04:28:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CO5PMMZYqOqLveC6xOojcgU%2BZWcTqzVAjSj6bQrM8UORqHz8S%2BkbrkHxGrgtEG1hKvKM3pPQFR8DcSNYY3VJPPwgzQFTJ1Ik8bK%2BBQPkoo9y8S1jVylZvmj%2BL2438y1MvaPJ"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/article-group/ 21 KB
3 KB 182ms
182ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/article-group/style-index.css?ver=1.0.4
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0177977f6c04fde0e1b1a2e4563af5e23ced99dae42ac782b018d3e6afd011c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 29 Apr 2024 05:18:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DSUIk4q7Ge%2BumvwvmKKuQ3Nhc9BBwFevkd4LBckDwV7meC1od80nY4V8nHlGvVZhfGKX%2BBQdb4LTuC%2FEO8SMgcVyfZb47FNrckWHKBcUd9ehYuFONHo8qbHpTPEjzleJnZz7"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89aaf29aeb7e3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/article-tile/ 158 KB
8 KB 171ms
171ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/article-tile/style-index.css?ver=1.2.0
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcfbd8b6d64e28a3c8c8e84ee7e9d16b3f2b03b295cbc9ca3db706eb486bfc9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 11:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s9W3zg1%2BpFu6dpIGlzCLv6WWFxY6annB21YQ7McMqRW3YQfhSKPOsJ8o0WP%2F04c4olAfVDg56tfZSTlUi%2FLZeEb3BYqI3w%2FSmhTweAx3ZRGLXSEMkTLNePxF%2B%2FDqLpK3UUlO"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29aeb823825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/button/ 43 KB
3 KB 273ms
273ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/button/style-index.css?ver=1.0.2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e375c5bad3043c1d93f186930429a2dd09c161a56b5950a8d1dd1c9e7119d53

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 05 Apr 2024 02:55:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hGiXEMkf%2BD0TNzIqjeB7d6WnCqplixzGgC8ZuCEOdULo1Q95gW4WEX9peIbpx1Im%2FCA1T47ZBR1cImjjnkyqq0iLno1NOHG%2FV0TILfZJ%2BMwfRIUTlg5Bay5%2BF0OcYuzP7kbD"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29aeb853825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/container/ 14 KB
2 KB 190ms
190ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/container/style-index.css?ver=1.0.4
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b68ec9bad5a391aa2f2f8a07fe101a5feddb9763d14f9d33b0ffc25df1580c00

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 11:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxgNBtWdnxQaZsJIOIdxd1ubeQgwt8h2z1TgXGNy0u9SX7a1DbIvKov%2Fo5SbraDBMgf122GCLMJkrV0akTGSZ0jaExvROgbM9LNvzLmjG5ZFfgInNOTuymVR0r8QtnJeDlqy"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29aeb883825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/header-nav/ 88 KB
6 KB 159ms
159ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/header-nav/style-index.css?ver=1.2.2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffded7c4b5b0b7e1f7c65fd9d4db4f06eebbaabb76d5933ea9fb7143ad5fbc86

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 22:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6CMCftA%2FtWix9e%2F%2FpdqroG34kni6gmPRHdgEeeFvqS0MTh8uqWyDhQwJlqO5bUtHz5xDhzj6e6lkSr5ZIfdpgCsZwhVqtYJX4KbENLgwgtyFeTh%2B6vPk7Wi6G4DBYnSdTOp"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29aeb893825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/term-chips/ 45 KB
2 KB 187ms
187ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/term-chips/style-index.css?ver=0.1.0
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 019e19c3cb14b6890cf172fede4df2bf33c2a2665d23561fc6be123d892f9bf7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 11 Mar 2024 03:54:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WVUmrWY%2Fh70Jg%2Fzozsv2ZFIZBzU9MoZrDZjEA5PA4dbDezAsc2areoqWcHZUsHhkKfaPnWjJgJUgxR15PKW55yiJol%2FEU70PUEm03gDvBUQpYZ65DuEFMoQ2FHJ4l1oL9Z0%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29aeb8a3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/css/ 35 KB
4 KB 186ms
185ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/css/style.css?ver=2024-06-13
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13be243bfdcaa0107ec106fcdc2ba8ad4034924330ed5560905b69590814d147

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 31 May 2024 00:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fe0uiQYB2rtQOwqWYcnroWjD9f4Mm6eFP0XL02d5KCfLBAD6a3g24RfeAfrFaSQ1WSaNXB0Kk9Q%2Fgcx3KrQshz6Ts%2BvDpEsDE66BDrm%2BjC9cfNJlNV0cTt2liyiqCQGq0n7I"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29aeb8c3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 article-group-load-more.js Show response
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/js/build/ 3 KB
1 KB 184ms
177ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/js/build/article-group-load-more.js?ver=2023-11-09
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 441165d1f045944c11861a3780a72786fbe8c8b93ff349b7a980d2dd22a111ec

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 19 Dec 2023 09:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=swa3%2FxhRCg%2BelaTPBmAfhuQzD3YIEiCvtZ4TYfLcbxroxngX34X2irYSAaLsWBZvdP9r27y2LH4VIZ1MCMl9gXPjcJCqmUDRYpfZWyIj4VLv239ObIb%2FOJSg7EZzyG4ZNmlI"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89aaf29ccd2f3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 jquery.min.js Show response
of.zanzatoys.com/wp-includes/js/jquery/ 86 KB
31 KB 220ms
220ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 17:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HTtVElI05TaUsPDtM%2BFAnL1hMhCwt7lwyWIuWTvA5%2B5Ers%2FG0ogSsh93UFwTPVOgC7bFK6DlRdwWTH1azUX80PTaOSiVKjcau7%2BA3rUPm8R39CIzzHG6hf%2F414cpu8anWQJv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 89aaf29aeb8d3825-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 jquery-migrate.min.js Show response
of.zanzatoys.com/wp-includes/js/jquery/ 13 KB
5 KB 141ms
141ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 17:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=82qbqBYchCXoR4NhXHLAe07KWzuOEAcyUn7Z3yEFjPNC%2B%2BhJKthr%2FTF5o9dLfdPY%2FYzXYKckPimtsKX1%2F0YiwVja8s8A71niLqSPl%2Ftmns14ghoprKSHlvpdmDpbcGaBDWGT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 89aaf29aeb8e3825-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wpp.min.js Show response
of.zanzatoys.com/wp-content/plugins/wordpress-popular-posts/assets/js/ 4 KB
2 KB 338ms
332ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/wordpress-popular-posts/assets/js/wpp.min.js?ver=6.3.3
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 26 Mar 2024 01:28:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tb0NDxI%2F9VY4q%2FnPZcQR8HrSa1jdwb%2F88pmuUBFIFRq1IsscM%2BDh0qREfyc2BbATYCqGjDqLtHA0lpQZjq6vb8VvZQUFB7vghFb3Nh1kWhQ4DZNUBS%2FjI5%2BBmYVgn2lvoEGz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd323825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 24 KB
10 KB 383ms
147ms Script
application/x-javascript 2600:9000:2646:a000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:a000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 16:30:26 GMT
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:18:23 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 43265
etag: W/"6583925f-5f13"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: nP3DCw_cpDBNtxvaFC4CCDnCDoBNXWtSJJVMhex-qvZCJF5vBM8aTA==
expires: Fri, 28 Jun 2024 16:30:26 GMT

GET
H/1.1 200
OK snippet.min.js Show response
geniuslinkcdn.com/ 6 KB
2 KB 687ms
233ms Script
application/javascript 174.138.117.212
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://geniuslinkcdn.com/snippet.min.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 174.138.117.212 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
ratelimit-reset: 1719549151
transfer-encoding: chunked
ratelimit-limit: 30
last-modified: Tue, 29 Nov 2022 19:24:18 GMT
server: nginx
ratelimit-observed: 0
etag: W/"63865c62-1614"
ratelimit-resettime: Fri, 28 Jun 2024 04:32:31 GMT
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-max-age: 1728000
ratelimit-remaining: 30
expires: Sat, 29 Jun 2024 04:31:31 GMT

GET
H3 200 def-main.min.css
of.zanzatoys.com/wp-content/themes/m2019-tms/css/min/ 290 B
698 B 179ms
179ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2310052338
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 23:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s2EfKs3T0aj1Wair%2BnybeyZkpFmEI0L1VMU6mLp%2BwxQ4N%2FeUNuBnTx3T5%2BpIjFdaPGIz%2Bdg1Qu3g1d7G7qi5rA%2FgrBktVxoVQnzk7IIWMhIeWaT87PUN4RE%2BDnVvUmqmTa0s"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29afb913825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 min.js Show response
of.zanzatoys.com/wp-content/themes/m2019-tms/js/ 13 KB
5 KB 187ms
186ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/themes/m2019-tms/js/min.js?2310052338
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Nov 2023 17:27:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pfHMKfAeOApqJfp9ue%2Fw8YsiQj3MwztSjzakZoeEYZqZ1fui7UL%2BMCd0mYyg%2BGuDt7lNC7q%2Bsl9egcshP9mXYEpWMnhqilXGCfcEdpXdDHGHqc1OIt6r4htYDQul4Xv3m4Ld"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29afb933825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 flying-focus.js Show response
of.zanzatoys.com/wp-content/themes/m2019-tms/js/ 3 KB
2 KB 343ms
337ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/themes/m2019-tms/js/flying-focus.js?2310052338
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 23:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=muJWvqjfr5gjA7QWqoXVBb0GG%2BuAKVCi%2FDp%2BeIiCXj75vYf3ez05SRQEf5WcvpaFAhTw%2FFpANaVzDv4QdeE0%2Be%2BH4nGziiPXQ%2BOhPuPwi6DUQtXELzaa3p%2FE2kITO7b6TyAE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd353825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
51 KB 448ms
219ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

dd3b6119d2e63af52e3b00f98e0dac63e399506fdb27e7d3116274706b969938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52646
x-xss-protection: 0
server: cafe
etag: 5169418228039977657
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 28 Jun 2024 04:31:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 198 KB
72 KB 541ms
163ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-21433528-1

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bee754e78d83cbce6e33433a07c4d9704affbfb0262774fcc352cd3424c876de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 73328
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 04:31:31 GMT

GET
H3 200 ads-prebid-banner-proper-outbrain.js Show response
of.zanzatoys.com/wp-content/themes/m2019-tms/js/ 25 B
476 B 185ms
185ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/themes/m2019-tms/js/ads-prebid-banner-proper-outbrain.js?2310052338
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 23:38:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Djnb%2Fm5nQ%2BjqeWrcpUCIMUVuBbYErjJrfAFJXj3nxzDTdHKQknqSCiZPoZON42I%2FBNczLhG3xmRc8%2BqnIUYX06J5mEh2%2BNjWGj1sv71eHypBw0vkWHzvCfbW930UXA6xgj84"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29afb973825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 mascot-9.svg
of.zanzatoys.com/wp-content/images/ 10 KB
3 KB 140ms
140ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/images/mascot-9.svg
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cc6c1a84b1541c8af7548e98bd831b59341031d22c587bb24cafc137afd1797

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Mar 2024 03:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wKSZJfSKslz%2FaZr7zJYRzPukLZK1HokwwBUctSpqnmQjBAvSQ2%2BqqXYaIq9c3K6eJQuEMFYp5KPsmTcD4u7lKMrGxtB%2FwO8AoCgp%2B3pcI1gBuwT3d9gmyAtACkdZ%2Bul0NRx0"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89aaf29afb983825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 tms-logo-light.svg
of.zanzatoys.com/wp-content/images/ 14 KB
6 KB 158ms
158ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/images/tms-logo-light.svg
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f932bead2025b00fa5daeeaed0f10f59a8d0eaa09bd2cc332ac10c93e2bef8b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Mar 2024 03:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ad7FufWu8S1Xl43uB9sILLt8WJUEbtOb41ovLZxeWhe08xT8cgeXoMd%2F30gsfVqr0CgxGBQQ1pnK05707HtF%2FiCUYrVTvN40rlyWYxTIrPvilxMatagrH1AQ%2Bqr%2Bik71rEw"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89aaf29afb993825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 tms-logo-dark.svg
of.zanzatoys.com/wp-content/images/ 14 KB
6 KB 159ms
159ms Image
image/svg+xml 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/images/tms-logo-dark.svg
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36d64897053efc87e4d3bd20cb5b5e5a4b463509c9433824640c60809700260c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 14 Mar 2024 03:03:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmrIYvtGyYvnw9OwkReTciy7YBeEUSQ9HHgeAFlPvf%2BJLsb4rN%2F2uKduqbCVpF87807SI9IIwm777y3ERAh7CN9%2FF5OryDpQxPJUmGfJyEUa1rMC8hrv4%2FvUB3W17OcLWKLO"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 89aaf29bdc693825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 Alicent-and-Helaena-Targaryen-in-House-of-the-Dragon-copy.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 46 KB
46 KB 167ms
167ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Alicent-and-Helaena-Targaryen-in-House-of-the-Dragon-copy.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4757080d8fdf4e057cf0141b7e894f0c3d465b5e1ba70382cdf3d5a953d3eb93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 14:50:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u2JqUw0h9HC8tI%2FnZLUfadYhpbi%2FIbSQ6eh6owaQou3bHfV77TWfnD%2FHpvRacWwbjddDgjP1dUlxiGgqWRJ5WVVi8hFI%2FEXykmJwS60CVrco7CfowgopCAw75XlzcEBf2eDH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29bec863825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 article-tile-datetime.js Show response
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/js/build/ 644 B
850 B 344ms
338ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/js/build/article-tile-datetime.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2327f72e522f31848968b2fb249562c107e7c4959feb867a2535640cacdddd0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 22:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HGIx1vUA6el4f6dTAHjBeag2Re4%2FhkgnYfa44Y5xbo98W2q4VT4I6G%2BrzSNAIpnPjz4VEM9JU2N%2FsYDlNI1HUOzC%2BtMBNzdmyC4ubUnPUOu1A13Agoksemk6IQ%2BOGN9RqUwo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd373825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Olivia-Rodrigo.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 46 KB
47 KB 346ms
339ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Olivia-Rodrigo.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cee27847adcd7c69ac9876f7c7465a8b86dbfe9a3a1f9fd85ad6f5eedaf86b4e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 16:30:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IJCPwl4CR%2B428%2FmloAnBTaNBDpUHNzThVRSuSXHwI4VMEsUPAT%2BaYMMOEZ0akAct9ZzhzhJqNVJDXZZBjW6s3lDTNDgb3C9lCgRHOcvdcVijmpSjTlRGbRou7RaROhZrmyxi"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd383825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Ser-Otto-Hightower-from-House-of-The-Dragon-and-puss-in-boots-copy.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 59 KB
59 KB 347ms
340ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Ser-Otto-Hightower-from-House-of-The-Dragon-and-puss-in-boots-copy.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 730bc8b9ef4eca3eeee2a0de6ea9f49fe90b1b285d94e9e942c21c3840410296

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 15:17:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NHwnxX5ya55dz3gqA6weowjlzprvjlhXT9KPEJJ91HlJ6LkNaix4mPFAADHyenKuVQVWjgg621DFVr%2FlUTzMeE5pek2Xv2yFGoiaiBNFvjQaiqKnbNzrVjC643Lypi5rPjf0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd393825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Sydney-The-Bear-e1719336469337.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 34 KB
34 KB 186ms
179ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Sydney-The-Bear-e1719336469337.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c92aabff6010f80b245af86be1945c67a96fea5f8d154078ba67173b188b6089

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 14:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJwOqTdlPgOJEtWqJfgpRFaFX6kZj3ICNJwJYODCI%2F026lH61dynmJRBa6zMw8NLnKsDeGs18ufSYR2XBcTgvv1B8sfEyWSjhiTB9NLdBMJS5s5f073DGdeuUrs%2FCw0%2B2Xz4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd3a3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Emily-Bader-and-Edward-Bluemel-in-My-Lady-Jane-copy.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 63 KB
63 KB 373ms
365ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Emily-Bader-and-Edward-Bluemel-in-My-Lady-Jane-copy.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6824d63dad417c6553ee06fd124f5e778737b6a580e4194263754e3f32fb889

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Wed, 26 Jun 2024 05:29:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FrribpHNiOuiOxRTH7blEUsnv4%2B%2Fa5MLNDL8xdYPTN7H0t2%2FsOrY4Toncv%2FBfOHxCsBHznVI73gJyMg%2BXQ50I5EZavVfSDJ%2Bwv%2FMnR907%2BIcEjGlBf2e60CF2x7CCocc4Pfc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd3d3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 joe-biden-abortion-late-term.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 51 KB
51 KB 483ms
474ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/joe-biden-abortion-late-term.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 509876ec45740ef94b9c1462d7b3828561777473627b2fd0247302987257ca45

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 04:11:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2BhaOFfiCAECpvnOepz0XA1ES5f4azoDvbiHIcD3FjrqmTi4p6uIK3NS3oE5MzpuUEiZ312AelDUin5fd5Y6xZqb0LJQZOX3iTlpwx%2F%2BlGI7gH2X8UiIT%2B8P4RRWVJMwC3zP"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd3e3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 one-piece-mr-3-galdino.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 29 KB
30 KB 484ms
476ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/one-piece-mr-3-galdino.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff52afc7fc46e37d4f1793c4ba72cce2fd0b0489a3a7879c4d8bbcfdf6ef554e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Tue, 25 Jun 2024 19:19:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mcDBRStqWoPvUDNecyAERahkww9IPyGu2iPQ9d4rhHOxMHZJ9UhDiLlBMyWEDj7yf0SCv7%2FTV%2FUPFD%2F5Gr5WtOAOwRusrXT4YVbbukNtEvsMo2Rk3e%2BS5xk%2FpSCTCmPH3ajL"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd403825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 trump-debate-abortion-lies.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 47 KB
48 KB 488ms
480ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/trump-debate-abortion-lies.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a397dde47e688b2fc319495a4701118826a1c3f21cb173ad9ecb9cf7578f9f3f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 03:14:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxMTM5YblGHOTuP%2BmrTWwuERTlOpJy1qj6XnjE0U8y52gzpVRpyhBSl1ZltRJMXNgfuoychxCHunBphiwhDqG4pFnLjEbG3tG2yt3LshSFbqUJkA8Z2m%2BrUMOG78pZtw2vmf"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd413825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 trump-debate-immigration-lie.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 39 KB
39 KB 489ms
481ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/trump-debate-immigration-lie.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa2799079b93b27d6c24cdfaa9594d840ebc45a61f344b2cee26717ee516b57a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 02:21:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f2hGTpC81p4yY5uW%2FnK6rZ%2BvoVBOkQE5heP2P%2BZ8TC%2Fm1ti3hYUROSwCH4J684HLQt5j2lim5i6BBY%2Fpyj0rsQ7uMMUXrKYKuiXnx5ROJb543pXm2okLeMA9FQllPIz9jdiV"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd473825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 frodo-cat-a-quiet-place-day-one-667c0a534e85b.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 18 KB
19 KB 501ms
493ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/frodo-cat-a-quiet-place-day-one-667c0a534e85b.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0ae693ad0dca1dfef01aa5c7abf90a9ed7f96a3051433d76c76162b096a9141

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 22:06:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aRkpobHr3ojsKn0gNNJXb2%2FSFx2sisxFPYXvQBxk%2F8dEPbL8CVPv5TD3WNknppQA8lUlDR5Fs9XmBlFOQaTOAbUbfrG8tjwdHZBgPlSl3EVwqLe5le2bVFd2s4yvzGhkK1Xu"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd483825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 House-Of-The-Dragon-Jacaerys-Velaryon-Henry-Collett-Bethany-Antonia-Baela-Targaryen.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 37 KB
38 KB 190ms
181ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/House-Of-The-Dragon-Jacaerys-Velaryon-Henry-Collett-Bethany-Antonia-Baela-Targaryen.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e3d57401e2b8edceb8b40bc6b82628640c41b3caca1af3d849cbfe53d8ced1d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 21:05:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YhsmeogecWADdAfl%2FKu4CtME4f1juywx5yNsjWwvsGL2tZcU2G2ycUmX%2Bde9U2gf0lLA7uQyw3n%2F6DfNimDyJwHPakVapbCtdENMgVNCBi4ELAxkT2nrpsTCLMUNcHBamp9G"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd493825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 The-Electric-State-Simon-Stalenhag.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 67 KB
67 KB 513ms
505ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/The-Electric-State-Simon-Stalenhag.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03becffdfd9fcef9b672ea5d711f7db5ee0863ca9de186b5da2d8607b3efcc9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 20 Jun 2024 10:53:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DqUomYNPqac%2FhPp71PYkXum3MUk3zxxVfdnhnd%2F9dYbeV05Z1Pd8vcaqQ02eKiwW78JV7%2BsyFhh5rFQtxDt2mumtVjIZSF2hN8Wlc8Mp2b30vf5Uq3hQ2z49dPimk%2BHaTKqq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd4a3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Kevin-Costner-John-Dutton-Yellowstone.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 119 KB
120 KB 515ms
506ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Kevin-Costner-John-Dutton-Yellowstone.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a650f5a6d32001f55fa2f580e86badd048554e72c43c700ed37b15cb55b5cef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Fri, 21 Jun 2024 15:51:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FU4%2BfLhngE0fcjm%2Fz5rDm9%2FTNAlab4xFQ%2FoD7BXsqKRyhPda6GGKRyIzHK2iU6KYqlUzKfJNU0tXIG2khSSVciL0WpH%2FuaLdYtBnNSGDP%2F0g3Bf4lQpc7We7gJe9xtXn3LLN"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd4b3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 22-jump-street.jpeg
of.zanzatoys.com/wp-content/uploads/2024/06/ 127 KB
127 KB 516ms
508ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/22-jump-street.jpeg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94a07914407bf0a1a30e2970e8b9b6e7919d8eeed26d24ce2eb92b609dedc06e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 20:28:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TOiwlaOYoTJCjDzyZuHVD%2FTXjepVxZAkmvd2FL8jGJnynVr3l2K6%2FDJkwx7MSIdj2aw4qQWgISb1bFKhQ2zaK79dbn7EsmXssUbT5990x8EztxI1NVAoLIMoicpLHRYbe58"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd4c3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Dark-Matter-episode-9-finale.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 28 KB
29 KB 1021ms
1013ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Dark-Matter-episode-9-finale.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fd06444652b65457cb52f14a34a6bd428f84873feefd20b2dabb8243deb1549

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 19:40:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=78Zt06unliCb0DBx1VmM57rt%2B9UA7b6UQQ74DHbHMltninnsuXufZi3SS7H8IcrxXBiCbY15fRYrg8hdkpOHweBXLBm3bSs%2BnMZpYAdJ6W%2BBzo7ultTU5Zt7SH07gBtgSDQd"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd4f3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 acolyte-barash-vow.jpeg
of.zanzatoys.com/wp-content/uploads/2024/06/ 29 KB
29 KB 1159ms
1151ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/acolyte-barash-vow.jpeg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a295f2fa855bb757f972a154b8f2235912cbffa8fe7ebe93a07fed5302e28cb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Sat, 15 Jun 2024 09:39:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pxBSdJE6S6NJMk8lgZhErwOcxbYeyhDup2INdeJmzjZtnBUGwhJFDflUrxPsY9Kmpmj3n3jO0%2B%2F9L4V05QNKKQMlbqPV%2FVVFKc6bPmSMMkuSH6lSUG4K6YDtjyLmt2dSkl73"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd503825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Emma-Roberts-Disney-Upfront.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 50 KB
51 KB 1175ms
1167ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Emma-Roberts-Disney-Upfront.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9850419419f46b6c5250c779a2e632d6518c5a211f583684ae9820917674625e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 19:17:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYBy1Mbnrc6bW7H9GagulC5q0w9AlJ8HrZIYYWcB8TpIi%2FMBu7a4wObhLbZEZc5412YupkL6Uu29h%2F5IPmsvQ1e%2B2vjODLan68hfyGLxZ3OcHRz1j6b4lc29O3lRUUEzGKUU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd533825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 Hailey-Welch-Tim-Dee-TV.jpg
of.zanzatoys.com/wp-content/uploads/2024/06/ 33 KB
33 KB 1183ms
1175ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://of.zanzatoys.com/wp-content/uploads/2024/06/Hailey-Welch-Tim-Dee-TV.jpg?w=1200
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff277d34fe21f103bd372afd45345fe98c9b9e32c08e9fa16a0ea756df1b3c0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Jun 2024 16:33:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPmZI4yRyNxCCrgu%2BKZZy%2B4ZfpOSPSfY2dt7MW2rSHgHuJSw1be3fPpdLIuSfyS4w9fz23JIYvB580G8B0ekJJLeLwDaTxp6ghflF%2F0BPZhJV%2F0EYottrChkwRRXG5LVlSbc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd553825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H2 200 GAMURS-logo-dark.svg
gamurs.group/images/ 2 KB
2 KB 541ms
166ms Image
image/svg+xml 2606:4700::6812:fd7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gamurs.group/images/GAMURS-logo-dark.svg

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:fd7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3dc9088b44f9cebb9361ddaa3f4ee2f24bd52148db437375c6c0bdf2552d708d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 171
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"c4c89f0ed4ec3decf0dbb3fcba1ec43e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qSPCiOk4X4rgQv9lFBbxSJS2LEmrygp1YN%2BhMXsgfDIBs0RbifSAKiy0PgwVjDDNEocjtr9ZEDL5BFuPgdJpvRtRoG2TC4n4%2F8oM%2BT9Lcp1J8i2LdA5dWqnMRqMB2IA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 89aaf29f1ffe972a-FRA
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 mpp-frontend.js Show response
of.zanzatoys.com/wp-content/plugins/metronet-profile-picture/js/ 290 B
610 B 326ms
319ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/metronet-profile-picture/js/mpp-frontend.js?ver=2.6.0
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Nov 2023 17:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SSwI0UuVs60WP5%2Bhkx%2FP%2FrbgJ0rIMEj%2BXVDto6iIKfxPYJ26drC0EQieZ1Jx5CYi8T8eHy9Ck8NxMsCVydDOqhvh8F1bH6CJADBMpM4Rs%2BjtXm9yxpI2vEZhCF4AbATMCis"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 89aaf29ccd293825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H3 200 comment_count.js Show response
of.zanzatoys.com/wp-content/plugins/disqus-comment-system/public/js/ 708 B
788 B 327ms
320ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Nov 2023 17:27:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GhGWn6lPSYeX2L6TybJOcyApOwXRCW0Sz7c3UcHttnn9hz97yIIOY%2FEvdzOnoqCQY9MRmNrnTk0EpyxJsgNLznVkivPSSqYrYnWB8dqnYzDDos9omBqnfwx0f04gByTRA1%2F5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd2b3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 theme-my-login.min.js Show response
of.zanzatoys.com/wp-content/plugins/theme-my-login/assets/scripts/ 2 KB
1 KB 335ms
328ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/theme-my-login/assets/scripts/theme-my-login.min.js?ver=7.1.3
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 02 Nov 2023 17:27:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lnVEbGo1vgroRKCG8CDGHl%2BTF90O6ofFKwfPcdHDA1hwnNTeVo8gzEZ1UGyugoYAHDRfdTA2rwIALZaukAFioRoo4BkA6se6zrAAxtkdJHFNbBW%2FXcNA4G%2Bm7FFTBnAyHSq4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd2d3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H2 200 e-202426.js Show response
stats.wp.com/ 7 KB
3 KB 356ms
123ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202426.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-minify-cache: hit
x-nc: HIT ams
date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
server: nginx
x-minify: t
etag: W/14421-1717166113530.9253
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
expires: Mon, 23 Jun 2025 06:03:20 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 273 KB
56 KB 383ms
146ms Script
application/javascript 18.66.112.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=t2IK5aKmVjEs7GXvn01CHOKaD0E80inT1ziW&ver=2024.26
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-4.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c076eb304cdcac800e9fb050f95b8400d32eed9c4b8dce2d6962b1b610ee9c9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2024 15:45:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 299
x-amz-server-side-encryption: AES256
etag: W/"7d607e40d4a0788aff89bb4eb467ac5f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: z4TFwMfY3ECdNAj2UsbqbweNismjaY-T_xZ7Zd1DHVRAODgm1co-1g==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/themarysue.com/ 425 B
826 B 938ms
563ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/themarysue.com/htlbid.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6afc2de7ab6a69c5ed0f5aac0eec6ab8c9186d66cafc47f4ccd125e22f13c09a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 16:58:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: "7ab5e9718cde178b3b91246025977de8"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 425
x-amz-cf-id: OHI7QSFwAvCnHWTRT_ymAntI8qgGb5gFko_6yCUBkvQjZ7wCkLueGQ==

GET
H3 200 view.js Show response
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/header-nav/ 4 KB
1 KB 1222ms
1214ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/header-nav/view.js?ver=7cbe790b3bea43ffbf37
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f0c8bfec698b8cc28b4fa06e7b8c591ea6d9fb93efd505600a619f642730b31

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 31 May 2024 00:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j8xNQUmzdfoOUbECv4tbf3vdbtpdVZhSdQhS65ZCUKcHNnKmjLPyOMjeylBjK7lkrxh6Ee7lDB1wsjPb0RuxwTQBimAuWiZoP32vrJG2I0doSf1x9fw%2FXSW5WLJDoajvFktC"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd563825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 view.js Show response
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/banner/ 558 B
684 B 1234ms
1226ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/banner/view.js?ver=afe0df3ecd9c13323b88
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3d775ebcab285466ed8fc8e3be0a1ded83240ddbb115c009cec147c6b736d43

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 16 Feb 2024 03:04:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j1vqJn1tyS3xeMXGuLmNAo%2FnDu6t9oZEAs8YX0uM1tRHO1dqX3Bdai32antxCM1IBhbmpC%2F1sHD7oi9suOZ1nVgIXbUaRes2sOUCZxpS1%2BywllpPrQvmtrlwAGpztcQjAEbf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 89aaf29ccd583825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H2 200 114526X1684681.skimlinks.js Show response
s.skimresources.com/js/ 56 KB
21 KB 3019ms
957ms Script
text/javascript 151.101.129.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Skimlinks V9.0 /
Resource Hash: e57106147f4b2c021a8c821ea39edaada8b5c521d8ae06e57e9459a2860cde2d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-mad22048-MAD
x-amz-version-id: 2RQEbCknFlT.lcCNBU7ZuP7Lw4IcBdAh
content-encoding: gzip
date: Fri, 28 Jun 2024 04:31:33 GMT
server: Skimlinks V9.0
etag: "7da26d8b924decf0da036390d31449c5"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
p3p: policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 20999
x-cache-hits: 0

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 388ms
156ms Script
application/x-javascript 2600:9000:2646:a000:18:1fcd:354:4b41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:a000:18:1fcd:354:4b41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 16:20:00 GMT
content-encoding: gzip
via: 1.1 ed149c4696419c0643fab13e9539b16c.cloudfront.net (CloudFront)
last-modified: Wed, 05 Jun 2024 00:13:00 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 43891
etag: W/"665fad8c-9895"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: DpIhsbfzrZFEKiW3zVHK4wB2kdMTz3ppLKeyU6yYlwqv6N-hqRPUJg==
expires: Fri, 28 Jun 2024 16:20:00 GMT

GET
H3 200 plow.lite.js Show response
of.zanzatoys.com/ 45 KB
17 KB 1242ms
1235ms Script
text/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/plow.lite.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8959845592e7fada94a250b30e925085ebcb58d5c92b08e26c44a9d334baf1f8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 28 Jun 2024 04:31:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MPaRyswmmHt9%2Fabgt0u6i4odLbaIqjqxrM%2BlzlTgCmGAYBudlEHFbaF1mE0yhvlSRSAUStivesbutOkwH1JrF3oJ27xZtL2cvq5tWlSC81WaLe%2Fh6E46GADkN87vKTAIlzeI"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: max-age=14400
cf-ray: 89aaf29ccd593825-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 280 KB
93 KB 488ms
467ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ecbc6548751ca83640e82571081cf577b2d461286d66f58487919fcfe73586dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94681
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 04:31:31 GMT

GET
H3 200 f460825e98b76920f5d63bf219d1b5e776d1.main.js Show response
rockagainst.com/static/bb8e0e/ 369 KB
67 KB 372ms
180ms Script
text/javascript 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0545e61b3e92a6405285a2caf7814af0854f404c633ec51917f7fa6c16710a2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"19b0359bf99815da3fcb0907c39448cfa7e76f8b734b9cc400a5691e48b23ee4"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language
x-hostname: fen-hoothoot-europe-west1-spot-btsg
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
cf-ray: 89aaf2a04ca53830-FRA

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/36750692/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

222ms
222ms

Script
application/javascript

18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://of.zanzatoys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Thu, 27 Jun 2024 05:05:31 GMT
content-encoding: gzip
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
last-modified: Thu, 07 Dec 2023 12:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
age: 84362
x-amz-server-side-encryption: AES256
etag: W/"77ff4ede4693897337a38594321529a3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 8p-3wANrCsVnfdqhTgAWVZXFaqKu4HQ5EORlGakMCxHL7NsiXzPpzw==

Redirect headers

date: Fri, 28 Jun 2024 04:31:32 GMT
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-cache: Miss from cloudfront
location: /internal-cs/default/beacon.js
content-length: 0
x-amz-cf-id: 1xPIoNj2CCa-AM577774eibtommwEC1v3v6z5Ng8WHpnGvW4mn5xKQ==

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 481ms
161ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9f043311917fa84e606b8092e54c4fd2b7814112bf0f1c111725c3b972c56374

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 04:31:32 GMT
content-md5: upllvLJqGsv3Xp4HGmDsmg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1689
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: MODERATE; q=0.3, rtt=151, rtx=0, c=12, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=3, ullat=-1
x-fb-debug: /O/V8WNzYAoo/xm1rkGAFjDVx8sFDfCRsqoegh9sE0o9vf2MPiaNjC/SWcf1dGGvHGGVAsZTW+GEb5owSacnqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7c537125d41feac7f9b3db85c1bf3aaf
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "926159ac41585c1df7186acd88d756a8"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 28 Jun 2024 04:40:07 GMT

GET
H3 200 pxieypY1o9NHyXh3WvSbGSggdO83TVlDims.woff2
of.zanzatoys.com/fonts.gstatic.com/s/asapcondensed/v17/ 21 KB
21 KB 1232ms
1230ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/fonts.gstatic.com/s/asapcondensed/v17/pxieypY1o9NHyXh3WvSbGSggdO83TVlDims.woff2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a932cbed3f646ee751177aab37d4cf7b860a4768c20aa66e672f346ba4131a83

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 16:43:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUR8DJT7oJ1SaqT7qqCRyoN5RaXjsqnYP5l2M0HLIZ%2Brn%2B794REL7cK6LDX0TABKKMmLgPt6j8EtOXNbDLc%2FAPxJmAGB4gIp3%2BL0qH5jfXmpcivcAlRQRpBGRD6k0egplNRI"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 89aaf29cfd693825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 08 Jun 2025 01:57:38 GMT

GET
H3 200 gNMyW2J8Roq16WD5tFNRaeLQk6-SHQ_R00k4c2_wjOOEa9ruReaU4bHmz4BC2dgEH-VBoaxx0TV08dDFHsF-H5uf1kw.woff2
of.zanzatoys.com/fonts.gstatic.com/s/materialsymbolssharp/v188/ 330 KB
331 KB 1307ms
1307ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/fonts.gstatic.com/s/materialsymbolssharp/v188/gNMyW2J8Roq16WD5tFNRaeLQk6-SHQ_R00k4c2_wjOOEa9ruReaU4bHmz4BC2dgEH-VBoaxx0TV08dDFHsF-H5uf1kw.woff2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eadb1560012445fbb2da30db75d283ce3a7370d6850615df745695de1931ef6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 15:39:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kHMnqF%2BTNjnsfKze3UjmhMwJrbkQtqlXO4HAXVw%2F405ParWz9ldT1MiMHF6nUS2WurIzs1v04cW6a4khp65yIV0s8VSTfuOMRLO%2BvPHTZcfa2%2BrFv0wC%2FWvwXiLehEzwnMqP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 89aaf29cfd6a3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 08 Jun 2025 01:57:38 GMT

GET
H3 200 pxieypY1o9NHyXh3WvSbGSggdO9_S1lDims.woff2
of.zanzatoys.com/fonts.gstatic.com/s/asapcondensed/v17/ 21 KB
21 KB 1688ms
1687ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/fonts.gstatic.com/s/asapcondensed/v17/pxieypY1o9NHyXh3WvSbGSggdO9_S1lDims.woff2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 313fd9d24cb57f0ce7025317eac48d7c8eef5d10f51946be7871222d8b31b5b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 16:45:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6mwF%2Bsh%2B2kQs%2F1v8Gjr5NZw665FLXR3wYsYRKPSmTlkMyk3SluaLAoUqvBh5ZNbt5IRfBwO%2BzljpoAONLP0q60Qn2yr11o87aJBklys5x8f3v%2FG7A73VltZ6DWyYH3yiWa4"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 89aaf29cfd6b3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 08 Jun 2025 01:57:38 GMT

GET
H3 200 pxieypY1o9NHyXh3WvSbGSggdO9TTFlDims.woff2
of.zanzatoys.com/fonts.gstatic.com/s/asapcondensed/v17/ 21 KB
21 KB 1695ms
1694ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/fonts.gstatic.com/s/asapcondensed/v17/pxieypY1o9NHyXh3WvSbGSggdO9TTFlDims.woff2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1888a321f988409b6f4bc54b3149a6648e9b954954fd34cb7e2aca299050c2d5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
cf-cache-status: MISS
last-modified: Tue, 02 May 2023 17:01:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pdPPZ1n3BCX9uYPhjQJyc0zc6cTYkVomfoJ1xtkv6xUAZXsfrwHdJTCB4PnQ1HoZAmwKlSj1rl%2FS5ZtAXSIXWK%2BS3sbmJ3X9Oorj%2FuuZztb37wXHrQjezwyUU8RQyZof3i8B"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=31536000
cf-ray: 89aaf29cfd6d3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H/1.1 200
OK count.js Show response
themarysue.disqus.com/ 1 KB
2 KB 2977ms
366ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count.js

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 04:31:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=300; includeSubdomains
X-Amz-Cf-Pop: DFW56-P1
Age: 275
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Content-Length: 871
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 27 Jun 2024 14:25:10 GMT
Server: nginx
ETag: "667d7646-367"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=300
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id: Jy76puj37jyWpVqb0yTkoAy_bUz3EPWjwpgEdnY4jkyxmq_5ihynuQ==

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-gutenberg-blocks/build/ 6 KB
2 KB 1373ms
1363ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-gutenberg-blocks/build/style-index.css?ver=1696549132
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 23:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IuTAwY%2Bdwa%2BKHLaSfC20fMrbZCrwxgI2IMiIMuq74W88O1ng%2Ba6pdkFURavk3guWE4kPtgEmXMXkvpKtcDzx1vuDamAgWOQSvWbr4aQ1xTgphQi%2FO0diNA%2BJDk0H5yUdE%2F7F"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f143825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 mediaelementplayer-legacy.min.css
of.zanzatoys.com/wp-includes/js/mediaelement/ 11 KB
3 KB 1375ms
1365ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 17:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qVoF%2BVz6SnygUAZQt258gRwPcqEYm1kZeXeX3XH9BMMC3R0XcgwAt2r4XIFv8xprn6nrnyza%2FcbeoQwpNDiFF3YOaukf1h4SdAWPiKGkw0p0hFP%2BJfjbtx7nf1%2BdvsgyopKV"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-ray: 89aaf29f1f153825-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 wp-mediaelement.min.css
of.zanzatoys.com/wp-includes/js/mediaelement/ 4 KB
2 KB 1377ms
1367ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=2024.26
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Mon, 24 Jun 2024 17:42:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEY67bOl8h%2Fx52s0nuAfPWkOWGPoMd7kducK7%2B7L7rZ1AFZCnmjBJ8oo68tXSajlQ%2B72RZkhVhy%2FUpuanbztVHfm7QrZhmDe1j7XbV2JnDcgi%2FpoYxNp318M9MfyQB1KTaPu"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=31536000
cf-ray: 89aaf29f1f183825-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 related-posts-block-styles.min.css
of.zanzatoys.com/wp-content/mu-plugins/search/elasticpress/dist/css/ 222 B
594 B 1378ms
1368ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/mu-plugins/search/elasticpress/dist/css/related-posts-block-styles.min.css?ver=4.2.2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 04 Jun 2024 17:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bevalua6KerE9OgRrQBeZvhvy1weaIyXpCszHtXxv%2F9Zb%2FLqhETXUwzn8hKr%2FgXTuYBTaqWRO0FiPfD378HbBfxB3v4uXhpkC6FnvXF0JXyIrZoJDU76roxHAbWRHUKr7sYD"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f193825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/ad/ 5 KB
2 KB 1379ms
1368ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/ad/style-index.css?ver=1.1.2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc4adc572849f7efd70804cfee5470daa0f5b202ccdaf9a7b5c382c1aadbac1f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 18 Jun 2024 22:38:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8a1%2FxuaPzCZnGFa%2BY8vAk7sIB2Rd53dU6P%2BLBDdAKWMxFdFiMUXcw0%2FGFIthiF0W7GNmIwfm%2Bn8rjeuu6R9oVB%2FpDcg%2F05h%2FplpAt6fJKqqpjpLGPcgeMbl6VtlWx%2FoIj3ld"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f1a3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/article-header/ 11 KB
2 KB 1380ms
1369ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/article-header/style-index.css?ver=1.0.2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17072edb9629b1abe0dac1e15b36276e73245f88970554a0c0545b14d7208477

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 31 May 2024 00:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ac2%2BeDAC8a6578W6VMM8naW3gaLhacdZWh%2BU2GevoUoGXZFylamK7zupzhARfnUnOTTfUAMlcuAE6IVyWhSRsrMJ1Oraw%2FvRucsFpJ7%2B8o3w26Mu1WGcd80reu3aEzeJHKpd"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f1b3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/footer-nav/ 13 KB
2 KB 1381ms
1371ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/footer-nav/style-index.css?ver=0.1.0
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cba2b3b12c309a0c32a1920c80ebf1dcc625c71ce5826e1c8d1feca831f65e5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 31 May 2024 00:25:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mDNJgI2YrIwPF%2FbzNXy7s87euX53PQW0fKeJZ9RXJLDADY6MMT%2BoAjGK5gMfHzQ52X2amlDsJRDAtZnrKA%2F39Z1u7drvcQQHcSF%2BFD4whI2r666L%2FDquRvQS%2B6wgiJvyLiS4"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f1c3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/icon/ 6 KB
1 KB 1382ms
1372ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/icon/style-index.css?ver=1.0.3
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80193142043255f76fddfde252f1ae657ba5d6706c26f7a850942057d1d9e6ad

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 15 May 2024 11:00:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yOLULLHDIFVZ8L6psCowKlCHoDY8HKmzyW7ELWUBy7J1WeyHlJoXnaAgWz0DgxGn6HOAs%2F5UqWPaOHGt9J4Jz47zwFI9srDx5FGgpDu9Dh8lytRRY8Yriw%2BMuCg9LppYOGlp"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f1d3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/tile-badge/ 5 KB
1 KB 1383ms
1373ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/tile-badge/style-index.css?ver=1.0.0
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d38c6361160b2d6e69e92111eb1ac5ecb41005c8fa1396881cebe576ab79eb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Dec 2023 09:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvxKrDHKyqsUgcFW%2FTgwVo2fujAkEXuU2VqRrUAmECLRdtjwm7cYVy0h%2Bsx6bEYmwD8nRDMPY7CeuTd3s37ObMuczRF%2FxPlarnWLnmnOKvJesUbzB8Ru%2FsEvZwT1RZoh%2FUgF"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f1e3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 style-index.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/section-title/ 12 KB
1 KB 1384ms
1373ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/build/section-title/style-index.css?ver=0.1.0
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f6c186dc746569b7ba6a077596d174370f7af6ef9eb63c9ae4b0c01737891f7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 19 Dec 2023 09:28:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iu4ET%2BBha6uYNxmlsoD3TQM0DMHQHdykc4byCKzlSiriDs6KUUBpzdmmslEX6%2F401N3bHCvQNAFenVdySWaViO60RxqsHiS9Xo43yjVaCnxu6dNrynAiuXQCCBSWY5jG0Met"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f213825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 pmpromc.css
of.zanzatoys.com/wp-content/plugins/pmpro-mailchimp/css/ 182 B
612 B 1384ms
1374ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/pmpro-mailchimp/css/pmpromc.css?ver=2024.26
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 05 Oct 2023 23:38:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L65l2bImP6pYs%2Bj2BhjUiX34ZClnWYdnJ5mhdBUPnPc%2F%2BqX7Smngq4oF5fHA0vaIa2O1c96WMuVGt%2FOD4lkAPEhjjkHCoY36K8KrkkXf5pa5ipsTN2dipmNn3wmQFPxyTgDc"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f233825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 gamurs_icon_library.css
of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/inc/icons/ 476 B
652 B 1385ms
1373ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/gamurs-wordpress-blocks/inc/icons/gamurs_icon_library.css?ver=2024-06-13
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c590d8bea8dd12dca892068c2a9ce02fffd9d98e40f8800290ca44b08edb2a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Wed, 06 Dec 2023 22:58:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPctYYX9gsrwB%2FjMq1B2DeLmuA2JsJSocHXeAorB6xhIiVPnwa6VGGtZqXy59kVJMwkPfXOkfpjr8oP3%2Foz%2FV71MYR7%2FEsakizcyg8JcraeE9Mc2YjxtFSqeVXRUIM1SwCyl"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 89aaf29f1f243825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:31 GMT

GET
H3 200 wpp.css
of.zanzatoys.com/wp-content/plugins/wordpress-popular-posts/assets/css/ 438 B
731 B 1385ms
1374ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/plugins/wordpress-popular-posts/assets/css/wpp.css?ver=6.3.3
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:31 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 26 Mar 2024 01:28:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ybEuKd9hSS0hKcV7IRoY5O6X%2FikQRU0MwNRrPuK9HFn27kIHUkfQ0HUFAnVoMRFAmHLnJ0i%2BtupiOh%2ByJZmcOGmwf%2BSyPjP9nGcN4WfcCkRx5Q%2Fc%2BN3Y9SEUCgQmlO4J98CG"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: public, max-age=14400
cf-ray: 89aaf29f1f273825-FRA
alt-svc: h3=":443"; ma=86400
expires: Fri, 28 Jun 2024 08:31:31 GMT

GET
H2 200 htlbid.css
htlbid.com/v3/themarysue.com/ 825 B
1 KB 576ms
555ms Stylesheet
text/css 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/themarysue.com/htlbid.css?ver=2024.26
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8c1961f9ffb37f03b9de8a1a75aa97a7ee89e060686c0d7999c54d7f03736e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jun 2024 20:46:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: "50275c818c358d02116eccc4ac64d1fe"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
accept-ranges: bytes
content-length: 825
x-amz-cf-id: QCaO3Hdt7AI22qSnRJdgbJSuHLlSU07YjC9h5m-LMoewroD3asGtYA==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
177 B 153ms
136ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&blog=210961709&post=0&tz=-4&srv=of.zanzatoys.com&hp=vip&j=1%3A13.5&host=of.zanzatoys.com&ref=&fcp=989&rand=0.49701670951085153
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 04:31:31 GMT
cache-control: no-cache
server: nginx
alt-svc: h3=":443"; ma=86400
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 161 B
487 B 751ms
329ms XHR
application/json 2a04:4e42:400::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=themarysue.com&domain=of.zanzatoys.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2b26ed14bee6276431634ec37a6cb7f1a21d2458513cf7b4ef66f70be5841b5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Fri, 28 Jun 2024 04:31:32 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 134
x-served-by: cache-mad22081-MAD
x-timer: S1719549092.160728,VS0,VE100
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 26 Jun 2024 04:31:32 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 93 KB
32 KB 546ms
227ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

5b2877b1d535bd854c56fe312712efeabc2a3911f61e591c9924be48c29acad3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33224
x-xss-protection: 0
server: cafe
etag: 657181053680876958
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jun 2024 04:31:32 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 425 KB
144 KB 637ms
319ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9356934496955375&plah=of.zanzatoys.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a7e41d89ab5644673a7a4168aba38da716476ac45e091b81cc487e5bc48cfb1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 146955
x-xss-protection: 0
server: cafe
etag: 993078594710922572
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jun 2024 04:31:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 303 KB
100 KB 368ms
367ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9c7ebe18272340e0e98353796ebae93a2b60d6223498fce2f470ad57c3620977

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 102690
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 04:31:32 GMT

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 410ms
219ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=c6f874849eef47302122a08ec7eb5486

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

9c6a290c3754421a707d0533a0999d3e5284231e53067aadf92186f3813b6ecc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 04:31:32 GMT
content-md5: XoMTkbWIc+7n7nNW7jvMYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87062
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: MODERATE; q=0.3, rtt=188, rtx=0, c=24, mss=1232, tbw=8084, tp=13, tpl=0, uplat=3, ullat=-1
x-fb-debug: iYctXignGwcahxxEcQuv/l1/g7qOcf5u/tffKDT8jWZKo2S/nuq5q+y16Sfc3DQyLXdvCpazAEiL8NPRCLgwzQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 529e8eceb7d0beaebd971fbbb4ee6d52
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "c7e648314eaad32338d794b066351734"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Jun 2025 03:59:18 GMT

GET
H2 200 htlbid.js Show response
htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/ 532 KB
143 KB 618ms
618ms Script
application/javascript 13.32.27.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/themarysue.com/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-39.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 386064349e76cff980538dfe3544205035059b4c9d6dc34e54a04f3e996a1c7a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
content-encoding: br
via: 1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
last-modified: Mon, 24 Jun 2024 16:56:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"e37d0c6b52e3581ab78d0fd61885e273"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: vyy1pJ3xVfIQiOQ9BqMsn7ssB78QWxrvbjltEsHxi9W9oexRz0fPUQ==

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 189ms
188ms Image
text/plain 18.244.18.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=36750692&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1719549092439&ns_c=UTF-8&cs_cmp_nc=1&cs_fpcd=1&c7=https%3A%2F%2Fof.zanzatoys.com%2F&c8=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&c9=
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.244.18.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-38.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:32 GMT
via: 1.1 717c15467a10d8501ae3f6716e2421d8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: FRA56-P11
x-amz-cf-id: Ablz5YcBULiHjYfAQzYlUlZNJxL_GR2ZZ6ZF5wi_4JLCwqa_UPTGTw==
x-cache: Miss from cloudfront

GET
H3 200 / Show response
geoip.gamurs.workers.dev/ 243 B
593 B 407ms
204ms Fetch
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.gamurs.workers.dev/
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a1455fbfe049fb969edfe9bca1197c579acca0445ea3ae4a70a42f4f1ebcab8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:32 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ve9WXSMlVqB%2F4z%2F%2Bsuua8xBEeFox2%2BvrbH2DWijMSe7T%2FcVN76muj%2BfJ6JVztK2AhqSXrtoY1lTa%2BfYt9wdCnVr98oCn5ePDpFtKNM6MJmFi3ftKdAFj9NQxbnQ%2BR1d0kL%2F1yFQ23hYeO74%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cf-ray: 89aaf2a61f169f1b-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 as1.js Show response
silo48.p7cloud.net/ 229 KB
40 KB 846ms
435ms Script
application/javascript 2600:9000:2156:a00:c:9327:ccc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://silo48.p7cloud.net/as1.js?uri=https://of.zanzatoys.com
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:a00:c:9327:ccc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 67baaea4d5420533f93fc491579994b455d4834790ef1ab817d5d60abc3adf4a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
content-encoding: gzip
via: 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: _s3OryyNpm8z_dtRtxXxsiJKShNvPQxMWjmM1eVQ8-2lIQ-TJiNdAA==

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 224ms
223ms Fetch
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9356934496955375
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 414ms
92ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-21433528-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 04:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 146
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jun 2024 06:29:07 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 474ms
141ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7PGVNEX4L0&gtm=45je46q0v883752053za200&_p=1719549091297&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=715741458.1719549093&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1719549092&sct=1&seg=0&dl=https%3A%2F%2Fof.zanzatoys.com%2F&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2415&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 768ms
403ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7PGVNEX4L0&cid=715741458.1719549093&gtm=45je46q0v883752053za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 334ms
137ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7PGVNEX4L0&cid=715741458.1719549093&gtm=45je46q0v883752053za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1178264637

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.js Show response
cdn.jsdelivr.net/npm/@growthbook/growthbook/dist/bundles/ 99 KB
22 KB 322ms
67ms Script
application/javascript 2606:4700::6812:ba1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@growthbook/growthbook/dist/bundles/index.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NWJQJXJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:ba1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a9cea17c3643a714696189b107c5c5c7e2a8d08783b4b93daea5b84b12073c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 40290
x-jsd-version: 1.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21884
x-served-by: cache-fra-eddf8230076-FRA, cache-lga21929-LGA
x-jsd-version-type: version
server: cloudflare
etag: W/"18ac2-jFLSHW11mOiIYk43pa9W881/Paw"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pEPKgtsKlENQyrFR7xM%2B5SjPDuTC8LnRiZ%2Bd%2FsD40QfJ%2FgDnfRJCbbWEAj1YpfMivMFpwupciEyk%2FNw4i0JqvcGsiUG6YI6%2BI%2FMFMM3qKWcu5Xrw5u9Cn%2BCsi7XIhmyemLraN5WW3ok%2Bxismwa4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89aaf2a90b012c77-FRA

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 98 KB
31 KB 218ms
91ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htlbid.com
URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

435d077a645f42019fa05cf0d34954c90ad69ca984fa75896ce1969f072c3f71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31295
x-xss-protection: 0
server: cafe
etag: 743 / 19902 / 31084942 / config-hash: 6401939066803330198
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jun 2024 04:31:33 GMT

GET
H2 200 gcid_s.min.js Show response
p.gcprivacy.com/t/ 13 KB
13 KB 183ms
54ms Script
text/javascript 3.161.82.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.gcprivacy.com/t/gcid_s.min.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.161.82.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-161-82-30.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e611db2ef93ba2dc6073a60cc1f438fbd0aa16be12cc8c41269081c6fd347899

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 3i0IVVfKwVcmszdW1CmMoXrZnKfXnUoV
date: Thu, 27 Jun 2024 19:51:29 GMT
via: 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront)
last-modified: Wed, 26 Jun 2024 19:51:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P10
age: 31205
x-amz-server-side-encryption: AES256
etag: "fd0fe2d676a45511483d46ea89cda0c9"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 13335
x-amz-cf-id: c5Kud0G9gAme3d6nnIBPoRKfSoXchQxAEvIReH00-bMqHUrCl-EhwQ==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 310 KB
77 KB 505ms
120ms Script
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:30:08 GMT
content-encoding: gzip
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront), 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
last-modified: Tue, 25 Jun 2024 23:08:12 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 86
x-amz-server-side-encryption: AES256
etag: W/"bac564afc3d66c01c2c0ef0fe11bf6b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
x-amz-cf-id: VzUatjFzULAe7s1AghQn25mPUAbdUqTrHH39-5YdfbhONsoBvErWfQ==

GET
H2 200 52c6265b-27c9-418c-b976-f0f3ba74de71.js Show response
cdn.pbxai.com/ 243 B
867 B 606ms
221ms Script
application/javascript 2400:52e0:1a00::1067:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pbxai.com/52c6265b-27c9-418c-b976-f0f3ba74de71.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1067:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1067 /
Resource Hash: 8aa33a2bf679e5676f9c420728a138d8d8f55237bd06ae6a5fb646504dd62f28

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
via: 1.1 068fcd60c186434ddf5230adcfbedbf0.cloudfront.net (CloudFront)
content-encoding: br
x-amz-version-id: 42ST4yFgQtAw2ZHjkGON.LCV8IaE3b7i
cdn-edgestorageid: 845
age: 22815
x-amz-cf-pop: ORD56-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cdn-cachedat: 06/28/2024 04:31:33
cdn-pullzone: 2227704
last-modified: Mon, 18 Dec 2023 20:19:35 GMT
server: BunnyCDN-IL1-1067
cdn-proxyver: 1.04
cdn-requestpullcode: 200
etag: W/"6650dfe733611a445eebbc9e95f029e7"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: MISS
cdn-uid: 4a85839a-607a-4d8b-a11a-d8c0c2f0f828
cache-control: max-age=3600
cdn-requestid: ea9dd352e18d923d518cb798d52f11bf
cdn-requestcountrycode: NL
x-amz-cf-id: C9hHOsZ9CkVdvAmU5yRxsycHf5PwUsVfD6qR2lwXHDij6IZnr8lQ6A==
cdn-status: 200
cdn-requestpullsuccess: True

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
146 B 62ms
55ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1224847573&t=pageview&_s=1&dl=https%3A%2F%2Fof.zanzatoys.com%2F&ul=nl-nl&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=693394062&gjid=1747977232&cid=715741458.1719549093&tid=UA-21433528-1&_gid=727916530.1719549093&_r=1&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&jsscut=1&npa=1&z=1252882236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 33ms
27ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1224847573&t=event&ni=1&_s=2&dl=https%3A%2F%2Fof.zanzatoys.com%2F&ul=nl-nl&de=UTF-8&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Ad%20Block&ea=Allowed&_u=YADAAUABAAAAACAAI~&jid=&gjid=&cid=715741458.1719549093&tid=UA-21433528-1&_gid=727916530.1719549093&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&jsscut=1&npa=1&z=497272617

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 13:24:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54411
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
28ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1224847573&t=pageview&_s=3&dl=https%3A%2F%2Fof.zanzatoys.com%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=Sydney%20Sweeney%20Fans%20Play%20Detective%20After%20Actress%20Faces%20Piracy%20Allegations%20on%20Twitter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACACI~&jid=&gjid=&cid=715741458.1719549093&tid=UA-21433528-1&_gid=727916530.1719549093&gtm=457e46q0za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cd7=Evan%20Tiwari&npa=1&z=1277992936

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 13:24:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 54411
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sdk-LmjHnXEHTGSazmI Show response
cdn.growthbook.io/api/features/ 10 KB
3 KB 1961ms
588ms Fetch
application/json 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/api/features/sdk-LmjHnXEHTGSazmI
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@growthbook/growthbook/dist/bundles/index.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash: 683c7d75b6229215789a0f13291c7dfcd87a47d6b9e5c22afe5cb167e265acfa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-sse-support: enabled
date: Fri, 28 Jun 2024 04:31:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 26
x-powered-by: Express
x-cache: HIT, HIT
content-length: 2282
x-served-by: cache-iad-kcgs7200089-IAD, cache-mad2200103-MAD
x-timer: S1719549095.764931,VS0,VE1
etag: W/"2609-huarE/TFGaxvF7xIWP/VdJ6PS2U"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-sse-support
cache-control: public, max-age=30, stale-while-revalidate=3600, stale-if-error=36000
accept-ranges: bytes
x-cache-hits: 52069, 1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 151ms
148ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-21433528-1&cid=715741458.1719549093&jid=693394062&gjid=1747977232&_gid=727916530.1719549093&npa=1&_u=YADAAUAAAAAAACAAI~&z=792918236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 04:31:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
p2.gcprivacy.com/v2/ 507 B
878 B 597ms
203ms XHR
application/json 34.194.164.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/sync?pid=64M3R5&u=https%3A%2F%2Fof.zanzatoys.com%2F&h=of.zanzatoys.com&ref=&ids=sharedid%2Cundefined%7C&v=v3.1.1
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.164.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-164-15.compute-1.amazonaws.com
Software: /
Resource Hash: 577ee05847d879b07edf5184167e7500947e607c2dbd2ac49439658c0bcc9733

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: https://of.zanzatoys.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
content-length: 507

GET
H2 200 if.html
silo48.p7cloud.net/ Frame A30C 0
0 320ms
104ms Document
text/html 2600:9000:2156:1600:c:9327:ccc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://silo48.p7cloud.net/if.html?gdpr=true&gdprConsent=false&tpd=true&md=false
Requested by: Host: silo48.p7cloud.net
URL: https://silo48.p7cloud.net/as1.js?uri=https://of.zanzatoys.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1600:c:9327:ccc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://of.zanzatoys.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 37912
content-encoding: gzip
content-type: text/html
date: Thu, 27 Jun 2024 17:59:42 GMT
etag: W/"12ce3429c7f7da94bb11fea614352ba3"
last-modified: Thu, 27 Jun 2024 17:58:23 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
x-amz-cf-id: jDtlBJAQs0USZANxM8NvC5F_Ioj1khc29AkXp-groqsV8rviOlqLNA==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406260101/ 466 KB
145 KB 209ms
187ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406260101/pubads_impl.js?cb=31084942

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

53ce8d479a67efd36af35fc877af39a364e2c3bccd893a86b177ee000a8fd26b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 10:01:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 66629
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148623
x-xss-protection: 0
server: cafe
etag: 11338773816559034756
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 27 Jun 2025 10:01:04 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 70 B
83 B 400ms
184ms XHR
application/json 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=of.zanzatoys.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s28-in-f2.1e100.net

Software

cafe /

Resource Hash

2bb16aa8b915e7ba70a93e075d2ef654203587634805ff91607ea211963dd99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59
x-xss-protection: 0
expires: Fri, 28 Jun 2024 04:31:33 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 357ms
139ms Image
image/gif 216.58.206.36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21433528-1&cid=715741458.1719549093&jid=693394062&npa=1&_u=YADAAUAAAAAAACAAI~&z=1913161578

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.36 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 151ms
136ms Image
image/gif 142.250.185.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-21433528-1&cid=715741458.1719549093&jid=693394062&npa=1&_u=YADAAUAAAAAAACAAI~&z=1913161578

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 asp Show response
ua.p7cloud.net/ 75 B
323 B 486ms
78ms Script
application/javascript 2600:9000:2251:bc00:15:c08e:ec40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ua.p7cloud.net/asp?aspan=YXJjc3Bhbi11c2VyOmFyY3NwYW4tZHJvd3NzYXA
Requested by: Host: silo48.p7cloud.net
URL: https://silo48.p7cloud.net/as1.js?uri=https://of.zanzatoys.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:bc00:15:c08e:ec40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2d8c677a5883430dbde41086473c186aa9a1fe269987f1a68505527f90296fa6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 09:33:07 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P3
age: 68307
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 75
x-amz-cf-id: aqdfUNGUO55WkVAQMm78tOEpXshMS_xZ-CMnpXkEbrkHoSLYRib_Og==

GET
H2 200 locdot Show response
location.p7cloud.net/ 235 B
478 B 488ms
81ms Script
application/javascript 18.66.122.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://location.p7cloud.net/locdot
Requested by: Host: silo48.p7cloud.net
URL: https://silo48.p7cloud.net/as1.js?uri=https://of.zanzatoys.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-69.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: fbe1ba5961bc535798f4ab554f5d5b445af5a03fdceb7984b825916f3100d46a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
via: 1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: FunctionGeneratedResponse from cloudfront
content-type: application/javascript
content-length: 235
x-amz-cf-id: YebDYADXUFyGoy1zojksJIwVN4YJqApeC0dAQngmJM5ufuOrx4sLiw==

GET
H2 200 13333 Show response
d2tbszkvx1p56e.cloudfront.net/ 32 B
279 B 425ms
40ms Script
application/javascript 2600:9000:2646:4c00:1f:d766:dd80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2tbszkvx1p56e.cloudfront.net/13333?uri=-1
Requested by: Host: silo48.p7cloud.net
URL: https://silo48.p7cloud.net/as1.js?uri=https://of.zanzatoys.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:4c00:1f:d766:dd80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 2bccfb366956ee29de43fa743b6dea028338b3a2e0104fc0aa9dd6eadffbf318

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 07:59:41 GMT
via: 1.1 5cf26f8164e0cad37f6634ff6aeac4ce.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P5
age: 73913
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 32
x-amz-cf-id: fDzO_V_ff9rWeQ7LwfWPyiXCuuEY0zJY2AGZFtzyTLLesese4aDvNg==

GET
H2 200 / Show response
lal.p7cloud.net/silo48/ 154 B
409 B 476ms
83ms Script
application/javascript 2600:9000:214f:800:3:c079:7fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lal.p7cloud.net/silo48/?aspan=YXJjc3Bhbi11c2VyOmFyY3NwYW4tZHJvd3NzYXA&HOUR=6&COOKIE=1&endpoints=YUYuNbUp/Auto,Xc8z4mnt/Auto
Requested by: Host: silo48.p7cloud.net
URL: https://silo48.p7cloud.net/as1.js?uri=https://of.zanzatoys.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:800:3:c079:7fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: bedfb224695fe6e5d628d6908f185db20b9ef2152517f0bb039e11c76f249ce7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 19 Jun 2024 02:49:21 GMT
via: 1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA53-C1
age: 783733
x-cache: Hit from cloudfront
content-type: application/javascript
content-length: 154
x-amz-cf-id: kKalk-mhMl2ova_I22VaVx9zi0Ww3s1ewFHa5MVh_p4qqp2ofVTViw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 734ms
432ms XHR
application/javascript 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
content-encoding: gzip
via: 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 2y0OxxYdiau3JJ0PUMNjIg2FDS3U2o6sYcGcmGrbS0Xa1HCLv4oAfQ==

GET
H2 200 js Show response
aggle.net/ 359 B
813 B 691ms
313ms Script
text/html 3.33.163.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=of.zanzatoys.com&pih1=undefined&pih2=undefined&pih3=undefined&panorama_id=undefined&hadron_id=undefined&tradedesk_id=undefined&id5_id=undefined&liveintent_id=undefined&xandr_id=undefined
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: 09f9147defc6b765cb0a4224a930a1bc5206472474faa37150b4b7bd03b02b7f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 04:31:35 GMT
date: Fri, 28 Jun 2024 04:31:34 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 359
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H/1.1 200
OK / Show response
id.a-mx.com/sync/ 66 B
269 B 299ms
31ms Fetch
application/json 79.127.227.46
CDN77 _

General

Check archive.org

Show headers Download Go to

Full URL: https://id.a-mx.com/sync/
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 79.127.227.46 Amsterdam, Netherlands, ASN60068 (CDN77 _, GB),
Reverse DNS: unn-79-127-227-46.datapacket.com
Software: /
Resource Hash: ae86ce03f90728beba00456912b0dc1907edb3ba1a7b15e51042f904a2ed3fff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://of.zanzatoys.com
date: Fri, 28 Jun 2024 04:31:34 GMT
access-control-allow-credentials: true
content-length: 66
content-type: application/json

GET
H2 200 id Show response
id.crwdcntrl.net/ 43 B
318 B 356ms
88ms Fetch
application/json 52.209.249.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.crwdcntrl.net/id?&c=17350
Requested by: Host: p.gcprivacy.com
URL: https://p.gcprivacy.com/t/gcid_s.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.249.92 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-249-92.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:34 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-cache
x-server: 10.45.14.70
access-control-allow-credentials: true
content-length: 43
expires: 0

GET
H2

200

xandr
p2.gcprivacy.com/v3/id/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fp2.gcprivacy.com%2Fv3%2Fid%2Fxandr%3Fpid%3D6CP1D%26id%3D%24UID%26gcid%3Db4cf7811-74de-4796-ab7a-5de3f5f1bbf7
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fp2.gcprivacy.com%252Fv3%252Fid%252Fxandr%253Fpid%253D6CP1D%2526id%253D%2524UID%2526gcid%253Db4cf7811-74de-4796-ab7a-5de3f5f1bbf7
https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=6621001029539184917&gcid=b4cf7811-74de-4796-ab7a-5de3f5f1bbf7

0
37 B

153ms
152ms

Image
text/plain

34.194.164.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=6621001029539184917&gcid=b4cf7811-74de-4796-ab7a-5de3f5f1bbf7
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Server: 34.194.164.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-164-15.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://of.zanzatoys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:34 GMT
an-x-request-uuid: a96674cc-8189-4621-8714-3ff73a0d22cd
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://p2.gcprivacy.com/v3/id/xandr?pid=6CP1D&id=6621001029539184917&gcid=b4cf7811-74de-4796-ab7a-5de3f5f1bbf7
x-proxy-origin: 95.211.199.151; 95.211.199.151; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 tag Show response
btloader.com/ 56 KB
19 KB 237ms
93ms Script
application/javascript 2606:4700:10::ac43:293c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5175628516556800&upapi=true
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:293c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2add8ef4e5d7f23872dd4372afa733ed33e6ac5bd2ee04c2bd8b8fcec18a79bc

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Fri, 28 Jun 2024 04:04:53 GMT
server: cloudflare
age: 1385
etag: "7d9caff5b99144efb33a94dfc7f5621f"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 89aaf2afedbc5cb0-FRA
content-length: 19149

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 826ms
157ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5175628516556800&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 04:31:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
920 B 245ms
75ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104855
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rOOqHptMmjTeMcMWswaY1yzTkCqOrgw2MsgmR78%2BMmFOY8A6YJKqr6LkCWayaD2XO3pOHD%2Bf0a78GbRi91Q58VXWIoA5k%2FrP2zaxtpBCpvQ6NH0NIeQPawRZYSfPRC7Z3pvlr7dpVY8Oq3SjNg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 89aaf2b1ae6f3671-FRA
expires: Wed, 26 Jun 2024 23:51:21 GMT

GET
H3 200 favicon.ico
ad.doubleclick.net/ 1 KB
130 B 211ms
55ms Image
image/x-icon 216.58.206.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 14:24:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Jun 2024 14:24:09 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 246ms
76ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.6976972059659994
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 104855
x-guploader-uploadid: ABPtcPoLbuQxY31rmHs8vSbk4rwXXzwM351mFCwTp3TeQ0U33LMMOQSrtKknT2jOKXXGPpXspWptbN1wPA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e5JJbV8%2BMCNssyNgOe1cnmVGj5kpU5NabX%2Bqh0byYrV8mUCIX6Wt9%2BKNIBZVjiLUAKbRlsc9pEf68zGIt%2FloBUPSDOKPtODJ4GyYizqebU8LRjtCRSNm2Wc0XGchSFfnxycHCoN8Kz3Uel%2BAfw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 89aaf2b1ae6e3671-FRA
expires: Wed, 26 Jun 2024 23:51:21 GMT

GET
H/1.1 200
OK count-data.js Show response
themarysue.disqus.com/ 892 B
1 KB 640ms
635ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count-data.js?1=DISQUSbest-star-wars-audiobooks-to-listen-to-in-2024&1=DISQUSdark-matter-ending-explained&1=DISQUSdoes-the-cat-survive-a-quiet-place-day-one&1=DISQUSfire-and-blood-readers-feel-attacked-by-house-of-the-dragon-jacaerys-foreshadowing&1=DISQUShouse-of-the-dragon-is-at-its-best-when-its-horror-isnt-brutally-violent&1=DISQUSkevin-costners-yellowstone-exit-explained&1=DISQUSmy-lady-jane-review-steamy-hilarious-romantasy-adventure&1=DISQUSolivia-rodridgo-shirt-controversy-explained&1=DISQUSroe-v-wade-late-term-abortion-joe-biden-fumbled-the-issue-of-reproductive-rights-at-the-debate&1=DISQUSthe-bear-season-3-why-is-everyone-being-so-weird-about-shipping-syd-and-carmy

Requested by

Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

8eef5b9c6abb52122c3f8a697d68501654a9713bd6299f5ab43e33521616ae00

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 04:31:34 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 87
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 892
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK count-data.js Show response
themarysue.disqus.com/ 820 B
1 KB 638ms
637ms Script
application/javascript 199.232.192.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://themarysue.disqus.com/count-data.js?1=DISQUSthe-electric-state-release-window-cast-plot-and-more&1=DISQUStrumps-abortion-lies-provide-a-very-disturbing-debate-moment&1=DISQUSwe-couldve-had-a-cat-parade-on-house-of-the-dragon&1=DISQUSwho-is-mr-3-in-one-piece-explained&1=DISQUSwhy-dont-male-nepo-babies-face-the-same-criticism-emma-roberts-points-out-the-sexism-in-the-nepotism-conversation&1=DISQUSwhy-isnt-cnn-fact-checking-trumps-horrible-lies-about-immigration-under-biden&1=DISQUSwill-there-be-a-23-jump-street

Requested by

Host: themarysue.disqus.com
URL: https://themarysue.disqus.com/count.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

199.232.192.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

a225ad69fe1a1ef1d38122db92ea2c9c56c1e00883b047cf523c98a124a65742

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 04:31:34 GMT
Strict-Transport-Security: max-age=300; includeSubdomains
X-Content-Type-Options: nosniff
Server: nginx
Age: 78
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=600
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 820
X-XSS-Protection: 1; mode=block

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
365 B 250ms
99ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

7acae1e350da806deb78e3b785c191398977007fafa096bb4612a965c3d748d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://of.zanzatoys.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 376C 0
123 B 303ms
116ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.25370412022328814
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
via: 1.1 google
cache-control: private, no-store
server: nginx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain

GET
H2 200 px.gif
p.skimresources.com/ 43 B
93 B 247ms
98ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=2.153334343037498
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Fri, 28 Jun 2024 04:31:34 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
267 B 245ms
97ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=2.153334343037498
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Fri, 28 Jun 2024 04:31:34 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t43.6;r;s1600*1200*24;uhttps%3A//of.zanzatoys.com/;hThe%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe;0.769662330862477
https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//of.zanzatoys.com/;hThe%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe;0.769662330862477

148 B
634 B

97ms
96ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//of.zanzatoys.com/;hThe%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe;0.769662330862477

Requested by

Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

931383ad7739ca39f3a67277ee1b475d8567181feb6ef127c421238d1172fff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer: https://of.zanzatoys.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jun 2024 04:31:35 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 148
Expires: Wed, 28 Jun 2023 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jun 2024 04:31:35 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t43.6;r;s1600*1200*24;uhttps%3A//of.zanzatoys.com/;hThe%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe;0.769662330862477
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Wed, 28 Jun 2023 21:00:00 GMT

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
482 B 284ms
117ms Image
image/gif 2600:9000:223f:1000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=aqglya_728x90_
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:1000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 23:49:33 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 ab985bb6f3435d42701015dfa6015878.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 16922
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: oyjy2FZKhK5Pp8C4D2mVFbR7ExHwEYGmlVlEVtDeuckg1FjpFNchCQ==

GET
H2 200 48517810-69d7-41fa-b0c9-eb325a495a54 Show response
config.aps.amazon-adsystem.com/configs/ 563 B
837 B 222ms
94ms Script
application/javascript 99.86.4.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/48517810-69d7-41fa-b0c9-eb325a495a54
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-30.fra6.r.cloudfront.net
Software: CloudFront /
Resource Hash: 1ad3bee1099c1303e00b81d86f19926db717313a6f2d7386b79b2860318d526d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:29:33 GMT
via: 1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
age: 121
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
content-length: 563
x-amz-cf-id: 9WAW6mrPcCYdsvLOggemvTVSEBcgYilKm8Co66mwk-_28OdJRCyNeQ==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 352 B
701 B 157ms
154ms XHR
application/json 13.224.186.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fof.zanzatoys.com&pubid=48517810-69d7-41fa-b0c9-eb325a495a54
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.186.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-186-120.fra2.r.cloudfront.net
Software: Server /
Resource Hash: 39ba9a323ddcb12da804bf4c7ffad66c4d43029810278fc909936d924dab16bf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:33 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://of.zanzatoys.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 352
x-amz-cf-id: D2hWD83Ogr0KPfJiJ60uku0vVKA8EWhsledf7nJijaZg-6G6gJYcnQ==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 23 B
358 B 530ms
394ms XHR
text/javascript 108.138.8.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fof.zanzatoys.com%2F&pid=pqmUUQPnvZHYU&cb=0&ws=1600x1200&v=24.620.1905&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F22736055126%2Fthemarysue%2Fsticky_footer%22%7D%5D&gpp=DBAA&gpp_sid=%5B-1%5D&pubid=48517810-69d7-41fa-b0c9-eb325a495a54&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D&vm=%7B%22vendors%22%3A%7B%22arcspan%22%3A%7B%22data%22%3A%7B%22default%22%3A%7B%22site%22%3A%7B%22name%22%3A%22arcspan%22%2C%22cat%22%3A%5B%5D%2C%22sectioncat%22%3A%5B%5D%2C%22pagecat%22%3A%5B%5D%2C%22keywords%22%3A%22%22%2C%22content%22%3A%7B%22data%22%3A%5B%7B%22name%22%3A%22arcspan%22%2C%22segment%22%3A%5B%5D%2C%22ext%22%3A%7B%22segtax%22%3A6%7D%7D%5D%7D%2C%22domain%22%3A%22of.zanzatoys.com%22%2C%22page%22%3A%22https%3A%2F%2Fof.zanzatoys.com%2F%22%2C%22ref%22%3A%22%22%7D%7D%7D%7D%7D%7D&_c=1
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.8.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-8-164.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://of.zanzatoys.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: KKYjY5Lpi2FlKDDGJIy6aOtN6TW9kVgHkdHvcUmdb_L_ZJK2Tja1hA==

GET
H2 200 rtd Show response
p2.gcprivacy.com/v2/ 4 KB
4 KB 192ms
178ms Fetch
application/json 34.194.164.15
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://p2.gcprivacy.com/v2/rtd?pid=64M3R5&u=https%3A%2F%2Fof.zanzatoys.com%2F&gcid=b4cf7811-74de-4796-ab7a-5de3f5f1bbf7&
Requested by: Host: htlbid.com
URL: https://htlbid.com/build/d81f380a-d08b-4c10-998e-d814950d4918/htlbid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.194.164.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-194-164-15.compute-1.amazonaws.com
Software: /
Resource Hash: bb9883cc843dc86f5266bb92661812c1c378b0a90b1ba060af23308385c2605d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: https://of.zanzatoys.com
date: Fri, 28 Jun 2024 04:31:34 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Max
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
187 B 150ms
100ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

7acae1e350da806deb78e3b785c191398977007fafa096bb4612a965c3d748d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 28 Jun 2024 04:31:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://of.zanzatoys.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 512ms
133ms Image
image/gif 34.195.163.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=themarysue.com&p=%2F&u=23TyArj-pnDYXEnw&d=of.zanzatoys.com&g=66987&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4075&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fof.zanzatoys.com%2F&b=4429&t=DL6TstDPttwPCyxXqBBTXBc7DiSH1b&V=147&i=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&tz=-120&sn=1&sv=Btluuwn3Z_eB6Us95Ca7vR8HkcY-&sr=external&sd=1&im=061b0fff&_
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.163.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-163-189.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 28 Jun 2024 04:31:35 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 jsync Show response
aggle.net/ 0
435 B 296ms
295ms Script
text/html 3.33.163.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aggle.net/jsync?pid=NEQ7KDHP5&domain=of.zanzatoys.com&pih1=undefined&pih2=undefined&pih3=undefined&panorama_id=undefined&hadron_id=undefined&tradedesk_id=undefined&id5_id=undefined&liveintent_id=undefined&xandr_id=undefined
Requested by: Host: aggle.net
URL: https://aggle.net/js?pid=NEQ7KDHP5&domain=of.zanzatoys.com&pih1=undefined&pih2=undefined&pih3=undefined&panorama_id=undefined&hadron_id=undefined&tradedesk_id=undefined&id5_id=undefined&liveintent_id=undefined&xandr_id=undefined
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.33.163.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a938864f9581ea3da.awsglobalaccelerator.com
Software: gunicorn /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 28 Jun 2024 04:31:35 GMT
date: Fri, 28 Jun 2024 04:31:34 GMT
cache-control: no-store
content-type: text/html; charset=utf-8
server: gunicorn
content-length: 0
p3p: CP="NOI OUR BUS UNI COM NAV"

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 54 KB
17 KB 384ms
95ms Script
application/javascript 23.197.10.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.197.10.19 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-10-19.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
content-encoding: gzip
last-modified: Mon, 23 Jan 2023 19:40:17 GMT
server: Apache
etag: "d734-5f2f3919e751f-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17407
expires: Fri, 28 Jun 2024 04:46:35 GMT

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
128 B 128ms
116ms XHR
text/plain 54.235.152.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.152.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-152-162.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 04:31:35 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 530ms
123ms Preflight 54.235.152.162
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.235.152.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-152-162.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://of.zanzatoys.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 28 Jun 2024 04:31:35 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
351 B 160ms
160ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/114526X1684681.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.11 aiohttp/3.8.6 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:35 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.11 aiohttp/3.8.6
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 a54bf7181000aceffe016feebb6032ef1daa00e3ba3fbcdb8ee1ed Show response
rockagainst.com/confirm/2a6ee3/ 303 B
723 B 248ms
146ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/confirm/2a6ee3/a54bf7181000aceffe016feebb6032ef1daa00e3ba3fbcdb8ee1ed

Requested by

Host: rockagainst.com
URL: https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c25405f99c24d79703e3ce230a30a55978c2917c800cfa445ab30dd1b2cf0ac3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://of.zanzatoys.com
x-hostname: fen-hoothoot-europe-west1-spot-btsg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89aaf2b4c9cf37fd-FRA
expires: Fri, 28 Jun 2024 04:31:34 GMT

POST
H3 200 87d96c460cb31420031c75cb69acc60cbef8c1ebd3fa79dd29f91 Show response
rockagainst.com/c861b1a/ 2 KB
1 KB 59ms
58ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/c861b1a/87d96c460cb31420031c75cb69acc60cbef8c1ebd3fa79dd29f91

Requested by

Host: rockagainst.com
URL: https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e28a085aacce6d23d860ae8b8a39e8f6ffb2eaa1ae689845768fe399e2106d6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
content-encoding: gzip
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: DYNAMIC
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
content-length: 765
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://of.zanzatoys.com
x-hostname: fen-hoothoot-europe-west1-spot-btsg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89aaf2b5ba8837fd-FRA
expires: Fri, 28 Jun 2024 04:31:34 GMT

GET
H2 200 sdk-LmjHnXEHTGSazmI
cdn.growthbook.io/sub/ 22 B
0 58ms
58ms EventSource
text/event-stream 151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.growthbook.io/sub/sdk-LmjHnXEHTGSazmI
Requested by: Host: of.zanzatoys.com
URL: https://of.zanzatoys.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://of.zanzatoys.com/
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200025-IAD, cache-mad2200103-MAD
date: Fri, 28 Jun 2024 04:31:35 GMT
via: 1.1 varnish, 1.1 varnish
age: 26
x-timer: S1719549095.365556,VS0,VE1
x-powered-by: Express
x-cache: HIT, HIT
content-type: text/event-stream
access-control-allow-origin: *
cache-control: private, no-store
accept-ranges: bytes
x-cache-hits: 105, 1

GET
H3 200 favicon.ico
of.zanzatoys.com/images/ 2 KB
896 B 52ms
52ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d125425c4a83424763f45b4863642525b909c3161e7e8b47465590dc5f11bb2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 10 Jan 2019 08:38:55 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c37049f-603"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvX1DKlH9LebT5Ld7EXjVtiv90HJnl0riDoZuK7U1iF2p%2BL2LCOTlHHmQxd7lyAzxugHGFZ8yn8L67ExVeHpbeuI0IkdQAMC8hW8Yu4lmiD2yVLARP%2Fj3kG7jHngWebCV%2BaP"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 89aaf2b5f9a53825-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Sticky2,ConsentManager Show response
rockagainst.com/chunks/e7893e7c3/926691644237963f8628903522a06af58a7922dc3/ 376 KB
107 KB 65ms
65ms Script
text/javascript 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/chunks/e7893e7c3/926691644237963f8628903522a06af58a7922dc3/Sticky2,ConsentManager

Requested by

Host: rockagainst.com
URL: https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0cd93c5710fb8d64004deb22dd6849dc4ed365d641d5545a98772251e21eeb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Origin: https://of.zanzatoys.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"8138e8e2533075f202fbf28c098be599ccba0f6cdbe2c4a9d507a242db9953a5"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: https://of.zanzatoys.com
x-hostname: fen-hoothoot-europe-west1-spot-btsg
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89aaf2b61ac537fd-FRA

GET
H3 200 cropped-tms-icon-square.png
of.zanzatoys.com/wp-content/uploads/2022/11/ 772 B
1 KB 134ms
133ms Other
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://of.zanzatoys.com/wp-content/uploads/2022/11/cropped-tms-icon-square.png?fit=32%2C32
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c77fb0d802a606c494f7add45c5f449fe846d0bb50b615682d264eb48a22e5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
cf-cache-status: MISS
last-modified: Fri, 17 May 2024 00:06:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QLc8KGu4mS2x49UyROtiWGQ1wgsF0sGkfY9tNla6N2VKBvKCldcgIonn%2F39184tyCiGzP5BOkWuvkcQFylLqnPN%2BfLamGu0TUxKQDRANoL0N%2BQKqrMSUOm4yKtSvqrTBtt77"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=31536000
cf-ray: 89aaf2b66a1d3825-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 28 Jun 2025 04:31:35 GMT

GET
H3 200 acv.json Show response
rockagainst.com/ 81 KB
18 KB 54ms
54ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/acv.json

Requested by

Host: rockagainst.com
URL: https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 27 Jun 2024 19:07:46 GMT
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://of.zanzatoys.com
x-hostname: fen-hoothoot-europe-west1-spot-btsg
cache-control: public, max-age=3600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89aaf2b77bed37fd-FRA
expires: Fri, 28 Jun 2024 05:31:35 GMT

GET
H3 200 84217e91f891344e13872804a229b19bdfa9963e85d480fabed8d2a9.main.js Show response
rockagainst.com/bundles/41a7b62af9d6b9/ 658 KB
84 KB 66ms
66ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/bundles/41a7b62af9d6b9/84217e91f891344e13872804a229b19bdfa9963e85d480fabed8d2a9.main.js

Requested by

Host: rockagainst.com
URL: https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebc962462b8b7a95664ca84db2d3fdc7b5d55089d4fa447f56c6a27075cbac87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
content-encoding: br
via: 1.1 google
strict-transport-security: max-age=15724800; preload
cf-cache-status: MISS
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
etag: W/"d6922f8b3377d3b32b3e4a9e7200655d83dab0be9c4c3b5392e7d82fad018b40"
x-buildname: hoothoot
vary: Accept-Encoding, Accept-Language, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://of.zanzatoys.com
x-hostname: fen-hoothoot-europe-west1-spot-btsg
cache-control: private, must-revalidate, max-age=21600
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89aaf2b77bf037fd-FRA

GET
H2 200 MywyOGI4ZGMyOGIyZWU
images.getadmiral.com/ 2 KB
2 KB 178ms
92ms Image
image/jpeg 2606:4700::6812:1331
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.getadmiral.com/MywyOGI4ZGMyOGIyZWU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1331 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b07e30040943a47a88d12985eb15b775aa7de7b78d4e1003f979afd742170f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
strict-transport-security: max-age=15552000; preload
via: 1.1 google
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-buildnumber: 1313707461
content-length: 1890
server: cloudflare
x-datacenter: gce-europe-west1
etag: "7f7ad9e9"
x-buildname: dank
vary: Accept-Encoding
x-hostname: backend-europe-west1-36jf
content-type: image/jpeg
cache-control: private, must-revalidate, max-age=3600
cf-ray: 89aaf2b80cdf9750-FRA

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
460 B 574ms
170ms Image
image/png 3.5.10.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=72dd2a45ac17
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.10.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 04:31:37 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: BBENHH8BF4PC24VD
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: 19irjTLy5+OTwt6FrG4UBCN7OqEAjMxgUVUdCkbxf5yeLJaar/QBWuEUqW5dQYrngCdzDcDD5IFqmwzvRF2yjg==

POST
H3 200 a54bf7181000aceffe016feebb6032ef1daa00e3ba3fbcdb8ee1ed Show response
rockagainst.com/confirm/2a6ee3/ 290 B
674 B 138ms
138ms Fetch
application/json 104.18.25.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rockagainst.com/confirm/2a6ee3/a54bf7181000aceffe016feebb6032ef1daa00e3ba3fbcdb8ee1ed

Requested by

Host: rockagainst.com
URL: https://rockagainst.com/static/bb8e0e/f460825e98b76920f5d63bf219d1b5e776d1.main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.25.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e15729e1615a2a7b9885e523084ad81ec2b2232af73f328bd617892ef6c90d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 28 Jun 2024 04:31:35 GMT
strict-transport-security: max-age=15724800; preload
via: 1.1 google
cf-cache-status: DYNAMIC
content-encoding: br
x-buildnumber: 1351086965
alt-svc: h3=":443"; ma=86400
server: cloudflare
x-datacenter: gce-europe-west1
x-buildname: hoothoot
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://of.zanzatoys.com
x-hostname: fen-hoothoot-europe-west1-spot-btsg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
cf-ray: 89aaf2b94d2837fd-FRA
expires: Fri, 28 Jun 2024 04:31:34 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 48ms
48ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7PGVNEX4L0&gtm=45je46q0v883752053za200&_p=1719549091297&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tcfd=10001&tag_exp=0&cid=715741458.1719549093&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1719549092&sct=1&seg=0&dl=https%3A%2F%2Fof.zanzatoys.com%2F&dt=The%20Mary%20Sue%20-%20The%20Nexus%20of%20Pop%20Culture%20and%20the%20Uncharted%20Universe&en=Allowed&_ee=1&ep.event_category=Ad%20Block&ep.non_interaction=true&_et=10&tfd=7428&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7PGVNEX4L0&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://of.zanzatoys.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 04:31:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://of.zanzatoys.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.of.zanzatoys.com/	1970-01-21 07:15:09	Name: _gg_did Value: 18ffb552-d153-4d88-b4ee-ac1633b3ffbd
.zanzatoys.com/	1970-01-21 07:15:09	Name: _ga_7PGVNEX4L0 Value: GS1.1.1719549092.1.0.1719549092.60.0.0
.zanzatoys.com/	1970-01-21 07:15:09	Name: _ga Value: GA1.2.715741458.1719549093
.zanzatoys.com/	1970-01-20 21:40:35	Name: _gid Value: GA1.2.727916530.1719549093
.zanzatoys.com/	1970-01-20 21:39:09	Name: _gat_gtag_UA_21433528_1 Value: 1
silo48.p7cloud.net/	1970-01-20 21:39:09	Name: _t Value: 777
silo48.p7cloud.net/	1970-01-20 23:48:45	Name: arcid Value: -1
p2.gcprivacy.com/	1970-01-20 23:48:45	Name: gcid Value: b4cf7811-74de-4796-ab7a-5de3f5f1bbf7
of.zanzatoys.com/	1970-01-20 23:48:45	Name: gcid_first Value: b4cf7811-74de-4796-ab7a-5de3f5f1bbf7
.adnxs.com/	1970-01-20 23:48:45	Name: XANDR_PANID Value: nsZjAVuyKxy-gG6uQpOYnYX2wuOHwnRniD02T6zj9QHZM79iJKD38PkG1bCWdZ29jrB3MCp4eLlsu7zgoRdaEzr3sDRXOHtcCHaqY3HHhQ0.
.adnxs.com/	1970-01-21 07:15:09	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 23:48:45	Name: uuid2 Value: 6621001029539184917
.aggle.net/	1970-01-20 23:48:45	Name: aggcid Value: 84b91dfc-f775-4836-8a24-c2496487842d
.zanzatoys.com/	1970-01-21 07:07:57	Name: _cb Value: 23TyArj-pnDYXEnw
.zanzatoys.com/	1970-01-21 07:07:57	Name: _chartbeat2 Value: .1719549094792.1719549094792.1.Btluuwn3Z_eB6Us95Ca7vR8HkcY-.1
.zanzatoys.com/	1970-01-20 21:39:10	Name: _cb_svref Value: external
of.zanzatoys.com/	1970-01-20 21:39:10	Name: aspan_s Value: kjk620fmh0o0a5er62waw5j
.aggle.net/	1970-01-20 23:48:45	Name: aggsid Value: gAAAAABmfjymokp1vAl57Ti5lmkhWEIGKiPEu-ab05XmdXdxQglg9YeRYNzzt62TYGrqqCcU7aphEy8RZfNCB9KGV5LZlGlvzHbuofR938dDaQ9QiJCmcH4
.yadro.ru/	1970-01-21 06:24:18	Name: FTID Value: 1cVZod1LP4Op1cVZod001CTd
.yadro.ru/	1970-01-21 06:24:18	Name: VID Value: 04fU8I0pYKOp1cVZod001Oi0
.of.zanzatoys.com/	1970-01-21 07:07:57	Name: _awl Value: 3.1719549095.5-64bc901a9d13eaf0a671768a6fa24d5c-6763652d6575726f70652d7765737431-0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://of.zanzatoys.com/ Message: The resource https://of.zanzatoys.com/wp-content/themes/m2019-tms/css/min/def-main.min.css?2310052338 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
aggle.net
ams-pageview-public.s3.amazonaws.com
api.btloader.com
btloader.com
c.amazon-adsystem.com
cdn.growthbook.io
cdn.jsdelivr.net
cdn.p-n.io
cdn.pbxai.com
config.aps.amazon-adsystem.com
connect.facebook.net
counter.yadro.ru
d2tbszkvx1p56e.cloudfront.net
gamurs.group
geniuslinkcdn.com
geoip.gamurs.workers.dev
htlbid.com
ib.adnxs.com
id.a-mx.com
id.crwdcntrl.net
images.getadmiral.com
lal.p7cloud.net
location.p7cloud.net
mab.chartbeat.com
of.zanzatoys.com
p.gcprivacy.com
p.skimresources.com
p2.gcprivacy.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.wp.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
r.skimresources.com
region1.analytics.google.com
rockagainst.com
s.skimresources.com
sb.scorecardresearch.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
silo48.p7cloud.net
static.adsafeprotected.com
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
t.skimresources.com
themarysue.disqus.com
ua.p7cloud.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.18.25.111
108.138.8.164
13.224.186.120
13.32.27.39
130.211.23.194
142.250.185.130
142.250.185.195
151.101.129.91
151.101.193.91
157.240.0.6
172.217.18.2
174.138.117.212
18.244.18.38
18.66.112.4
18.66.122.69
185.89.210.82
188.114.96.3
192.0.76.3
199.232.192.134
2001:4860:4802:32::36
216.58.206.36
216.58.206.70
23.197.10.19
2400:52e0:1a00::1067:1
2600:9000:214f:800:3:c079:7fc0:93a1
2600:9000:2156:1600:c:9327:ccc0:93a1
2600:9000:2156:a00:c:9327:ccc0:93a1
2600:9000:223f:1000:8:48e:53c0:93a1
2600:9000:2251:bc00:15:c08e:ec40:93a1
2600:9000:2646:4c00:1f:d766:dd80:21
2600:9000:2646:a000:18:1fcd:354:4b41
2606:4700:10::ac43:293c
2606:4700:20::681a:246
2606:4700::6812:1331
2606:4700::6812:ba1f
2606:4700::6812:fd7
2a00:1450:4001:80b::200e
2a00:1450:4001:830::2008
2a00:1450:400c:c00::9a
2a03:2880:f084:105:face:b00c:0:3
2a04:4e42:400::714
3.161.82.30
3.33.163.81
3.5.10.193
34.194.164.15
34.195.163.189
35.190.59.101
35.190.91.160
35.201.67.47
52.209.249.92
54.235.152.162
79.127.227.46
88.212.201.198
99.86.4.30
0177977f6c04fde0e1b1a2e4563af5e23ced99dae42ac782b018d3e6afd011c1
019e19c3cb14b6890cf172fede4df2bf33c2a2665d23561fc6be123d892f9bf7
033ce432d750dea22adc9a6c46276b2a50976eb2b080f61cfb501d41db84a697
03becffdfd9fcef9b672ea5d711f7db5ee0863ca9de186b5da2d8607b3efcc9d
0545e61b3e92a6405285a2caf7814af0854f404c633ec51917f7fa6c16710a2e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07a391e09587513aa78421c34ed482a17a5e003c2132edd96227d53831a131b0
09f9147defc6b765cb0a4224a930a1bc5206472474faa37150b4b7bd03b02b7f
0a295f2fa855bb757f972a154b8f2235912cbffa8fe7ebe93a07fed5302e28cb
0cba2b3b12c309a0c32a1920c80ebf1dcc625c71ce5826e1c8d1feca831f65e5
13be243bfdcaa0107ec106fcdc2ba8ad4034924330ed5560905b69590814d147
17072edb9629b1abe0dac1e15b36276e73245f88970554a0c0545b14d7208477
1888a321f988409b6f4bc54b3149a6648e9b954954fd34cb7e2aca299050c2d5
1ad3bee1099c1303e00b81d86f19926db717313a6f2d7386b79b2860318d526d
21c77fb0d802a606c494f7add45c5f449fe846d0bb50b615682d264eb48a22e5
25422741643745e24765c242019a1c262b5ec3835a9b38b58e9168f013127c60
28b614cc061632a0d8cb17953fc9342ce119ef471b3ff02c2379881a031a185b
2add8ef4e5d7f23872dd4372afa733ed33e6ac5bd2ee04c2bd8b8fcec18a79bc
2b07e30040943a47a88d12985eb15b775aa7de7b78d4e1003f979afd742170f0
2bb16aa8b915e7ba70a93e075d2ef654203587634805ff91607ea211963dd99a
2bccfb366956ee29de43fa743b6dea028338b3a2e0104fc0aa9dd6eadffbf318
2d8c677a5883430dbde41086473c186aa9a1fe269987f1a68505527f90296fa6
2e10d353ff038c2cad3492fc17801af3e6ef2669c9e9713bdb78b1dcb104c4fe
2f932bead2025b00fa5daeeaed0f10f59a8d0eaa09bd2cc332ac10c93e2bef8b
313fd9d24cb57f0ce7025317eac48d7c8eef5d10f51946be7871222d8b31b5b1
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
36d64897053efc87e4d3bd20cb5b5e5a4b463509c9433824640c60809700260c
386064349e76cff980538dfe3544205035059b4c9d6dc34e54a04f3e996a1c7a
39ba9a323ddcb12da804bf4c7ffad66c4d43029810278fc909936d924dab16bf
3a1f53a72a4ff3c23812f7a06cc3ef3ea1f188046f2c75d9c0b19e1cb2b652a9
3dc9088b44f9cebb9361ddaa3f4ee2f24bd52148db437375c6c0bdf2552d708d
3eadb1560012445fbb2da30db75d283ce3a7370d6850615df745695de1931ef6
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
435d077a645f42019fa05cf0d34954c90ad69ca984fa75896ce1969f072c3f71
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
441165d1f045944c11861a3780a72786fbe8c8b93ff349b7a980d2dd22a111ec
4757080d8fdf4e057cf0141b7e894f0c3d465b5e1ba70382cdf3d5a953d3eb93
4a6738af5de4ee2cc3c3c4550883b2800991178af9f5e6da01ac884cda86ee5f
509876ec45740ef94b9c1462d7b3828561777473627b2fd0247302987257ca45
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
52a81cc44904eac8d8d3d8aa4d66fa18c2ed0c537a2a170547d94534476cd188
53ce8d479a67efd36af35fc877af39a364e2c3bccd893a86b177ee000a8fd26b
577ee05847d879b07edf5184167e7500947e607c2dbd2ac49439658c0bcc9733
5a650f5a6d32001f55fa2f580e86badd048554e72c43c700ed37b15cb55b5cef
5b2877b1d535bd854c56fe312712efeabc2a3911f61e591c9924be48c29acad3
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5cbaa50905cbfd614dc889e6155550145a3ed92a0085f7cbfcdd5df69145dfdf
5f0c8bfec698b8cc28b4fa06e7b8c591ea6d9fb93efd505600a619f642730b31
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
67baaea4d5420533f93fc491579994b455d4834790ef1ab817d5d60abc3adf4a
683c7d75b6229215789a0f13291c7dfcd87a47d6b9e5c22afe5cb167e265acfa
6afc2de7ab6a69c5ed0f5aac0eec6ab8c9186d66cafc47f4ccd125e22f13c09a
6c076eb304cdcac800e9fb050f95b8400d32eed9c4b8dce2d6962b1b610ee9c9
6cc6c1a84b1541c8af7548e98bd831b59341031d22c587bb24cafc137afd1797
6d125425c4a83424763f45b4863642525b909c3161e7e8b47465590dc5f11bb2
6e375c5bad3043c1d93f186930429a2dd09c161a56b5950a8d1dd1c9e7119d53
730bc8b9ef4eca3eeee2a0de6ea9f49fe90b1b285d94e9e942c21c3840410296
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a9cea17c3643a714696189b107c5c5c7e2a8d08783b4b93daea5b84b12073c
7acae1e350da806deb78e3b785c191398977007fafa096bb4612a965c3d748d2
7fd06444652b65457cb52f14a34a6bd428f84873feefd20b2dabb8243deb1549
80193142043255f76fddfde252f1ae657ba5d6706c26f7a850942057d1d9e6ad
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
8959845592e7fada94a250b30e925085ebcb58d5c92b08e26c44a9d334baf1f8
8aa33a2bf679e5676f9c420728a138d8d8f55237bd06ae6a5fb646504dd62f28
8e3d57401e2b8edceb8b40bc6b82628640c41b3caca1af3d849cbfe53d8ced1d
8eef5b9c6abb52122c3f8a697d68501654a9713bd6299f5ab43e33521616ae00
931383ad7739ca39f3a67277ee1b475d8567181feb6ef127c421238d1172fff2
94a07914407bf0a1a30e2970e8b9b6e7919d8eeed26d24ce2eb92b609dedc06e
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
9850419419f46b6c5250c779a2e632d6518c5a211f583684ae9820917674625e
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b5d174c28eccba36ede43046f94c1fcb1a2d9ec19757ff25f43fa9ca51fb5a7
9c6a290c3754421a707d0533a0999d3e5284231e53067aadf92186f3813b6ecc
9c7ebe18272340e0e98353796ebae93a2b60d6223498fce2f470ad57c3620977
9f043311917fa84e606b8092e54c4fd2b7814112bf0f1c111725c3b972c56374
9f6c186dc746569b7ba6a077596d174370f7af6ef9eb63c9ae4b0c01737891f7
a0ae693ad0dca1dfef01aa5c7abf90a9ed7f96a3051433d76c76162b096a9141
a1455fbfe049fb969edfe9bca1197c579acca0445ea3ae4a70a42f4f1ebcab8e
a225ad69fe1a1ef1d38122db92ea2c9c56c1e00883b047cf523c98a124a65742
a397dde47e688b2fc319495a4701118826a1c3f21cb173ad9ecb9cf7578f9f3f
a7e41d89ab5644673a7a4168aba38da716476ac45e091b81cc487e5bc48cfb1a
a85904e098cd1b968434e3bdcedd5a1465fec7d762b06d54348f334dc51bfc54
a932cbed3f646ee751177aab37d4cf7b860a4768c20aa66e672f346ba4131a83
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aa2799079b93b27d6c24cdfaa9594d840ebc45a61f344b2cee26717ee516b57a
ae86ce03f90728beba00456912b0dc1907edb3ba1a7b15e51042f904a2ed3fff
b385fd0614f2927f0e7fdc03ccdb2428e3a93de0c7fe467149b34213cc32c0f6
b5d38c6361160b2d6e69e92111eb1ac5ecb41005c8fa1396881cebe576ab79eb
b6824d63dad417c6553ee06fd124f5e778737b6a580e4194263754e3f32fb889
b68ec9bad5a391aa2f2f8a07fe101a5feddb9763d14f9d33b0ffc25df1580c00
b7908a015a567ec2363011df2475368dbff34360e9da3fdff50604d6395fb646
bb9883cc843dc86f5266bb92661812c1c378b0a90b1ba060af23308385c2605d
bedfb224695fe6e5d628d6908f185db20b9ef2152517f0bb039e11c76f249ce7
bee754e78d83cbce6e33433a07c4d9704affbfb0262774fcc352cd3424c876de
c2327f72e522f31848968b2fb249562c107e7c4959feb867a2535640cacdddd0
c25405f99c24d79703e3ce230a30a55978c2917c800cfa445ab30dd1b2cf0ac3
c2b26ed14bee6276431634ec37a6cb7f1a21d2458513cf7b4ef66f70be5841b5
c3d775ebcab285466ed8fc8e3be0a1ded83240ddbb115c009cec147c6b736d43
c4650b58465a55f3d663bca634f08b6ac44b63053752457add5a2c13e7648b2b
c92aabff6010f80b245af86be1945c67a96fea5f8d154078ba67173b188b6089
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cc3cafe80a8bd22ca37fc3b020a2f7d25b6ef6d016526026aba3393f131b8cf1
cc4adc572849f7efd70804cfee5470daa0f5b202ccdaf9a7b5c382c1aadbac1f
cee27847adcd7c69ac9876f7c7465a8b86dbfe9a3a1f9fd85ad6f5eedaf86b4e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0cd93c5710fb8d64004deb22dd6849dc4ed365d641d5545a98772251e21eeb2
d2abea24f77da0c7ba1026892f9407e9f9d6d5b6d3debb74f7f9290d932084f6
d7c590d8bea8dd12dca892068c2a9ce02fffd9d98e40f8800290ca44b08edb2a
d8c1961f9ffb37f03b9de8a1a75aa97a7ee89e060686c0d7999c54d7f03736e7
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd3b6119d2e63af52e3b00f98e0dac63e399506fdb27e7d3116274706b969938
de0b6a85183e77b27669137f81e9807c2f1c35fd0c1b3012055e3cf0da2f16fa
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e15729e1615a2a7b9885e523084ad81ec2b2232af73f328bd617892ef6c90d3a
e28a085aacce6d23d860ae8b8a39e8f6ffb2eaa1ae689845768fe399e2106d6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57106147f4b2c021a8c821ea39edaada8b5c521d8ae06e57e9459a2860cde2d
e611db2ef93ba2dc6073a60cc1f438fbd0aa16be12cc8c41269081c6fd347899
ebc962462b8b7a95664ca84db2d3fdc7b5d55089d4fa447f56c6a27075cbac87
ecbc6548751ca83640e82571081cf577b2d461286d66f58487919fcfe73586dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbc00575f13f02c406f902fe55444cc283c09ec68d4404dc82c9ed7b23ad053
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
fa6b6012a0bc9848f75e7f545274818becd4fde757c305fad3bcef9e1e11ba56
fbe1ba5961bc535798f4ab554f5d5b445af5a03fdceb7984b825916f3100d46a
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcfbd8b6d64e28a3c8c8e84ee7e9d16b3f2b03b295cbc9ca3db706eb486bfc9d
ff277d34fe21f103bd372afd45345fe98c9b9e32c08e9fa16a0ea756df1b3c0f
ff52afc7fc46e37d4f1793c4ba72cce2fd0b0489a3a7879c4d8bbcfdf6ef554e
ffded7c4b5b0b7e1f7c65fd9d4db4f06eebbaabb76d5933ea9fb7143ad5fbc86

of.zanzatoys.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

98 %HTTPS

35 %IPv6

39 Domains

54 Subdomains

54 IPs

7 Countries

3063 kBTransfer

8430 kBSize

21 Cookies

8 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

of.zanzatoys.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

98 %
HTTPS

35 %
IPv6

39
Domains

54
Subdomains

54
IPs

7
Countries

3063 kB
Transfer

8430 kB
Size

21
Cookies

153 HTTP transactions
1 data transactions