bg.drunkentengu.com Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bg.drunkentengu.com/
Submission Tags: falconsandbox
Submission: On August 21 via api (August 21st 2022, 4:37:01 pm UTC) from US — Scanned from NL

Summary HTTP 108 Redirects Links 52 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 16 domains to perform 108 HTTP transactions. The main IP is 2a06:98c1:3121::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is bg.drunkentengu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 4th 2022. Valid for: a year.

This is the only time bg.drunkentengu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:ce00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	151.101.65.195 151.101.65.195	54113 (FASTLY) (FASTLY)
3	95.216.65.102 95.216.65.102	24940 (HETZNER-AS) (HETZNER-AS)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3 5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
13	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:1b::8	15169 (GOOGLE) (GOOGLE)
108	24

42 2a06:98c1:3121::c (United States)

ASN13335 (CLOUDFLARENET, US)

bg.drunkentengu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
drunkentengu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.drunkentengu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:ce00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.195 (United States)

ASN54113 (FASTLY, US)

cdn.zx-adnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.216.65.102 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: frodo.min.org.ua

www.bigmp3db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:1b::8 (Ireland)

ASN15169 (GOOGLE, US)

r3---sn-5hnednss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	drunkentengu.com bg.drunkentengu.com drunkentengu.com a.drunkentengu.com	1 MB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 159	129 KB
15	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 280 gcdn.2mdn.net — Cisco Umbrella Rank: 970 r3---sn-5hnednss.c.2mdn.net — Cisco Umbrella Rank: 505631	405 KB
12	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52 cm.g.doubleclick.net — Cisco Umbrella Rank: 214 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303	204 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525	4 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3880	72 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	3 KB
3	bigmp3db.com www.bigmp3db.com — Cisco Umbrella Rank: 922949	19 KB
3	optad360.io get.optad360.io — Cisco Umbrella Rank: 27697 cmp.optad360.io — Cisco Umbrella Rank: 47240	550 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	2 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	4 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	33 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	44 KB
1	google.nl adservice.google.nl — Cisco Umbrella Rank: 14414	792 B
1	zx-adnet.com cdn.zx-adnet.com — Cisco Umbrella Rank: 185549	10 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	78 KB
108	16

	Domain	Requested by
38	a.drunkentengu.com	bg.drunkentengu.com
13	s0.2mdn.net	bg.drunkentengu.com s0.2mdn.net
12	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com googleads.g.doubleclick.net s0.2mdn.net www.googletagservices.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com s0.2mdn.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	securepubads.g.doubleclick.net	get.optad360.io securepubads.g.doubleclick.net
4	mc.yandex.ru	1 redirects bg.drunkentengu.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.bigmp3db.com	bg.drunkentengu.com www.bigmp3db.com
2	googleads4.g.doubleclick.net	bg.drunkentengu.com
2	googleads.g.doubleclick.net	9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com bg.drunkentengu.com
2	9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	get.optad360.io	bg.drunkentengu.com get.optad360.io
2	cdn.jsdelivr.net	bg.drunkentengu.com get.optad360.io
2	drunkentengu.com	bg.drunkentengu.com drunkentengu.com
2	bg.drunkentengu.com	bg.drunkentengu.com
1	r3---sn-5hnednss.c.2mdn.net
1	gcdn.2mdn.net	1 redirects
1	cdnjs.cloudflare.com	s0.2mdn.net
1	www.googletagservices.com	9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.nl	securepubads.g.doubleclick.net
1	cdn.zx-adnet.com	bg.drunkentengu.com
1	code.jquery.com	bg.drunkentengu.com
1	cmp.optad360.io	bg.drunkentengu.com
108	27

This site contains links to these domains. Also see Links.

Domain
drunkentengu.com
ar.drunkentengu.com
az.drunkentengu.com
be2.drunkentengu.com
bn.drunkentengu.com
ca2.drunkentengu.com
cs2.drunkentengu.com
da2.drunkentengu.com
de2.drunkentengu.com
el2.drunkentengu.com
es2.drunkentengu.com
en2.drunkentengu.com
et.drunkentengu.com
fa.drunkentengu.com
fi2.drunkentengu.com
fr2.drunkentengu.com
hr.drunkentengu.com
hu.drunkentengu.com
hy.drunkentengu.com
id2.drunkentengu.com
is.drunkentengu.com
it2.drunkentengu.com
iw2.drunkentengu.com
ja.drunkentengu.com
ka.drunkentengu.com
ko2.drunkentengu.com
kk.drunkentengu.com
lb2.drunkentengu.com
lo.drunkentengu.com
lt.drunkentengu.com
lv1.drunkentengu.com
ms1.drunkentengu.com
mr.drunkentengu.com
nl.drunkentengu.com
no2.drunkentengu.com
pl2.drunkentengu.com
pt2.drunkentengu.com
ro.drunkentengu.com
sk2.drunkentengu.com
sl.drunkentengu.com
sq.drunkentengu.com
sr.drunkentengu.com
sv2.drunkentengu.com
te.drunkentengu.com
tg2.drunkentengu.com
th1.drunkentengu.com
tl.drunkentengu.com
tr.drunkentengu.com
uk.drunkentengu.com
ur.drunkentengu.com
uz.drunkentengu.com
vi1.drunkentengu.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-04` - `2023-01-04`	a year	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
www.emilnichita.com GTS CA 1D4	`2022-07-22` - `2022-10-20`	3 months	crt.sh
www.bigmp3db.com R3	`2022-07-02` - `2022-09-30`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.nl GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://bg.drunkentengu.com/
Frame ID: 80A600973EE20B6652A8E59A22B2B470
Requests: 65 HTTP requests in this frame

Frame: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7DAE9EFC2CF3F2B7DDE4DA2624D3C087
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57CA3B6E2D642663EDE9092DD6EFB0E4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BDE7C985CE1E51585881CEC6747A0E97
Requests: 2 HTTP requests in this frame

Frame: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 190F6D98F32F0D39438CE8EC267A72D2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDKGhDLjhsYhev3RjAB&v=APEucNXuYXtZWGmKbdLH1hSc2Ts6eGB8_WlIjQczTh6PQcGnAoZBmaCKIku2w1y26-IfVw4W-9OQgSaSo4DYgfoy874gWyFTokPVWcAPgGzVUY2f91j3BseWSHddgctFrwOLtxQd9jt7Sbl6N6QcoHLGaJSwE5OOyQcrYxtFwaRciBYqdJSVJ0fT4m4_camfC8RXLDlWHGa2x6PbLetQfe0Z7BO-VD2pZA
Frame ID: 340E4B1AD4F0E21766AC2169B3BD3000
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EBABE20A3EEC2C35FCB827714F1088BD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
Frame ID: 94EC94B91FA19844AE818FB5CB007B0A
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js
Frame ID: 052FC804107A1574A5514706040FB0DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Интересна Информация 2022

Detected technologies

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

108
Requests

94 %
HTTPS

71 %
IPv6

16
Domains

27
Subdomains

24
IPs

7
Countries

3007 kB
Transfer

4783 kB
Size

17
Cookies

52 Outgoing links

These are links going to different origins than the main page.

URL: https://drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ar.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://az.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://be2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://bn.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ca2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://cs2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://da2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://de2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://el2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://es2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://en2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://et.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://fa.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://fi2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://fr2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://hr.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://hu.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://hy.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://id2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://is.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://it2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://iw2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ja.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ka.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ko2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://kk.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://lb2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://lo.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://lt.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://lv1.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ms1.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://mr.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://nl.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://no2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://pl2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://pt2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ro.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://sk2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://sl.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://sq.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://sr.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://sv2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://te.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://tg2.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://th1.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://tl.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://tr.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://uk.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://ur.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://uz.drunkentengu.com/

Search URL Search Domain Scan URL

URL: https://vi1.drunkentengu.com/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55

https://mc.yandex.ru/watch/71856706?wmode=7&page-url=https%3A%2F%2Fbg.drunkentengu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A343%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A885800250356%3Ahid%3A164284044%3Az%3A0%3Ai%3A20220821163655%3Aet%3A1661099815%3Ac%3A1%3Arn%3A305352436%3Arqn%3A1%3Au%3A1661099815160690085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099814291%3Ads%3A16%2C51%2C58%2C18%2C0%2C0%2C%2C52%2C0%2C502%2C502%2C1%2C257%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661099815%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%B0%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D1%8F%202022&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/71856706/1?wmode=7&page-url=https%3A%2F%2Fbg.drunkentengu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A343%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A885800250356%3Ahid%3A164284044%3Az%3A0%3Ai%3A20220821163655%3Aet%3A1661099815%3Ac%3A1%3Arn%3A305352436%3Arqn%3A1%3Au%3A1661099815160690085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099814291%3Ads%3A16%2C51%2C58%2C18%2C0%2C0%2C%2C52%2C0%2C502%2C502%2C1%2C257%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661099815%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%B0%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D1%8F%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEImFSrXCRZU1z8gUrcxedzg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEImFSrXCRZU1z8gUrcxedzg&google_cver=1&C=1

Request Chain 77

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwJfKBEosPN6VsnQJ1oBvgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDXGeCpgMF3GB86cwmIXI24&google_cver=1

Request Chain 78

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC8Y1hze_NVnsqDu_Ad_mTE&google_cver=1

Request Chain 79

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxOTI3ODE1MzY5OTYxMzI1Nw%3D%3D

Request Chain 105

https://gcdn.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,itag,source,requiressl,ratebypass,mime/signature/68CB3E517C4A7404DC0112D2755CC85D96EE381D.40F2F1CB621ED9AD0144A0C6A8505E3C623BEEA7/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-5hnednss.c.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/64CD9DE48008279EEA5A3E48A14CA0C1719804FB.0A15771C0BD1C4320EDF0448B264BFB451E2C54E/key/cms1/cms_redirect/yes/mh/gJ/mip/2001:1af8:4020:a034:9876::3/mm/42/mn/sn-5hnednss/ms/onc/mt/1661099437/mv/u/mvi/3/pl/49/file/file.mp4

108 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bg.drunkentengu.com/ 63 KB
14 KB 126ms
59ms Document
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.15
Resource Hash: 53d27d8eea86fd7b96d4fa40a44517ab4c61d412a1698f7d80834462bb9868c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=86400
cf-cache-status: DYNAMIC
cf-ray: 73e4ca4fcbdbbb3d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 21 Aug 2022 16:36:54 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 22 Aug 2022 16:36:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtkrDk7eWz0n9tNy4nPBedXA8UazuQ6DdalT1wXDnwm%2BLeIzjbnJKSU0dgBXzj8Br9RoLuPp%2BOpN4kZ6paMbQLWXGtkucCyHjGOUTpUMECk0MLzuLA8bKj3wdY7lZ3wDELobGuLJwYYjGh9r5m8hiH0l"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/8.0.15

GET
H2 200 style.css
drunkentengu.com/template/newsboard/css/ 86 KB
48 KB 89ms
30ms Stylesheet
text/css 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://drunkentengu.com/template/newsboard/css/style.css
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 993a47cb6b6462ff80ca8357e7079223e3ba4395a739531d2e45420244a8cafe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 493517
cf-polished: origSize=90017
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 18 May 2022 20:38:55 GMT
server: cloudflare
etag: W/"15fa1-5df4f3ef3a8f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBjeB0JbS0AJBf%2FHae3fhKfY1xF8A5tPIoRJRlF%2Fr4j0vIj7AxWa63YiMJcfeyHe4atbtF4Il7z3IBlt7pWr5Wjm8QLfwMhFZG2Z7I0rWXIAd3OvxoY66HX6AkOBpweeLL3auS7%2BTnLuCuzXSVxe"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
expires: Mon, 29 Aug 2022 23:31:37 GMT
cache-control: max-age=2678400
cf-ray: 73e4ca50ad2cbb3d-FRA
cf-bgj: minify

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 81ms
29ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22128
x-jsd-version: 3.1.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hDaHQq9w6cvd8E%2FVyC4H2McjRkqG%2F%2ByJixmdOT6a04BkFBv2vrGxFbQcASUi5n%2F0IPVDblqqRI9c6avtRiBCqTxVayqUwb70b3hEucudT2HH8qxDJ7tQQnSzSWTPI3oQwNx2M7c7uqsmjs1%2BPCk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73e4ca509a679bdd-FRA

GET
H2 200 preparat-amiksin-instrukciya-analogi-otzivi.webp
a.drunkentengu.com/lifestyle/ 22 KB
23 KB 133ms
74ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/preparat-amiksin-instrukciya-analogi-otzivi.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69d3e744161787b13e7fc102a8eafa683ec33d6bdddbf8aa56013d08c788d518

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22858
last-modified: Mon, 22 Nov 2021 11:36:52 GMT
server: cloudflare
etag: "594a-5d15f0a82dd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeQccIt1D6BihusZzQiAhi71ROPZsnbkQYJSnU06msViMCGJNxFCQsrI%2F0SmugwFjfGV5ZA%2Fjq2Q8%2F0xzwFixMdgXfk2PAIYUuWiF%2BOBM0XomQ6kW0FFHvSeRSofu14cQ8vmad71DGpRdI6AG6Ze7yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca50edb0bb3d-FRA

GET
H2 404 shishki-na-zapyaste.-eto-normalno-ili-net.webp
a.drunkentengu.com/lifestyle/ 0
0 105ms
47ms Image
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/shishki-na-zapyaste.-eto-normalno-ili-net.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H2 200 proekt-mezhdunarodnaya-sistema-kontrolya-ip-adresov-otzivi.webp
a.drunkentengu.com/lifestyle/ 24 KB
24 KB 117ms
59ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/proekt-mezhdunarodnaya-sistema-kontrolya-ip-adresov-otzivi.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25d869bea475e775b31ea1ddf082cc84962fe2d5580d5ff1bd4f2df7f4cad8c7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24512
last-modified: Mon, 22 Nov 2021 11:36:18 GMT
server: cloudflare
etag: "5fc0-5d15f087c1080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vHr81PUd1GSg0zFytnNpjApeNcAgFIaZstOb6kYmFpKEhyiYNesvIbpQgu6MZPUn043b%2FrO%2FS53kTBXY4n22WAM40xRYH33xoisHlUSuuMzvTf41Rhpk9PEBIqgQPVmOF5Ww273yrxVFYyi91JMFBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca50edb3bb3d-FRA

GET
H2 200 zelenij-chaj-polza-i-vred-dlya-organizma.webp
a.drunkentengu.com/lifestyle/ 34 KB
34 KB 110ms
52ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/zelenij-chaj-polza-i-vred-dlya-organizma.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dbb8decfba207807456eba9405c1e9242c425644bc5dd4506b94685764aa2f8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34428
last-modified: Mon, 22 Nov 2021 11:24:48 GMT
server: cloudflare
etag: "867c-5d15edf5b8000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbWiWmLz6uxdxbsa0H5Y1ZoftsNmkTKaq32f6B0eC08fnL7BmKnbyCAp%2BnccUR8uxKs35jJ2PX5dwfU9fGUlv%2BURXT79QDum%2Fx3cD%2FHWsIWOL%2FaMfHE%2FqSQqKm7IJGJPB0ktx2vV36u%2BpPYCYWTwlkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca50edb2bb3d-FRA

GET
H2 200 elena-drapeko-biografiya-lichnaya-zhizn-roli-i-filmi-foto.webp
a.drunkentengu.com/lifestyle/ 92 KB
93 KB 118ms
60ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/elena-drapeko-biografiya-lichnaya-zhizn-roli-i-filmi-foto.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da4c217b21ba4fa142652c572c84e7e134ac0109f1922d13067e37a27a9d28c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94444
last-modified: Mon, 22 Nov 2021 11:56:30 GMT
server: cloudflare
etag: "170ec-5d15f50b9b780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47LidUGXsBPGW2vWTazv1gtzWjvAWe5hLqnizmKx3GNQ6XW%2FRR9ElUnGx2APCMpTjXO1hI%2BEr%2B2a3jaftKdbsOQLsfDqM2m3i68zruQXLj5tUNuDJYv1hPYR33vQC0ZpJapUCNJYPIXqQb0mNm%2B1G5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca50edb9bb3d-FRA

GET
H2 200 semejstvo-koshachi-spisok-opisanie-zhivotnih-i-mesta-ih-obitaniya.webp
a.drunkentengu.com/lifestyle/ 65 KB
65 KB 127ms
75ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/semejstvo-koshachi-spisok-opisanie-zhivotnih-i-mesta-ih-obitaniya.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1c78607e7e6af7234f3cad0c9a580e1bc4447686f0186b58f7c89c33b846761

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66192
last-modified: Mon, 22 Nov 2021 11:32:34 GMT
server: cloudflare
etag: "10290-5d15efb221880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVEgTxyfqLtIgi5%2FNqg%2BO%2B2is%2Fdvg4u%2B4jdnEgVEpW2OBbLhFkvr%2FkmvoZN2taJGibXLxTnorizEG2Jug4IGpu9OZ9yXRQPNioaHuD5U5BKNxx19tm6QWZVa%2FMBpko%2BC86AoDgnUpukwgcsqPHCpovg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca50edadbb3d-FRA

GET
H3 200 kak-otklyuchit-geolokaciyu-na-iphone.webp
a.drunkentengu.com/solving-pc-problems/ 15 KB
15 KB 125ms
124ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/solving-pc-problems/kak-otklyuchit-geolokaciyu-na-iphone.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9739375b98f47648af96503b5ed3e3e21735b4699ec12bdcabaeeb5937c8d50

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15246
last-modified: Fri, 18 Jun 2021 02:49:20 GMT
server: cloudflare
etag: "3b8e-5c5015ed1cc00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7ZAz6RTzsWO6VpeLVApRcJch0cxZcoFySn96gx77djKzVFC78hil6t6w7u%2BHM6yUBOdtLG6p8%2BwplmLQ0hZ8dC10RvbdDiQkRYwFHj2wsKOinFq7DxU%2FO3OWX6usVX4G%2BFFq1dYCh9nlmUQoEVh1EI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f5e8fd7-FRA

GET
H3 200 dobicha-serebra-sposobi-i-sposobi-osnovnie-mestorozhdeniya-strani-lideri-po-dobiche-serebra.webp
a.drunkentengu.com/society/ 101 KB
101 KB 126ms
125ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/dobicha-serebra-sposobi-i-sposobi-osnovnie-mestorozhdeniya-strani-lideri-po-dobiche-serebra.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4f020417a8a54015152d9bdf28487c3f4ff4a6e067b3bf03ae385be1ce15b52

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103292
last-modified: Sun, 07 Feb 2021 19:36:18 GMT
server: cloudflare
etag: "1937c-5bac42acd3080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqR%2BqMo%2FfU8Wqua%2BaYEX11TDFzjZKYP0LEB%2BDAWx%2BqzhAlVnpEWqH7YdwLtacktFZA25oEcxKKUoSIzwjf8AuwECBX%2BL1V2fr3CFUzFqeONT2d0zEQmcZH30VEa5K74%2BpTp38TPAfG5e6JeYCRUQMhI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f608fd7-FRA

GET
H3 200 blednoe-lico-vozmozhnie-prichini-lechebnie-proceduri-i-rekomendacii.webp
a.drunkentengu.com/society/ 17 KB
17 KB 148ms
147ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/blednoe-lico-vozmozhnie-prichini-lechebnie-proceduri-i-rekomendacii.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d769630dd351205f9363dd5d5808570efb335ce10fdd4e35f690511f6c3d7bae

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16956
last-modified: Sun, 07 Feb 2021 19:41:42 GMT
server: cloudflare
etag: "423c-5bac43e1d0980"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZAJq2aaMUxYSoC9dRgTUFsOxSjJuh8nridP69QRiDse%2BgJBsIkoi7Wz4EQxlHiNszCT7ombPnRvZq9tX5FOwWi5I6IftUtnZfm4aT3s65f7BvAwDnhaGPrjc%2B%2FiZIEo56Zpg1BfgQWaNj0r9jIo7QI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f628fd7-FRA

GET
H3 200 kratkaya-biografiya-aleksandra-timarceva-restoratora-i-ego-tvorcheskij-put.webp
a.drunkentengu.com/society/ 20 KB
20 KB 149ms
147ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/kratkaya-biografiya-aleksandra-timarceva-restoratora-i-ego-tvorcheskij-put.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9171d929f89903aab2a0afd2ead0bea5b58eed239e21d7ca547b2bb16da62424

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20336
last-modified: Sun, 07 Feb 2021 19:20:04 GMT
server: cloudflare
etag: "4f70-5bac3f0bf2100"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HAh2gqq4FcKJgFzGelpQRUKvFjWaA8%2BrV%2F8kkVy%2B440Fw2xnOLNXBlOqpt5jPdEwSxh9fJbB6ECuUVDqJ2XzaqeCIes2IUaHzwQngUjRE5Yn2wszxLMXPHHOnFIXrS4mjCtLRFKvhA94lqTkerA%2FdTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f648fd7-FRA

GET
H3 200 kseniya-rejn-kratkaya-biografiya-lichnaya-zhizn-i-interesnie-fakti.webp
a.drunkentengu.com/society/ 60 KB
61 KB 149ms
148ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/kseniya-rejn-kratkaya-biografiya-lichnaya-zhizn-i-interesnie-fakti.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c38da688da287499758730b363eea0119fedc5a907358a7a52d808ad27181c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61664
last-modified: Sun, 07 Feb 2021 19:19:14 GMT
server: cloudflare
etag: "f0e0-5bac3edc43080"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZicXjOxGPGplmQwB8N0atmKmu8a76gTUnkjWLzdrhLkc%2FkOD3r%2FvmTtiKuRmx5%2Ba8rGZNaHJMYhGa4XSnVP9sxXwONfJCRIt5nibtKS%2BA6J0krQp%2B8OZYGLUR%2BQOU%2FpDZ%2BfB71IUJ3%2FQ9B2gDuDByM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f668fd7-FRA

GET
H3 200 cikl-for-pascal-dlya-nachinayushih.webp
a.drunkentengu.com/society/ 15 KB
15 KB 167ms
166ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/cikl-for-pascal-dlya-nachinayushih.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 536ac8e50e067df70633ff75bac0fed30ad1c33defb1f789ac22a60957bee4cc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Sun, 07 Feb 2021 19:38:18 GMT
server: cloudflare
etag: "3b86-5bac431f43e80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nrvj%2FLyQqnBMkexkid6LpVOGOefXHprXiUceCr2pT1z3aSHhhHPFCyTwNghAX6cbEjfzdGrRQivIRs8DhW%2BAvo2KT4VsEP%2FbnsbaFQfJRUzAq6pmb8dycavEQgqHWwIW21hKIRJF3eR9OSd5tPOufAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f678fd7-FRA

GET
H3 200 aeroport-sharm-el-shejh-vtoroj-v-egipte.webp
a.drunkentengu.com/society/ 29 KB
29 KB 167ms
166ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/aeroport-sharm-el-shejh-vtoroj-v-egipte.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d0aa7d7b8fd2f544d2bb485b305067427afa39eb54b6edeba002fd0deac18a7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 29522
last-modified: Sun, 07 Feb 2021 19:46:56 GMT
server: cloudflare
etag: "7352-5bac450d44c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ucPZUSvKyhgTOjZJ9u08oBr5Dkk3WIxkfb1sWiabetDT2hxxAXEwU88zrNe53hOnr%2FCLY2usGl59AOYMxhA0%2Fugjtr3iINfP7NjOXQ3ymU%2BWaEN9h57As7Cqg9crHfwLP3r0ZZ9ohMsEcf8Y3xjF7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f688fd7-FRA

GET
H3 200 biblioteki-krasnodara-spisok-opisanie-adresa.webp
a.drunkentengu.com/society/ 34 KB
35 KB 99ms
97ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/biblioteki-krasnodara-spisok-opisanie-adresa.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 493403e1f71d978d07520c8c4a0f9b43e7a5f8b2a572188e2ed46dc5ee7710c4

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35188
last-modified: Sun, 07 Feb 2021 19:42:10 GMT
server: cloudflare
etag: "8974-5bac43fc84880"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TISv%2FTLWYElHpH0pnup%2BgtUxFq1ixzIFR66fro9BSfeuxWP1z6MGPP6J3A11obiWlOZdtLjdn0OIt4zI7g%2B0Lkpn7WHZA0x4Mv9N89Y8tsJGZy5PdiXyFW5xaHPyODzbqexgvofuX86Ds5xxevm1EI4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f698fd7-FRA

GET
H3 200 akvapark-samari-nezabivaemie-vpechatleniya-dlya-detej-i-vzroslih.webp
a.drunkentengu.com/society/ 41 KB
42 KB 100ms
98ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/akvapark-samari-nezabivaemie-vpechatleniya-dlya-detej-i-vzroslih.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb353743df7f858cd90a1a9d894b278dcde374404323f74a5e044ea4322452a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41956
last-modified: Sun, 07 Feb 2021 19:46:16 GMT
server: cloudflare
etag: "a3e4-5bac44e71f200"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlQGlY4v3c7G7xTCOT3Gr2BvmKKQPPuhe1zOt173grXjB0N3jF5J%2FV9qVRiBngEutUA9IcZuGDuu3sdi7UKJf92vQ%2B1VCoEla3qM9L87bDFLaB3cayFrZ5jBoufsp%2F7cPC32z6QUQfqT0kSLEdzLW%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f6a8fd7-FRA

GET
H3 200 tabletki-lindinet-30-poslednie-otzivi-medikov-ginekologov.webp
a.drunkentengu.com/society/ 26 KB
27 KB 74ms
72ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/tabletki-lindinet-30-poslednie-otzivi-medikov-ginekologov.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24cecf6c29ff8834a71cb598338e87fb26f928adc7e17021ea032a312df12c13

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27016
last-modified: Sun, 07 Feb 2021 18:48:20 GMT
server: cloudflare
etag: "6988-5bac37f426500"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ai3E7Aqvb%2FYQASP%2B0gwqNdaM6uS6oGo123F7S0qZ4Skt8gB3zC8ifRIpQbr5aRLJ0PokiqN1U5EJD%2BmxjeV%2FC1H879129OfnDsv9UEP1b%2FJTeqokOXVVJksWeb6S7qSJapG%2Bz%2BL96UwZza5EbVvvaBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f6b8fd7-FRA

GET
H3 200 arskoe-kladbishe-kazan-istoriya-i-nashi-dni.webp
a.drunkentengu.com/society/ 64 KB
65 KB 170ms
168ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/arskoe-kladbishe-kazan-istoriya-i-nashi-dni.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 134d6c0bc270c26699912733931b20816ff6ab0412816cf9794c48248b015e2e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 65668
last-modified: Sun, 07 Feb 2021 19:44:32 GMT
server: cloudflare
etag: "10084-5bac4483f0800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=al5Hz6iiZVfypEgBLaS%2Bti4Pc4YjzjeezuTntJTtQoBckgbYsd00pilheh68Cr6dj0i4T0KVUk1heXBwl%2BicjJNrulo4YpfTfceDgV1vPzMiWdHwIzDxFx67tFPuMJ9%2BiSxPn3poMTAT%2F5t%2B1TUtYBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f6c8fd7-FRA

GET
H3 200 chto-eto-karta-sovest-i-kak-ee-oformit.webp
a.drunkentengu.com/society/ 14 KB
14 KB 52ms
50ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/chto-eto-karta-sovest-i-kak-ee-oformit.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75307689ad04153bd69b21b044d080830572ee57445531095287a8f81bc88f73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13980
last-modified: Sun, 07 Feb 2021 19:39:10 GMT
server: cloudflare
etag: "369c-5bac4350db380"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc1ugY7GBWQCMd3UJcItYZ%2BDECej8cERuNhWRF%2FMbY7R7m1YCYusv2vNNyhTvvTyW3KxwEqvPAqyhLA0r72kjA1P5ds%2F9iuvTU1us3YDYz4y6%2FMkw4VujqV04spCdpg7tlufF%2BLzXjksRmTk3V71F%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f6d8fd7-FRA

GET
H3 200 lend-rover-frilender-2-s-probegom-poslednie-otzivi-nedostatki-remont-tehnicheskie-harakteristiki.-land-rover-freelander.webp
a.drunkentengu.com/society/ 23 KB
24 KB 171ms
169ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/lend-rover-frilender-2-s-probegom-poslednie-otzivi-nedostatki-remont-tehnicheskie-harakteristiki.-land-rover-freelander.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 203e866df115a4d45bb3c5fac94c0eea476b73a0ec061482f02753fb2e655b08

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23552
last-modified: Sun, 07 Feb 2021 19:17:44 GMT
server: cloudflare
etag: "5c00-5bac3e866e600"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QbWaUX6wstLcKxC9bHvogpNpUdgOnKyOrLLVBt%2FuK6LDisGNtTMisPeD1431i1j2Rnh5lM2SADuz31pbUgdoFygfzeG2Pus%2FX9rKQY2gGAlyJhjJHRbIhyi6ihI5mOYWswCkAJdHEyjnTOg3EvAsEYw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f6e8fd7-FRA

GET
H3 200 rajan-giggz-zhizn-i-karera-samogo-titulovannogo-britanskogo-futbolista.webp
a.drunkentengu.com/society/ 42 KB
42 KB 172ms
170ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/rajan-giggz-zhizn-i-karera-samogo-titulovannogo-britanskogo-futbolista.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e51a68f75a0b937227bd3d3227b40fc60a8ecbb25af8168b32ba7cd7e66e480

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42924
last-modified: Sun, 07 Feb 2021 19:00:22 GMT
server: cloudflare
etag: "a7ac-5bac3aa4b3d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LC0pJecU8GHlyi4CU%2F91%2BfJQxX0FDy1w%2BPTrOnsCd%2Fk0WvyXHpBJo1F9YEW22did%2FP51zYcWMpWCPSGqeGRrXwaUrWR1za2kI%2B8d5Vy4g3df5KXfvoFuyXXX77nxey1%2Bky9GYRhBGNJjPLhb0on7EU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f708fd7-FRA

GET
H3 200 imya-sarmat-znachenie-proishozhdenie-harakter-i-sudba-obladatelya.webp
a.drunkentengu.com/society/ 61 KB
61 KB 188ms
186ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/imya-sarmat-znachenie-proishozhdenie-harakter-i-sudba-obladatelya.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340bc41d8738ba699392b1a633e2da125f1bfc7c0a5b3f2c6fac3905171017eb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62336
last-modified: Sun, 07 Feb 2021 19:27:42 GMT
server: cloudflare
etag: "f380-5bac40c0ba780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e5olJcijHRipVK3J3BPJtHsIPtb0S5Z8jEBS3ypUzMK4vsIl7QOFhSA3iQsYhTkThN%2BvbCogpKRuc6l50xW6lawt1Ksjdd%2FkOPfeFrxV8q456UXNUiADBDQtwhN%2FFxFfunxBaI%2Fr7GqoHrfYyOyb1Ds%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f718fd7-FRA

GET
H3 200 liker-amaretto-zhemchuzhina-italii.webp
a.drunkentengu.com/society/ 23 KB
24 KB 189ms
188ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/liker-amaretto-zhemchuzhina-italii.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2edd00945f34d85159c4406ef23cf6f4728c7eeb168918f172ab7982dc980a1

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23578
last-modified: Sun, 07 Feb 2021 19:17:26 GMT
server: cloudflare
etag: "5c1a-5bac3e7543d80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D1WDB0b%2FrOw3vhXsRgwV13eMUwvvSYFPVasmPe0oRAcRCiaXvHTuLUQtwvRTdygvFiIgyrOZfmyUVp2uVulTB6qmIh7OYO12A4XsycZvhrIe3lGbzZvqOJ0k8ScMBitdh9370VTdJH5gxirkpWDFGKE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f728fd7-FRA

GET
H3 200 posle-trenirovki-ne-mogu-usnut.-prichini-bessonnici-posle-fizicheskoj-nagruzki.webp
a.drunkentengu.com/society/ 30 KB
31 KB 190ms
188ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/posle-trenirovki-ne-mogu-usnut.-prichini-bessonnici-posle-fizicheskoj-nagruzki.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63f23953fa1fb6c7c2d3eaaa8c5801af007c34f19a771fc5de6cee6e3267206

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31024
last-modified: Sun, 07 Feb 2021 19:03:12 GMT
server: cloudflare
etag: "7930-5bac3b46d3c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeWU%2BWEWovQCnOwL964d5H3zj9ijLz2p%2F93prxhrUeazG79MQYcJ2TY9faf0CWGXE%2FhLNuqeTYFZjDrabkZunt0udVvQOUQfnqDTOGbslLr8YCZmxY%2F5bW5HjUTuxqdLttLyQs8f%2BtjtsAqug829iEg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f738fd7-FRA

GET
H3 200 shtraf-za-dvizhenie-po-tramvajnim-putyam-poputnogo-napravleniya.webp
a.drunkentengu.com/society/ 23 KB
23 KB 191ms
190ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/shtraf-za-dvizhenie-po-tramvajnim-putyam-poputnogo-napravleniya.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b69ec5f34ccd293aaf7b8dc34ae7c28f457a537624f539c4b46e6c1f8f7eeef

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23330
last-modified: Sun, 07 Feb 2021 18:52:52 GMT
server: cloudflare
etag: "5b22-5bac38f78c900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1lerzpd8QzOpTyGPYcKhQ%2FsFtL0jiRwn%2BKYFQKIjIhaQlsoCU9mXplnNIdlvAk%2BnFbFBYgwfMZO71oHsyqVOQQ4xEJRnR%2Fpg1hMjLjgEvnjDVCCJC%2Ba1rlFrLHfzuPd8q5gcV5xHWiV5gqgsLIH8Rw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f758fd7-FRA

GET
H3 200 antidepressanti-bez-receptov-nazvaniya-spisok-i-otzivi.webp
a.drunkentengu.com/society/ 21 KB
21 KB 192ms
190ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/antidepressanti-bez-receptov-nazvaniya-spisok-i-otzivi.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbf2991d4e5b2f1591be13f8b9e67b6c9c5de694fc4fca96aa4a293e65ebb4f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21164
last-modified: Sun, 07 Feb 2021 19:44:56 GMT
server: cloudflare
etag: "52ac-5bac449ad3e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4%2F%2B2d8Wo7zNImfYu49Nb7zYUvnXcMiSJsmC%2BfU01JOP2cGmNp0aDKoWraNpg%2BNcjRKbNLNzbPm3D3IClz5VeDqqn4Nhe3xovz8b6RoOK8vXRH28yIEJPNfAoHagT6j4Ce5BB2mZ3ZCOJnSRRbRa%2FjuM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f768fd7-FRA

GET
H3 200 klan-hatake-predstaviteli-harakteristika-sposobnosti.webp
a.drunkentengu.com/lifestyle/ 50 KB
50 KB 192ms
191ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/klan-hatake-predstaviteli-harakteristika-sposobnosti.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e312fa9b3c4a219aa222039ce96dafdf99b9d508536e9ae738f1b39eb44b34b5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50700
last-modified: Mon, 22 Nov 2021 11:47:58 GMT
server: cloudflare
etag: "c60c-5d15f32353780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbQAopPbrzRz6YiiSk76MyPcLbylth94xkl%2Fy%2F43ieM2Ztu%2F%2FONT%2FYe%2Bv6Z6byomQpMbC35ri5Xr2wEmqJWZr8dQp9h2JxFBMtITxjpSS3MMrv4NX7L2uxq5PfKZcRD3v7mNpzUrMgmWOhKiikkGsko%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f778fd7-FRA

GET
H3 200 kommercheskij-kredit-usloviya-formi-stavki.webp
a.drunkentengu.com/lifestyle/ 18 KB
19 KB 194ms
192ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/kommercheskij-kredit-usloviya-formi-stavki.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10cb0495ea6b2b802137d432b18f9ffeda5929a80dc4cda5fe70e26ba16080a5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18422
last-modified: Mon, 22 Nov 2021 11:47:22 GMT
server: cloudflare
etag: "47f6-5d15f300fe680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CB6Tt8O3ueS8ofr7onw0NDHS92rE6OIkTBZ8UyoF5RHUDLAPJY9rXh2HsjvYZgajTHCKBbbdcnZbgzfE%2B5KuhMtK6BAJFxnY0%2B9nepUHKqA4p4MsDuFRBd8zPn7tOYk8YHg6N%2FNHVjvvG4VJugYzdrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f7c8fd7-FRA

GET
H3 200 narushenie-bolnichnogo-rezhima-normi-i-pravila-posledstviya-narushenij.webp
a.drunkentengu.com/lifestyle/ 20 KB
21 KB 194ms
192ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/narushenie-bolnichnogo-rezhima-normi-i-pravila-posledstviya-narushenij.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a957a857f790ccca03be1bc4c3c575a8335955082c88795c3988e8d9e88688

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20968
last-modified: Mon, 22 Nov 2021 11:42:18 GMT
server: cloudflare
etag: "51e8-5d15f1df13a80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFo9bVfw76ne5GH46MwwdG3zPMXra5GB59kGOiQzHbS2QHqoSY%2BxNUgEjOhsCoBjHjxD1FAzo8fxGYd6lg1s46Y%2BSpbTQzFG8ISLYjFjEMeFmlIhtaKK%2ByhtSwQusRBxdRGjzTaczfoHIELrplvB6k4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f7d8fd7-FRA

GET
H3 200 tis-yagodnij-posadka-i-uhod.webp
a.drunkentengu.com/lifestyle/ 52 KB
52 KB 195ms
193ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/tis-yagodnij-posadka-i-uhod.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47e936dd24761615de831ec0e299452e6e80cf774b684eecf2fdf810a3363a56

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53014
last-modified: Mon, 22 Nov 2021 11:28:38 GMT
server: cloudflare
etag: "cf16-5d15eed110580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GMV5%2BTC%2BH3%2BltBu3OOTrAqrymR%2Flr%2BwJ2i3jj368sXdkNFSC9o2sC35MrI0dtMjrzOiWWRsOlIkVbzhdbhYSgBlyVqRK%2B1PqO%2By8WV2l1Dw1YSFfDK4dS6PaqccCrNqJiafj1WKzs7T7Vgb6A53l22E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca513f7e8fd7-FRA

GET
H2 200 rocket-loader.min.js Show response
bg.drunkentengu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
24ms Script
application/javascript 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bg.drunkentengu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 17 Aug 2022 13:18:18 GMT
server: cloudflare
etag: W/"62fcea9a-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGzjDryeHK8KDktiX8SH59QrXTxuxWZDN4uaR7Ip9HqYpRl6U2vRw85kcbQ8ObJncROkZTePptSjnpHWyuW2rcPu%2B%2F%2FrgpgIvM6RVHjAaEJ85FCyVncLoNcBHUvcdHOy0avGPBdTZ65WeE4wqQao6lp0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 73e4ca509d1bbb3d-FRA
vary: Accept-Encoding
expires: Tue, 23 Aug 2022 16:36:54 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/4c16a5bf-f43e-4a7e-b800-43adb3936d83/ 368 KB
88 KB 104ms
26ms Script
application/javascript 2600:9000:225e:ce00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/4c16a5bf-f43e-4a7e-b800-43adb3936d83/plugin.min.js
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7b5f7b135522fb64f94e4a0f62840878d8432aa50be56ae8cb822fc380d93d0e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:34:01 GMT
content-encoding: gzip
last-modified: Wed, 23 Mar 2022 15:03:25 GMT
server: AmazonS3
age: 174
etag: W/"da0ec537f73f9cff313f74dca81ad3a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: qb7ONqX1Pmo-Rm6VxYofAWKD_NbP2buntNle9b1Y0Tqj2fLPxILEcw==

GET
H2 200 45be3e39-78b5-46f0-a474-9b4452ae7a1f.min.js Show response
cmp.optad360.io/items/ 497 B
851 B 214ms
95ms Script
application/javascript 2600:9000:2304:600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/45be3e39-78b5-46f0-a474-9b4452ae7a1f.min.js
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 01:33:48 GMT
via: 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 55616
etag: "7acdc116a0830ba0aef5e087010246ba"
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: VIE50-P1
accept-ranges: bytes
content-length: 497
x-amz-cf-id: -s7BtAK72DmUu_Z-ykJPfsROlEvi_vth0gtXYv6sWyq63ELNRTxfZA==

GET
H3 301 wave-line-1.svg
drunkentengu.com/template/newsboard/imgs/theme/ 0
0 70ms
70ms Image
text/html 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://drunkentengu.com/template/newsboard/imgs/theme/wave-line-1.svg
Requested by: Host: drunkentengu.com
URL: https://drunkentengu.com/template/newsboard/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://drunkentengu.com/template/newsboard/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 41 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 ozhidaemaya-prodolzhitelnost-zhizni-pri-rozhdenii.-demograficheskie-pokazateli.webp
a.drunkentengu.com/lifestyle/ 57 KB
57 KB 344ms
342ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/lifestyle/ozhidaemaya-prodolzhitelnost-zhizni-pri-rozhdenii.-demograficheskie-pokazateli.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bc191d8cb9555c7187ba6a7e5a94d3ff45e69fd996f094d41713ad4951699c0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57962
last-modified: Mon, 22 Nov 2021 11:39:36 GMT
server: cloudflare
etag: "e26a-5d15f14494e00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3tzonybvHEq5jNnInY%2BbXDIFrO%2BgI3Hc4dAk0sDgGh%2FyIw95tNh%2FIvViuOKcEltSjDexygzvC8yURyXTQBk1%2Fi23zysk92iKfh94U20ypHFjYESsKyFitntlGwyB1zg0ZICCeuHzadeP48bwARX7oA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fa68fd7-FRA

GET
H3 200 o-tom-kak-razogret-piccu-v-mikrovolnovke.webp
a.drunkentengu.com/society/ 66 KB
67 KB 171ms
168ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/o-tom-kak-razogret-piccu-v-mikrovolnovke.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a10e079a06636011ec2836b8b7d6253fdcda68357d6cdd2c14ecd758bc170757

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67678
last-modified: Sun, 07 Feb 2021 19:10:30 GMT
server: cloudflare
etag: "1085e-5bac3ce889580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zl%2BX9y%2BgsFDqcz%2BlkrVczP%2ByF8B93MkNNGVtM9V3rrORN1DqMJNqeP%2BvvEMenmI3PTOiSy3WIiuJsSHZP35kHMxwTkQi3p8yP%2BD702Nq19ZnTUY0ey%2FuNvxaD9rERjUF2ekqSr0goCKSlg5wdmbK5vk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fa88fd7-FRA

GET
H3 200 krasnie-pyatna-na-kozhe-u-detej-vozmozhnie-prichini-poyavleniya-zabolevaniya-terapiya-otzivi-6.webp
a.drunkentengu.com/society/ 26 KB
27 KB 172ms
170ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/krasnie-pyatna-na-kozhe-u-detej-vozmozhnie-prichini-poyavleniya-zabolevaniya-terapiya-otzivi-6.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc3b20c79263b8627bdf6d71ed5018c34806fee9ad713785c15454df5ac2425e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26946
last-modified: Sun, 07 Feb 2021 19:20:10 GMT
server: cloudflare
etag: "6942-5bac3f11aae80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6OJxXuuPVjkfge3rPsFbmdYg5y2fsshO4vXgsPGpx2kmjNJMtx%2F9ercEsZnc8TK0pXENhfiebNiX126ygL%2F7mtSno%2B9Xw0yVE%2FH0xCZY80NLC2ZqJlS1GcizKg1U%2BueOFQMphKswBUXS8GfNIBMBcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fa98fd7-FRA

GET
H3 200 restoran-orhideya-smolensk-kak-doehat-do-zavedeniya.webp
a.drunkentengu.com/society/ 39 KB
40 KB 173ms
171ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/restoran-orhideya-smolensk-kak-doehat-do-zavedeniya.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b2735a7704a98c54ebd17db6ba3f8177006109dea422593d49dd1874c391a58

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39972
last-modified: Sun, 07 Feb 2021 18:58:22 GMT
server: cloudflare
etag: "9c24-5bac3a3242f80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8qKiN8fJZSYdqEqSfTaKPFTfPYx9hdqFMdU6EFTIKwMBIAvD49YpfJkYhfxLf%2BYx4KZlYIt9WKwSxYCrWzYxxkvpMYSLoVJm0GnhSOQYXXqCfZKvcEzZtcrVg1fbJ35FFuD57uM6pnGbM2XHOT0Hj4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517faa8fd7-FRA

GET
H3 200 zarplata-futbolistov-v-rossii-i-evrope.webp
a.drunkentengu.com/society/ 34 KB
35 KB 174ms
172ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/zarplata-futbolistov-v-rossii-i-evrope.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11cf5d305e18a8bdbf84235a89ef55304ebe093703bdbb56fd5a777d79409dbe

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35110
last-modified: Sun, 07 Feb 2021 18:31:02 GMT
server: cloudflare
etag: "8926-5bac34163c580"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgsnMjXUUwHBLfZcd5SXGaWMtiXBzgmsEIE%2BJTHp%2FW67ta3p33irPUcWQsDYSo5Tix1HEWbuAOf7LI4D7Z%2FrFjBp5cStENimq7vY5hMWCGT63VFzW7h05f%2FayiZSLQxU48eFIpczcVYMaEVzHnjzxfA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fab8fd7-FRA

GET
H3 200 kakie-samie-izvestnie-evrei-rossii-spisok-s-foto.webp
a.drunkentengu.com/society/ 20 KB
21 KB 175ms
173ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/kakie-samie-izvestnie-evrei-rossii-spisok-s-foto.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 514afe56f4096db5577453433116f23ce49af809e17f0882c102d53340098459

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20650
last-modified: Sun, 07 Feb 2021 19:25:08 GMT
server: cloudflare
etag: "50aa-5bac402ddcd00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KENorjzHPZVb3n3c7fn1CFt34RcrXkCCu9OsLBQyDDfXq0UfxLNRzkyEuAm5EuDyL9AFznTBBHW%2FDyyCMQwhABe28jc3QURFPj3MmSq1V%2BoGyVaLPK%2FonevZQMfQin0taUAuLn3gMJbl81qxV6SCFoQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fae8fd7-FRA

GET
H3 200 yaponskij-fizik-michio-kaku-avtor-nauchno-populyarnih-knig-5.webp
a.drunkentengu.com/society/ 40 KB
41 KB 176ms
173ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/yaponskij-fizik-michio-kaku-avtor-nauchno-populyarnih-knig-5.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01562d0b16ae096989171c81467c2b0ab3b61b01ab38c1c7c28e92ee741596e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41074
last-modified: Sun, 07 Feb 2021 18:31:56 GMT
server: cloudflare
etag: "a072-5bac3449bbf00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AW3lTbynu%2FBTKh4ienB%2BUwL0K%2Frb9Y%2BVgZ0p06dS59TNAa7C8M1ISi07QS224UK9k%2FzqgjM2ql9ecwPZvgJFdLLlzeKgUErXBNua8mpeGv3te8LZXIeAgBbHWgdc7kNYrC9qksoIxVyIdVzNmTSUMXM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517faf8fd7-FRA

GET
H3 200 idealnie-nogi-proporcii-i-parametri.webp
a.drunkentengu.com/society/ 19 KB
20 KB 176ms
174ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/idealnie-nogi-proporcii-i-parametri.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8caaf8b364fba9059cf0aee9140d73e9671b81d5714c91d612caf0b24dd834b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19548
last-modified: Sun, 07 Feb 2021 19:28:02 GMT
server: cloudflare
etag: "4c5c-5bac40d3cd480"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C2kiB7cIOl2xjovpS0Ya9QYgquR5nRHI1oUs8pe9zZ7VhFZdRKWveHsKNf6ct6DmaxulqyKD1SPVybHcIQri%2Bu%2BESaXHHr27Ioq9JUlfOOkyDA49EIbKB2hCstARp8RGlE8GgyLTcH0pkCUichYSKkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fb18fd7-FRA

GET
H3 200 kareta-iz-kartona-svoimi-rukami-chertezhi-s-foto.webp
a.drunkentengu.com/society/ 34 KB
34 KB 177ms
175ms Image
image/webp 2a06:98c1:3121::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.drunkentengu.com/society/kareta-iz-kartona-svoimi-rukami-chertezhi-s-foto.webp
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57d3fee7235c2629ed4b486be9a6fac878aa238666b8c67e961332ebffd2898c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34432
last-modified: Sun, 07 Feb 2021 19:23:36 GMT
server: cloudflare
etag: "8680-5bac3fd61fe00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1py0uKx5Sit%2FacPV2uc0C65niMzTVpLAmcKOpHpT%2F2H2DsSS47PPgnIkPrQhRVcf7tPQ33kg1Xr9AqS5KdGlpj8%2FLafPsgEvSy0TqHKL2k0c7mEk1FotYRWAAVqhXpZ%2FSE0pcNxY54RAc6Ze6auBZHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 73e4ca517fb38fd7-FRA

GET
H2 200 jquery-3.2.1.js Show response
code.jquery.com/ 262 KB
78 KB 87ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.js
Requested by: Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21

Request headers

Referer: https://bg.drunkentengu.com/
Origin: https://bg.drunkentengu.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:54 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-41707"
vary: Accept-Encoding
x-hw: 1661099814.dop007.am5.t,1661099814.cds276.am5.hn,1661099814.cds001.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79082

GET
H2 200 cookies_gdpr.js Show response
cdn.zx-adnet.com/consent/ 34 KB
10 KB 287ms
123ms Script
text/javascript 151.101.65.195
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.zx-adnet.com/consent/cookies_gdpr.js?0.8520747348142483

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.195 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31556926
content-encoding: br
last-modified: Wed, 27 Apr 2022 20:26:02 GMT
x-timer: S1661099815.133620,VS0,VE107
etag: "e816600dd00bd96b1fef78362730b72e57d5bac88839b4da007d48db85d79519-br"
x-served-by: cache-ams21025-AMS
vary: accept-language, x-country-code, x-fh-requested-host, accept-encoding
x-cache: MISS
content-type: text/javascript; charset=utf-8
cache-control: no-cache
date: Sun, 21 Aug 2022 16:36:55 GMT
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache-hits: 0

GET
H2 200 1duwt.min.js Show response
www.bigmp3db.com/ 66 KB
19 KB 219ms
81ms Script
text/javascript 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.min.js?ec19a36

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
server: cloudflare-nginx
duration: 289676
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=300
access-control-allow-headers: *
expires: Sun, 21-Aug-2022 19:41:55 EEST

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 205 KB
71 KB 261ms
121ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

fa581fefebecc84d3b82fa27a681ea2587caa31c61a7834c23550fdf64cdf240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-118dd"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 71901
expires: Sun, 21 Aug 2022 17:36:55 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 83 KB
28 KB 111ms
37ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/4c16a5bf-f43e-4a7e-b800-43adb3936d83/plugin.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

e9ce97f2c6670ea653b43bbd02ec2994eca3735a6018bdfa35909ed4b4a6bb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28488
x-xss-protection: 0
server: sffe
etag: "1309 / 732 of 1000 / last-modified: 1660946721"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 21 Aug 2022 16:36:55 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
461 KB 26ms
24ms Script
application/javascript 2600:9000:225e:ce00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/4c16a5bf-f43e-4a7e-b800-43adb3936d83/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:ce00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 22 Feb 2022 03:00:42 GMT
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 15600974
etag: "6dd0a13bde35d2daa452bba998871016"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA60-P4
accept-ranges: bytes
content-length: 471445
x-amz-cf-id: J_pU7k8cnY_ta5-YJpRfCDA1KZdhchsMjP2-fshVNx9Lvv5O06xaoA==

GET
H3 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 53ms
29ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220821

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bg.drunkentengu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5758
x-jsd-version: 1.0.1439
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19146-FRA, cache-iad-kiad7000154-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"669-U3xo+2ctiPtvj8ftIPnQBFf1f4E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGP68ZGGdBxGUPg1nWxKWSEG6yIUnqBI%2F%2FqAb3ot3PGKxPs74ru5Ziif33ZMVupBadSzQS9VQe%2BWB6FX4vn9dHqMkF3EzHQ9zZkJjBZI3Cqom4nUaWbkXwqJQJJsi7jzYYoPJ%2F%2FD8qTeXOPh%2BvU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 73e4ca556d3b8fd4-FRA
access-control-expose-headers: *

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
269 B 125ms
41ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?ec19a36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

814cd4d684f2f4fcc865ee658bff34666d3705008f7f58d70c3459ed9695ac9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.drunkentengu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H3 200 pubads_impl_2022081501.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 67ms
22ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 15:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3785
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133600
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:36:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 21 Aug 2023 15:33:50 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 105 B
117 B 100ms
55ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=bg.drunkentengu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a322cb3b815da898f7a87a90ffa4c0e2707cffe94d48f2f069ecd6f40ec548d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92
x-xss-protection: 0
expires: Sun, 21 Aug 2022 16:36:55 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/71856706/
Redirect Chain

https://mc.yandex.ru/watch/71856706?wmode=7&page-url=https%3A%2F%2Fbg.drunkentengu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A343%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.ru/watch/71856706/1?wmode=7&page-url=https%3A%2F%2Fbg.drunkentengu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A343%3Afu%3A0%3Aen%3Autf...

331 B
413 B

66ms
66ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/71856706/1?wmode=7&page-url=https%3A%2F%2Fbg.drunkentengu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A343%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A885800250356%3Ahid%3A164284044%3Az%3A0%3Ai%3A20220821163655%3Aet%3A1661099815%3Ac%3A1%3Arn%3A305352436%3Arqn%3A1%3Au%3A1661099815160690085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099814291%3Ads%3A16%2C51%2C58%2C18%2C0%2C0%2C%2C52%2C0%2C502%2C502%2C1%2C257%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661099815%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%B0%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D1%8F%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

4bdacb2acadc9f5483096974f545c2a321543ef8277dbba30302a89ec888f407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 21-Aug-2022 16:36:55 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bg.drunkentengu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 16:36:55 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:55 GMT
last-modified: Sun, 21-Aug-2022 16:36:55 GMT
location: /watch/71856706/1?wmode=7&page-url=https%3A%2F%2Fbg.drunkentengu.com%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Anlzej4hetv2v3mdqom1a0%3Afp%3A343%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A870%3Acn%3A1%3Adp%3A0%3Als%3A885800250356%3Ahid%3A164284044%3Az%3A0%3Ai%3A20220821163655%3Aet%3A1661099815%3Ac%3A1%3Arn%3A305352436%3Arqn%3A1%3Au%3A1661099815160690085%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661099814291%3Ads%3A16%2C51%2C58%2C18%2C0%2C0%2C%2C52%2C0%2C502%2C502%2C1%2C257%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1661099815%3At%3A%D0%98%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D0%B0%20%D0%98%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%86%D0%B8%D1%8F%202022&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://bg.drunkentengu.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sun, 21-Aug-2022 16:36:55 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 60ms
60ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
last-modified: Mon, 15 Aug 2022 15:05:51 GMT
etag: "62fa369f-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sun, 21 Aug 2022 17:36:55 GMT

POST
H2 200 1duwt.json Show response
www.bigmp3db.com/ 59 B
268 B 41ms
41ms XHR
application/json 95.216.65.102
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bigmp3db.com/1duwt.json

Requested by

Host: www.bigmp3db.com
URL: https://www.bigmp3db.com/1duwt.min.js?ec19a36

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.216.65.102 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

frodo.min.org.ua

Software

cloudflare-nginx /

Resource Hash

d01c32d57cc2d21eaa1b725fe400114aeb5e309f29f17d0a2538ffb612762705

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://bg.drunkentengu.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
server: cloudflare-nginx
strict-transport-security: max-age=63072000
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 integrator.js Show response
adservice.google.nl/adsid/ 107 B
792 B 83ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.nl/adsid/integrator.js?domain=bg.drunkentengu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 94ms
32ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bg.drunkentengu.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
8 KB 358ms
358ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3795423703058729&correlator=2089835014036589&eid=31067825%2C31068919&output=ldjh&gdfp_req=1&vrg=2022081501&ptt=17&impl=fif&iu_parts=121764058%3A22612148122%2Cdrunkentengu.com_SF&enc_prev_ius=%2F0%2F1&prev_iu_szs=700x100%7C728x90%7C750x100%7C970x90&ifi=1&adks=250063525&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1661099815399&lmt=1661099815&dlt=1661099814427&idt=948&adxs=450&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbg.drunkentengu.com%2F&frm=20&vis=1&psz=0x-1&msz=700x-1&fws=640&ohw=0&ga_vid=754535550.1661099815&ga_sid=1661099815&ga_hid=1053371788&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ac105cfb16342981817f978d44838d13ff350172444debd8bdd1847b9ce5cb2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8113
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://bg.drunkentengu.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 134ms
69ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e10163106695b4f032d883cbea74cacb3c041fde3b317fc2fbf8b859a4e20af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11048
x-xss-protection: 0

GET
H2 200 container.html Show response
9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7DAE 6 KB
4 KB 143ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.drunkentengu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 16:36:55 GMT
expires: Mon, 21 Aug 2023 16:36:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 16:36:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57CA 13 KB
5 KB 100ms
32ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.drunkentengu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 11510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 13:25:05 GMT
expires: Mon, 21 Aug 2023 13:25:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BDE7 783 B
1 KB 92ms
42ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbc20e1114ee6feaffb20e41792553d8b491265f27780bbf2ad1367c7d5d13db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z24pGMNvrVRVdrA3Umip6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bg.drunkentengu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-z24pGMNvrVRVdrA3Umip6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 16:36:55 GMT
expires: Sun, 21 Aug 2022 16:36:55 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 container.html Show response
9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 190F 6 KB
3 KB 73ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bg.drunkentengu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 16:36:55 GMT
expires: Mon, 21 Aug 2023 16:36:55 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BDE7 0
0 99ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081501&jk=3795423703058729&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 57CA 36 KB
14 KB 63ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 16:25:47 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 340E 624 B
975 B 110ms
58ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDKGhDLjhsYhev3RjAB&v=APEucNXuYXtZWGmKbdLH1hSc2Ts6eGB8_WlIjQczTh6PQcGnAoZBmaCKIku2w1y26-IfVw4W-9OQgSaSo4DYgfoy874gWyFTokPVWcAPgGzVUY2f91j3BseWSHddgctFrwOLtxQd9jt7Sbl6N6QcoHLGaJSwE5OOyQcrYxtFwaRciBYqdJSVJ0fT4m4_camfC8RXLDlWHGa2x6PbLetQfe0Z7BO-VD2pZA

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 16:36:55 GMT
expires: Sun, 21 Aug 2022 16:36:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 190F 85 KB
35 KB 131ms
79ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3W-IzIkLmWKfAWvUTAk9CkMfDVv2a1RkcPJoDjz6-NFUzkuGtelLtsCsybcVhVE3iKVHEIqkepnNIaq_933Khf7QvJdqEyRz9TwXKHdg05n21A3RuV2uRLIGyz1hDguOgVx-GUzrbl8hxreYBumoyFX6CFg&dbm_d=AKAmf-BooFTnqKLczGnu3Ap-mZGkJtMJ4cAVdHMGD967dCYGa57-2LKoPSNGSAkikKoEZxCJXtl3XWZSILyEwI7jDiohpWKPLd5qXr_23LWQd6O8pMWZ0xrsLxE59h1c-PtXf3CcQHzDiTYwb9fpy4CQ2ubgkd6UM3S3D1Yqn-EAqjtTs0CJT3VYNP1pz2hGdN7h-LbWqBSXLtvonSVIjcC08ybmqyY6xkdFjUkBwsEvFijahcI2dgqlx7Hge28BzqcURXtDO-iGIFagCEdWeCJ-iSbvu2RCXqqRJgJSX6vMkGD6wpB2ifxIsPqiaZxc6mILMwrFtNtflsn5-wUmP0ysYJSbVtbD2UbxtJRQqltNJvqtaAbIZ4tPz3JO0SBW8WT4MZzOka_xOfkPFjBlYSNoaKb47yRxs-HZdJYRP93ZUU2t2Rsgh9mmvg5gMi-39vOZsqHIbo1fm67gbsSxWWUNdjxb1cvGTDEE-i1WYGTR4Z3B_JddvSzmaONIB-xzK7yLH7EM3xtk07B_ykQVr8c1hmMkmCW4UnqKTJnFca9I2QE_QkplC_aMOKGp7w2TzRjQumVcBgjp-Ig7oxZfvShpXl-S9FACcFm-tFjnvftq2YD8fOmw2wN9EJdZnXbSxMqY07Xd-Sf_lUfrqawbtxYmC9A4aMrp04LC4KZRM5S1-8o02bVmIRsMjaBPGhv6tTULO1pI6xET_BgaOi7zlGu5YZrHEAujNlQ1LeY_gbIRAwAM-o9tRMk4-paf9y_BUJgVmP4jAndrK-BwTTt7Bh-Lkc6ZurW1GMkN68qFd0nJAoFvi3SzrKC-72nuKi7AzlPi4bAkIRFbgyWc_pBKSofTz0jvPOWRCtLj-hLv1IVOCxrgXB1HNBmc0QMgkRAk0NHFtowGkkjhiDZRg2Ap180VkDjZ_VZrjeKpK7h2wgbNZ2Tn4qCEqgXcSXj8hgfu8ZVaA4aBu46tOfcDm-rPoM5X4M5f8ZdbeXqPcqDQTOs4AmWzbdtnqU2SZ2vK2Mwh0adgqj5Blrg6K3VhIXSuCO_tJPJq4AXrME8p0z3uQdcx3Z4OAqA_xMCgvZvb9Srwsmv4YGFc0N1QR6U7dShY6XAZZpm5_4tPMet9yUuVO07cdRODkyfen-s14-968qBx8qZfDwJT8dxy03pEjeVY0Iwdwudmx70BYFXriUHUT-D93HbGcbB80cnUh1tbwQWewwz25T7S6Z0iV_0KEcgJSp36wv5NWBQvsOG1ELcUqPMVbUyDsgT3NBYYRK_mVHDAe9aJCfQ4LXnG-RpkJlUbyx7LRq1X3J_iQT23RXJxCdSmRSFhO13KktGBHPh5Q9XAT6ml3HPpso-J2UTMZwkhgqvyqhCS8EySXi3mtHlIgyxKl3zFG49LJqV817hPR92ENdYuQtfHE6GHttaDYnnqL5hYLfIHnQcYN1adFtdLnyBH2e3jMHSA2BYPC0IbIK-0QZBKFyR0xAY10Mpgcbe2J0SxOkoQzijbkLikkT4qvJAd5YwmsP96ct3-Z8MUferMVfarQjtFN8_UGbMZ6-6pIZLXPpxbdaXIDuSj5j0590mhBsJJN-o0CWS2FwsqtI2Zc4Np2Ejh9GIi65si8teKXsIfogZDYjwlTzfL8si21MmSDB1D7oNlaEr-hwSqvH0RkQkma2-sXBB2Gl6YgiqwSsJnhzKHB2Lzu4yF5CMHFHt-Asl3kJwo99q_8mNfvxWuha703-4yMLN7seKHmmPZqNBx4gnvb2Tbf0xRLVXG35QK_oqsKnKY5f36hOmdkYTiqd6OuV76Uux3C1pVWUG45oTDtD7MMaq03zmniO13sIJ9hKHIsBq58O1ClixqnK87UA4yNUvuLrRC-W-LSevKOA1UpOh3d9dEBaaUEtc7L9qYt6QyFahhf1Que9JmrB0eQR7kstvGIMh2HAEPltWeRwyMtwKlu-bmPMglg9g92tX4uQYSnuAZsnhhMeHI88AdsUxFpxsXNQaGHII0w1i9Y1w1yJt2QisLu9OzoGErEL_r6Jw4HYSonN5c3n-klc0-dj7P96-OCiftKbY0qau0s26t-IN03AhM32srjKvswEskkorzk7QLVw4BYrGSuaDfNIg44PrFg_CtTlVnVKnz1Owr9V2u81YJysNAYx2Ikni9HJwTASuaNMIqv2YIpiFCzSQtP1hl0K5fCyrBzW4Bl6aypVAz4Zj7b2_2_zYRqjP6X8bllHLTJNFdXv0tXgEsfi1PeKqxBaklNXqN870aSV-3hNSLFJieM5Ief7mqx0F9UzHw-GTuUe_mSkSv6wqsBHllN8dmFk9xWgs-jh_YnuMRc6kHDCWZVyDTQQERHrozAffkcbl-8518rhPxIOfKfLa8zNNKl0hSf-W0fDgoKW4UwoSK4lZ5QsnaE_nIce6rWfMQIV--GCOPQdKiE_MU8lSloPhnfr-le9gR61KFE9G6fU4XkEd_6byiS3qZ74Sh_qWy1YYsKQolAjwht72TIUHzN2rwegkS-sRGK89d8uCbdYYAunt1fooR3kXegU8IlC7yeJdqQAbqKov2kg4uuDmKgEyitUUIobBA93O78rywgYBtttFmNTAumU4mjK7-35u4MQEPVwNtkViQHSK5OcFHLrtdb7PF_WY9KrRYtrnIjLIjGRfxDbtNN_ZH-vo46yR2ZOJIf0xl_rjMtU1S5BMAb4oyfWxqgsPbDIbO-sgnOx7CuemZGw5I5lIYqlqXhID_T9TULvmwj7YG8Q_DhtrXwNHnxnNEr3iGM4-Zs2reFBhXCYxNgm9AcaPzv2bBB5KP7Jo3XhGduAcCgPQ31zRGOyoG8_AMv51bvOJkFDBFak28J_1VP9v2Wj2r0fLl2YsPIvzuW9Ic19L1g52y8zDbnQjPE0sedKdeGKcsdoW528jDDF-tDwKibQ3NfeQ36JeQzGHSqGuf0j4NldlxOoif12bQJ4yQsDLOtf4U89y0GbteYcWlPextg5-5dClbc7auSjvi-qw3mYm2pO3dCGOKmvVPBkzJfw-BSkV8YGsTJoes3el2go4Ecu__ejjZtCSYAPhm35ral0avEhzHZ9-RgX3OQjisBF8rJRzNXfrVt9_r9c_pKZJLwb5OI-bol_kEy08iIfSr0OdgI3NRzVjJzUI1Q9M2TWvTkJ6ru8ZxcFittUNC-R9M683st2BXykexr_nijoOGp98w0iadfUtoazjbkHlGgWmozC5-XZJwx-0sMHUmjKf-bzzJg0UQ6ZzOZwzJmd8baW6q65ojK8khIxuMlSGsonFnbGlvzAg-C95GQsFNFtfrQCI7jaEuKo0XrZjA_SpO_lM_4wjBoyW0pE6VCBEU-DKyHFhJwzgRhs148f75hfBwamaiL3UedJKvHA5PLY6Wq13SNIL-GsgNSrIo9LQRoJ9z9qlYYVR_0smtcUKvA4vZUyQynMo1UZD8_sfHEp3zXvwiqbWSytu8VV9Uh2bP5_Usj5rCVK_q8RNciPT4SvoqJMs5irCMP8xmugn8nHL12PFMZJqkM4wyj3q8P7sbiFJX9l8ozALXoftCMW0msw&cid=CAQSLQCsnQUxMtHBTdeX9YdMGQy2e_dMiu5bKJvckfaKf4hBgMh5KNoyep2NFg5lJQ&rfl=1%2Chttps%253A%252F%252Fbg.drunkentengu.com%252F%240

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d2af5ea7b4164ec808949f1d2ec37cf3bc2f93a0969d18f4d95164fdc354205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35442
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 190F 42 B
63 B 54ms
54ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Clp6fIGt7s8OqiPy92l0oGx5v6AcE6Ri8ioCjap_1PkLA4-Qzcd2gcvFi7qaDENeFLc7NRC_6a_DXjBvDjdZFkkigVfA5QFuGGDQW14xbl1mkQCTA

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 190F 3 KB
1 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/window_focus_fy2021.js

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:34:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:34:06 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 190F 140 KB
44 KB 82ms
30ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44050
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1660737283953252"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 16:36:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/ Frame 190F 17 KB
7 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220817/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:30:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 57CA 0
10 B 32ms
32ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?soWnxA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 340E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEImFSrXCRZU1z8gUrcxedzg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEImFSrXCRZU1z8gUrcxedzg&google_cver=1&C=1

43 B
910 B

48ms
48ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEImFSrXCRZU1z8gUrcxedzg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDKGhDLjhsYhev3RjAB&v=APEucNXuYXtZWGmKbdLH1hSc2Ts6eGB8_WlIjQczTh6PQcGnAoZBmaCKIku2w1y26-IfVw4W-9OQgSaSo4DYgfoy874gWyFTokPVWcAPgGzVUY2f91j3BseWSHddgctFrwOLtxQd9jt7Sbl6N6QcoHLGaJSwE5OOyQcrYxtFwaRciBYqdJSVJ0fT4m4_camfC8RXLDlWHGa2x6PbLetQfe0Z7BO-VD2pZA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e4ca5b1b579296-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcw%2FeaU24xyCn%2BCLzfk5Tciri1ESW%2B3siivQQfcGHj4d4lyzXmXydlxvTmlwy42n906hF2JVlLebdv4wFrN%2F%2Fk3GL833pTEhvpSZMEou8ULPe8sFVFrghjWbdu4D2dfYrGaFjBxNGgbs6A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k2t50Ruwecmbt1Cp%2BQir4YeaRMtqGWkjVS2T7vk5LfF7rQyuErWoW7o7xvoVNZKJDPYbD0vWcANWooJNSnxI4Vb%2BwW3MOpQhDmEPUMTdTIX1teXDZ%2FS%2FSioDRIJMPbpTGIfwmNM9AfAMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEImFSrXCRZU1z8gUrcxedzg&google_cver=1&C=1
cache-control: no-cache
cf-ray: 73e4ca5aca8e9183-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 340E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwJfKBEosPN6VsnQJ1oBvgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDXGeCpgMF3GB86cwmIXI24&google_cver=1

43 B
909 B

38ms
37ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDXGeCpgMF3GB86cwmIXI24&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDKGhDLjhsYhev3RjAB&v=APEucNXuYXtZWGmKbdLH1hSc2Ts6eGB8_WlIjQczTh6PQcGnAoZBmaCKIku2w1y26-IfVw4W-9OQgSaSo4DYgfoy874gWyFTokPVWcAPgGzVUY2f91j3BseWSHddgctFrwOLtxQd9jt7Sbl6N6QcoHLGaJSwE5OOyQcrYxtFwaRciBYqdJSVJ0fT4m4_camfC8RXLDlWHGa2x6PbLetQfe0Z7BO-VD2pZA
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e4ca5babf59296-FRA
pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6p2jf%2FqbRa%2F8pPM9aLLoSx65Lbkp7df%2FC0nby4MK58nmxjl3lvOWWij2vY7GAiNjtlYUPvGl%2BiFso1DRFT3FCDw64VS8sOqlFwSdKShV3sDkgvm2lbugG49DcJfEu6z5fMR4lyKDKxeVQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEDXGeCpgMF3GB86cwmIXI24&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 340E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC8Y1hze_NVnsqDu_Ad_mTE&google_cver=1

43 B
1014 B

43ms
14ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC8Y1hze_NVnsqDu_Ad_mTE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNDKGhDLjhsYhev3RjAB&v=APEucNXuYXtZWGmKbdLH1hSc2Ts6eGB8_WlIjQczTh6PQcGnAoZBmaCKIku2w1y26-IfVw4W-9OQgSaSo4DYgfoy874gWyFTokPVWcAPgGzVUY2f91j3BseWSHddgctFrwOLtxQd9jt7Sbl6N6QcoHLGaJSwE5OOyQcrYxtFwaRciBYqdJSVJ0fT4m4_camfC8RXLDlWHGa2x6PbLetQfe0Z7BO-VD2pZA

Protocol

HTTP/1.1

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 16:36:56 GMT
X-Proxy-Origin: 185.17.184.2; 185.17.184.2; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: eeec69a6-b12c-4333-a834-430feecb6b6b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC8Y1hze_NVnsqDu_Ad_mTE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 340E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxOTI3ODE1MzY5OTYxMzI1Nw%3D%3D

170 B
188 B

78ms
34ms

Image
image/png

172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxOTI3ODE1MzY5OTYxMzI1Nw%3D%3D

Requested by

Protocol

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 Aug 2022 16:36:56 GMT
X-Proxy-Origin: 185.17.184.2; 185.17.184.2; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: fc919c24-0fe6-4aea-aa61-96954cd04419
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMxOTI3ODE1MzY5OTYxMzI1Nw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 190F 170 KB
59 KB 84ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
Origin: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 17:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81861
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Aug 2022 17:52:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/ Frame 190F 8 KB
3 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B3W-IzIkLmWKfAWvUTAk9CkMfDVv2a1RkcPJoDjz6-NFUzkuGtelLtsCsybcVhVE3iKVHEIqkepnNIaq_933Khf7QvJdqEyRz9TwXKHdg05n21A3RuV2uRLIGyz1hDguOgVx-GUzrbl8hxreYBumoyFX6CFg&dbm_d=AKAmf-BooFTnqKLczGnu3Ap-mZGkJtMJ4cAVdHMGD967dCYGa57-2LKoPSNGSAkikKoEZxCJXtl3XWZSILyEwI7jDiohpWKPLd5qXr_23LWQd6O8pMWZ0xrsLxE59h1c-PtXf3CcQHzDiTYwb9fpy4CQ2ubgkd6UM3S3D1Yqn-EAqjtTs0CJT3VYNP1pz2hGdN7h-LbWqBSXLtvonSVIjcC08ybmqyY6xkdFjUkBwsEvFijahcI2dgqlx7Hge28BzqcURXtDO-iGIFagCEdWeCJ-iSbvu2RCXqqRJgJSX6vMkGD6wpB2ifxIsPqiaZxc6mILMwrFtNtflsn5-wUmP0ysYJSbVtbD2UbxtJRQqltNJvqtaAbIZ4tPz3JO0SBW8WT4MZzOka_xOfkPFjBlYSNoaKb47yRxs-HZdJYRP93ZUU2t2Rsgh9mmvg5gMi-39vOZsqHIbo1fm67gbsSxWWUNdjxb1cvGTDEE-i1WYGTR4Z3B_JddvSzmaONIB-xzK7yLH7EM3xtk07B_ykQVr8c1hmMkmCW4UnqKTJnFca9I2QE_QkplC_aMOKGp7w2TzRjQumVcBgjp-Ig7oxZfvShpXl-S9FACcFm-tFjnvftq2YD8fOmw2wN9EJdZnXbSxMqY07Xd-Sf_lUfrqawbtxYmC9A4aMrp04LC4KZRM5S1-8o02bVmIRsMjaBPGhv6tTULO1pI6xET_BgaOi7zlGu5YZrHEAujNlQ1LeY_gbIRAwAM-o9tRMk4-paf9y_BUJgVmP4jAndrK-BwTTt7Bh-Lkc6ZurW1GMkN68qFd0nJAoFvi3SzrKC-72nuKi7AzlPi4bAkIRFbgyWc_pBKSofTz0jvPOWRCtLj-hLv1IVOCxrgXB1HNBmc0QMgkRAk0NHFtowGkkjhiDZRg2Ap180VkDjZ_VZrjeKpK7h2wgbNZ2Tn4qCEqgXcSXj8hgfu8ZVaA4aBu46tOfcDm-rPoM5X4M5f8ZdbeXqPcqDQTOs4AmWzbdtnqU2SZ2vK2Mwh0adgqj5Blrg6K3VhIXSuCO_tJPJq4AXrME8p0z3uQdcx3Z4OAqA_xMCgvZvb9Srwsmv4YGFc0N1QR6U7dShY6XAZZpm5_4tPMet9yUuVO07cdRODkyfen-s14-968qBx8qZfDwJT8dxy03pEjeVY0Iwdwudmx70BYFXriUHUT-D93HbGcbB80cnUh1tbwQWewwz25T7S6Z0iV_0KEcgJSp36wv5NWBQvsOG1ELcUqPMVbUyDsgT3NBYYRK_mVHDAe9aJCfQ4LXnG-RpkJlUbyx7LRq1X3J_iQT23RXJxCdSmRSFhO13KktGBHPh5Q9XAT6ml3HPpso-J2UTMZwkhgqvyqhCS8EySXi3mtHlIgyxKl3zFG49LJqV817hPR92ENdYuQtfHE6GHttaDYnnqL5hYLfIHnQcYN1adFtdLnyBH2e3jMHSA2BYPC0IbIK-0QZBKFyR0xAY10Mpgcbe2J0SxOkoQzijbkLikkT4qvJAd5YwmsP96ct3-Z8MUferMVfarQjtFN8_UGbMZ6-6pIZLXPpxbdaXIDuSj5j0590mhBsJJN-o0CWS2FwsqtI2Zc4Np2Ejh9GIi65si8teKXsIfogZDYjwlTzfL8si21MmSDB1D7oNlaEr-hwSqvH0RkQkma2-sXBB2Gl6YgiqwSsJnhzKHB2Lzu4yF5CMHFHt-Asl3kJwo99q_8mNfvxWuha703-4yMLN7seKHmmPZqNBx4gnvb2Tbf0xRLVXG35QK_oqsKnKY5f36hOmdkYTiqd6OuV76Uux3C1pVWUG45oTDtD7MMaq03zmniO13sIJ9hKHIsBq58O1ClixqnK87UA4yNUvuLrRC-W-LSevKOA1UpOh3d9dEBaaUEtc7L9qYt6QyFahhf1Que9JmrB0eQR7kstvGIMh2HAEPltWeRwyMtwKlu-bmPMglg9g92tX4uQYSnuAZsnhhMeHI88AdsUxFpxsXNQaGHII0w1i9Y1w1yJt2QisLu9OzoGErEL_r6Jw4HYSonN5c3n-klc0-dj7P96-OCiftKbY0qau0s26t-IN03AhM32srjKvswEskkorzk7QLVw4BYrGSuaDfNIg44PrFg_CtTlVnVKnz1Owr9V2u81YJysNAYx2Ikni9HJwTASuaNMIqv2YIpiFCzSQtP1hl0K5fCyrBzW4Bl6aypVAz4Zj7b2_2_zYRqjP6X8bllHLTJNFdXv0tXgEsfi1PeKqxBaklNXqN870aSV-3hNSLFJieM5Ief7mqx0F9UzHw-GTuUe_mSkSv6wqsBHllN8dmFk9xWgs-jh_YnuMRc6kHDCWZVyDTQQERHrozAffkcbl-8518rhPxIOfKfLa8zNNKl0hSf-W0fDgoKW4UwoSK4lZ5QsnaE_nIce6rWfMQIV--GCOPQdKiE_MU8lSloPhnfr-le9gR61KFE9G6fU4XkEd_6byiS3qZ74Sh_qWy1YYsKQolAjwht72TIUHzN2rwegkS-sRGK89d8uCbdYYAunt1fooR3kXegU8IlC7yeJdqQAbqKov2kg4uuDmKgEyitUUIobBA93O78rywgYBtttFmNTAumU4mjK7-35u4MQEPVwNtkViQHSK5OcFHLrtdb7PF_WY9KrRYtrnIjLIjGRfxDbtNN_ZH-vo46yR2ZOJIf0xl_rjMtU1S5BMAb4oyfWxqgsPbDIbO-sgnOx7CuemZGw5I5lIYqlqXhID_T9TULvmwj7YG8Q_DhtrXwNHnxnNEr3iGM4-Zs2reFBhXCYxNgm9AcaPzv2bBB5KP7Jo3XhGduAcCgPQ31zRGOyoG8_AMv51bvOJkFDBFak28J_1VP9v2Wj2r0fLl2YsPIvzuW9Ic19L1g52y8zDbnQjPE0sedKdeGKcsdoW528jDDF-tDwKibQ3NfeQ36JeQzGHSqGuf0j4NldlxOoif12bQJ4yQsDLOtf4U89y0GbteYcWlPextg5-5dClbc7auSjvi-qw3mYm2pO3dCGOKmvVPBkzJfw-BSkV8YGsTJoes3el2go4Ecu__ejjZtCSYAPhm35ral0avEhzHZ9-RgX3OQjisBF8rJRzNXfrVt9_r9c_pKZJLwb5OI-bol_kEy08iIfSr0OdgI3NRzVjJzUI1Q9M2TWvTkJ6ru8ZxcFittUNC-R9M683st2BXykexr_nijoOGp98w0iadfUtoazjbkHlGgWmozC5-XZJwx-0sMHUmjKf-bzzJg0UQ6ZzOZwzJmd8baW6q65ojK8khIxuMlSGsonFnbGlvzAg-C95GQsFNFtfrQCI7jaEuKo0XrZjA_SpO_lM_4wjBoyW0pE6VCBEU-DKyHFhJwzgRhs148f75hfBwamaiL3UedJKvHA5PLY6Wq13SNIL-GsgNSrIo9LQRoJ9z9qlYYVR_0smtcUKvA4vZUyQynMo1UZD8_sfHEp3zXvwiqbWSytu8VV9Uh2bP5_Usj5rCVK_q8RNciPT4SvoqJMs5irCMP8xmugn8nHL12PFMZJqkM4wyj3q8P7sbiFJX9l8ozALXoftCMW0msw&cid=CAQSLQCsnQUxMtHBTdeX9YdMGQy2e_dMiu5bKJvckfaKf4hBgMh5KNoyep2NFg5lJQ&rfl=1%2Chttps%253A%252F%252Fbg.drunkentengu.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:31:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 353
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 18418590997839133011
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:31:03 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/ Frame 190F 30 KB
12 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220817/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:30:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11819
x-xss-protection: 0
server: cafe
etag: 10563440404697844360
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 04 Sep 2022 16:30:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 190F 41 KB
15 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 19 Aug 2022 07:50:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 07:50:57 GMT

GET
DATA 200
OK truncated
/ Frame 190F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 980c9465f4f4c3b95280c077d235cf64b06fb99793924789211c647046da9b68

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame EBAB 22 KB
8 KB 33ms
32ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 204359
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 19 Aug 2022 07:50:57 GMT
expires: Sat, 19 Aug 2023 07:50:57 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame EBAB 36 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 16:25:47 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 3 KB
2 KB 75ms
30ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e566eb82a43d5f8c6484843f792eb465c2b13335b6727baeee13b5a2558e9ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1758
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 21 Aug 2022 16:36:56 GMT
expires: Mon, 21 Aug 2023 16:36:56 GMT
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 190F 0
613 B 155ms
69ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLI7Z24UxtD8o3qtVyfKXJQDXb7sVchTPvl5LTq1gGRemsM7HWUWcoSp7wlXICTpxqrVGsFmtzT6Z_-V8oGGLlSSmxwZDPUXKTt5uiSJJbfPmvjWSKU2U48RjrWaq2jhcooKRoeN9xdfYz9gDmTDp87Qh5Yk-R3aegk1ajeyOFsoLxRVSXs-NK1GHYfmQ-gAya2bcVX1ai_nm6PtxRK0oZQKQar0k4j9bDhEvDuZnwm3xK-UBItbPefZ3s1Q3HVl8F7iCt6fY7rFxsgNi1XsFVyyVOVsGSSDXRDNZq0lp90b_rTVFYN5xVD3rKvEj4JoX4XgwW7vbx9iu6B03y4IBxkex1mUwYw6SRKRXW2Ds5BdEQLKfkWeol8xHINYqsUTmKhkDbxnRBBpSFNnMwkCpsPm_fbCZSbnmSDRfEFU_u7A4edDhahSayBerQ89R9kyKKqtOsXmHaxZtDb8yPSC5gbqJYLmdWU-ciNDY5eho0J44vk_8i0d_YbFH8upeW5xTgOJbKDjtkWxjcefqorhM6vmbaek4g-QRIEqtbMxSt_UAC001NdPBdtp6guwLfL7INYJE0mGDkIYl94vvbgY_GkD0s_rPEUmvcPyNQR6e0TAzpZVbjeC9DZxPv-tBzy-B6eEhCI36t3Xt025eiD9Eybg0Fv99mbqezKTm0djUPTzg-BRmMFZZGVktkvdc4hP7qQsRZWuNL1TguhNYtocaBt3Piu_5yRlyZgPugS1_yktxkBVpn5oRmciM3jWKLoXHuNtLoi8UPNDYnKXw4eNmkuDHX1Iv10urGJ3sl4huqpquDbJxs96xs3YqZ-JNaZ-RcenhdZnPodu9Fdl4IK7kQUBgfsVlTdPNjLHJktlfNDIMkXi5vm0tRcLgIs431K1ogvy5yR1U7Zs8CwxVM5vmB0G4BZRTyfYJVuiih9kynlU5b0AQSQM14DQzHyPDHrOxAPAXu9ndgk2ssM_plU4gcqie397D-XiLqUnGZEMWMLRF-CtVoI3PTku5viXYl6evG5dWeieQ3uvATlP5Rz_YiQEGuhc8YtGApWg7DTRSxBXmS56kjYaP7LeFq0NoOwTXTJCqh3bFWWJYI09P-t0-tMNzAFCz-yr7tgI_ohb-oG1Nqz6IZ0ljKWVmQlzJhvDdWprtAn2T-1PeTXzBB8GtGunZhgDfrh8_3Df72em1ulnqlNi34Tz9zzU6TlBTK0rE25q5RjVrcT5iLpBa692MUdcTzP6ltVgiB8tL2Jzg8NrJS3DTvU19GrTEeDJ5a06Uv46H2-veaGx2FAdUVU_YvWCpUxpwOcK2D&sai=AMfl-YSrT_xtBiFS75-AoTHNm7Cy15ET5ZsoVEDq-TUx_ircFW-fAdfHgE_LmWvZfhyQ-sBqknij5_DTKufn88A1paWDwhfzqvP96EMlt1WlLNv7514c7icl21TVRSPTtIHDDMsVA4_n6wM3RJ7zPb6j9qtpTleWjTb6LOkhA4joVxsd8WfK20chhcsNojNMETrBLwJhqdAQbCEUlUUfCY2sVAGDlvHG7HjNrMNFYA&sig=Cg0ArKJSzNF5CkyUOzSwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=131&cisv=r20220817.11376&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 21 Aug 2022 16:36:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 94EC 118 KB
40 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 07:12:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33848
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 07:12:48 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/ Frame 94EC 112 KB
33 KB 78ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.3/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2140679
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33383
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c0ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RHC0Y84VXGdnOf3uvU0nZYJFAOVwnwMD2HjR%2FBEcOOdgVXYPl2ry5yB%2BCZxdrZyujTOlXREMXxWiAU8afxNXBei%2FSzkPRz8le63E19IWrytPTT9aUPTKPIrZdJVMibfS3ws8IflJBcWjVubMrr%2FMiZLH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73e4ca5c186d993f-FRA
expires: Fri, 11 Aug 2023 16:36:56 GMT

GET
H3 200 srbundle.js Show response
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 63 KB
20 KB 35ms
35ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/srbundle.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb3ae2447c5639af547b26ef41059335562ed70b1d403dddb0b26b65002a0134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:25:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20412
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:25:14 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame EBAB 0
20 B 60ms
58ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8ioZJ18CY6-mO5Sk9u8PgsGE4A8AAAAAOAHgBAI&bg=!ISKlImbNAAYUOm8VNDo7ACkAdvg8WqvDnimC2EWVOoDq6vA0rW4MJJDMnHr0zH9hmNdAFIJ4y7fEIAIAAABOUgAAAAJoAQeZAxcxeE2LxeCqj6FTcOuSv1TG4K9gCUNb9ki2UVYc3f1TBLvuodw1Cbsnjn8COSEKNSMpUS6F-X3voB0VhHi_ARzvy_GfxQ662-Q-FC--4teD65S1FFuDN6rp6-smdJ1NeJi-wh2qZlzj6lTfioaNFbE9dkIZ8oqh8fhqKszznRfmB8X54hBGIN0pnjHLoyWwhqJ2RPpCF16iTIzYVdw3yLK92aCGnK87PGa9XsMzO5yoAaT6ovwFsXpsWm06UxbE0K4XDTq-9nsSmCbpC9jEkIRVqX9QGyhUErCvuj4BvvFSy-qI6gQnQHZo6BP5KFSlGnvvsdjS2CaHPOmqlOTFeY5-ODPOs0KUZrvhGaCFs9ZyhD1FTjnfmR-HSwT33-hIT4yOq9uB195bXBC6yUS-7cZ1Eh1438goFBWaoKYzjZnQcIHO_kvNW1XtbhVv7l9GFrbavMGUVWGwYtyqcNVtmSDA1GDlbaHS2Q4x9R_cYHGkfYE2mZq1DvQ2h2RKaSCai61o-txbsb1njrX-1KJkQqV3Mu02lL-wHHtBTmGK68sufwGMW9k9NpH9DlMZd7C7xKdDq49YJHCSmssbtSoCxdYaeEqSKdEC0A-E8oKzQwWQT6WueEB9qaWu1H5YUHh9m8JOw3sEdfZo2tQfHK39IMEfwvOew3vG0GmAAMZcZI4vlpq2cg5IvXixcUS3NuGXtSZE8gh1r1Dizyk6cMdRMBFFql18bmnBpjkRG01oKV1etILyykmTJF2wuNDJdFcmMtKrMS81WwJMcyK8yADE83Svj56D7t5XlV6ugV5yUAukq7sC3geXR1bIo3JVWJ9Fg3LC50FyZlxA5YqvgbCG8i7z4kBaV4arVIDAnR_R_XjxayV-dk59tK1hsh1jMCKgEqbK4uql7aaVdBC7hDCD56XKO_6J-18bBObzEi0AjhY02etfisrObAKubcmxHYZvGPBonYoke8t9ja3JeiLEBK_uoqAiKkc5YkJMVV5usp33mrOsXXsPfJ2kBOxUGBwqrLJIBH5nIbMaxhjXr0H5SRdr79OKJrdMaw

Requested by

Host: 9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
URL: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 94EC 756 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cf8edfe17793caa3eaf3cb5b0b1d715810e2483f4baa9f2901c389af009113b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 190F 0
26 B 102ms
59ms Ping
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLI7Z24UxtD8o3qtVyfKXJQDXb7sVchTPvl5LTq1gGRemsM7HWUWcoSp7wlXICTpxqrVGsFmtzT6Z_-V8oGGLlSSmxwZDPUXKTt5uiSJJbfPmvjWSKU2U48RjrWaq2jhcooKRoeN9xdfYz9gDmTDp87Qh5Yk-R3aegk1ajeyOFsoLxRVSXs-NK1GHYfmQ-gAya2bcVX1ai_nm6PtxRK0oZQKQar0k4j9bDhEvDuZnwm3xK-UBItbPefZ3s1Q3HVl8F7iCt6fY7rFxsgNi1XsFVyyVOVsGSSDXRDNZq0lp90b_rTVFYN5xVD3rKvEj4JoX4XgwW7vbx9iu6B03y4IBxkex1mUwYw6SRKRXW2Ds5BdEQLKfkWeol8xHINYqsUTmKhkDbxnRBBpSFNnMwkCpsPm_fbCZSbnmSDRfEFU_u7A4edDhahSayBerQ89R9kyKKqtOsXmHaxZtDb8yPSC5gbqJYLmdWU-ciNDY5eho0J44vk_8i0d_YbFH8upeW5xTgOJbKDjtkWxjcefqorhM6vmbaek4g-QRIEqtbMxSt_UAC001NdPBdtp6guwLfL7INYJE0mGDkIYl94vvbgY_GkD0s_rPEUmvcPyNQR6e0TAzpZVbjeC9DZxPv-tBzy-B6eEhCI36t3Xt025eiD9Eybg0Fv99mbqezKTm0djUPTzg-BRmMFZZGVktkvdc4hP7qQsRZWuNL1TguhNYtocaBt3Piu_5yRlyZgPugS1_yktxkBVpn5oRmciM3jWKLoXHuNtLoi8UPNDYnKXw4eNmkuDHX1Iv10urGJ3sl4huqpquDbJxs96xs3YqZ-JNaZ-RcenhdZnPodu9Fdl4IK7kQUBgfsVlTdPNjLHJktlfNDIMkXi5vm0tRcLgIs431K1ogvy5yR1U7Zs8CwxVM5vmB0G4BZRTyfYJVuiih9kynlU5b0AQSQM14DQzHyPDHrOxAPAXu9ndgk2ssM_plU4gcqie397D-XiLqUnGZEMWMLRF-CtVoI3PTku5viXYl6evG5dWeieQ3uvATlP5Rz_YiQEGuhc8YtGApWg7DTRSxBXmS56kjYaP7LeFq0NoOwTXTJCqh3bFWWJYI09P-t0-tMNzAFCz-yr7tgI_ohb-oG1Nqz6IZ0ljKWVmQlzJhvDdWprtAn2T-1PeTXzBB8GtGunZhgDfrh8_3Df72em1ulnqlNi34Tz9zzU6TlBTK0rE25q5RjVrcT5iLpBa692MUdcTzP6ltVgiB8tL2Jzg8NrJS3DTvU19GrTEeDJ5a06Uv46H2-veaGx2FAdUVU_YvWCpUxpwOcK2D&sai=AMfl-YSrT_xtBiFS75-AoTHNm7Cy15ET5ZsoVEDq-TUx_ircFW-fAdfHgE_LmWvZfhyQ-sBqknij5_DTKufn88A1paWDwhfzqvP96EMlt1WlLNv7514c7icl21TVRSPTtIHDDMsVA4_n6wM3RJ7zPb6j9qtpTleWjTb6LOkhA4joVxsd8WfK20chhcsNojNMETrBLwJhqdAQbCEUlUUfCY2sVAGDlvHG7HjNrMNFYA&sig=Cg0ArKJSzNF5CkyUOzSwEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=321&vt=11&dtpt=184&dett=3&cstd=131&cisv=r20220817.11376&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: bg.drunkentengu.com
URL: https://bg.drunkentengu.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:36:56 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 94EC 7 KB
5 KB 128ms
62ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6cd6dd246b6bf17121e9d857d05f1f2ecc363a383cf73d367a6733fa08ada06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 21 Aug 2022 16:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5450
x-xss-protection: 0

GET
H3 200 bold.woff
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 20 KB
20 KB 23ms
22ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/bold.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2909fefca348766bcc632252ef22b8c65befdf20193ecc8ecdd8c539bb492a4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:25:15 GMT
x-content-type-options: nosniff
age: 115901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20696
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:25:15 GMT

GET
H3 200 regular.woff
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 20 KB
20 KB 24ms
23ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/regular.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17d42072561e1062e1c7f956f8a8925de5e397eea0f8124f1d808a2ecdac93b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:25:15 GMT
x-content-type-options: nosniff
age: 115901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20376
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:25:15 GMT

GET
H3 200 handwritten.woff
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 42 KB
43 KB 27ms
27ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/handwritten.woff

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f839b6f8aecac3aa5b8289f724aed41e2c7b45262454c3295614a0444644dcf1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:25:15 GMT
x-content-type-options: nosniff
age: 115901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43516
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:25:15 GMT

GET
H3 200 28299293_20181005020025769_234x90_Weekend.jpg
s0.2mdn.net/ads/richmedia/studio/28299293/ Frame 94EC 10 KB
10 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/28299293/28299293_20181005020025769_234x90_Weekend.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

680e86500b5bc8d5eb1e2e172a61131e6f92ee8b75a7161631cee4acc7d1d5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 18:58:28 GMT
x-content-type-options: nosniff
age: 77908
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10055
x-xss-protection: 0
last-modified: Fri, 05 Oct 2018 09:00:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 21 Aug 2022 18:58:28 GMT

GET
H3 200 NL_logo.svg
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 11 KB
4 KB 24ms
22ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/NL_logo.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27e92cd648107f42c41d361f2be69689b97ff696824cc144426ac191a585e183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 06:20:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 469012
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4189
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 16 Aug 2023 06:20:04 GMT

GET
H3 200 phone-reflection.svg
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 50 KB
17 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/phone-reflection.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69e14811058fbca80a21807f9bdf20dee72883588fd66bfb3d2cc9b5be5bd85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 08:25:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115901
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17669
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 08:25:15 GMT

GET
H3 200 E24-30x18.png
s0.2mdn.net/ads/richmedia/studio/pv2/69865171/dirty/ Frame 94EC 4 KB
4 KB 28ms
25ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/69865171/dirty/E24-30x18.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f209dcc61531089e1308c7967e200092c159da256a7e2ed5b7bd9bd2c1d4a233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 09:18:14 GMT
x-content-type-options: nosniff
age: 26322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4126
x-xss-protection: 0
last-modified: Tue, 23 Oct 2018 15:02:31 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 09:18:14 GMT

GET
H3 200 airplane-28x23.png
s0.2mdn.net/ads/richmedia/studio/pv2/69865174/dirty/ Frame 94EC 7 KB
7 KB 34ms
31ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/69865174/dirty/airplane-28x23.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6037f4e430531a28924f0b161e5e4c7159f484c231b01afbf71dbde4bf51b785

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 09:49:30 GMT
x-content-type-options: nosniff
age: 24446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7591
x-xss-protection: 0
last-modified: Tue, 23 Oct 2018 15:01:56 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Aug 2022 09:49:30 GMT

GET
H3 200 NL_logo-noplane.svg
s0.2mdn.net/sadbundle/5716278435949576192/ Frame 94EC 5 KB
2 KB 35ms
32ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/5716278435949576192/NL_logo-noplane.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6219cf5785a467690d3e5d0148cfa9bc85620a7ea694a7d84d235aac0787da03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5716278435949576192/index.html?e=69&leftOffset=0&topOffset=0&c=NrgmrJXlnP&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 06:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37056
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2238
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 07:53:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 21 Aug 2023 06:19:20 GMT

GET
H/1.1

206
Partial Content

file.mp4
r3---sn-5hnednss.c.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ip... Frame 94EC
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,i...
https://r3---sn-5hnednss.c.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,...

155 KB
155 KB

152ms
16ms

Media
video/mp4

2a00:1450:400e:1b::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-5hnednss.c.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/64CD9DE48008279EEA5A3E48A14CA0C1719804FB.0A15771C0BD1C4320EDF0448B264BFB451E2C54E/key/cms1/cms_redirect/yes/mh/gJ/mip/2001:1af8:4020:a034:9876::3/mm/42/mn/sn-5hnednss/ms/onc/mt/1661099437/mv/u/mvi/3/pl/49/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:1b::8 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

48e1413dec3d42902ce0ae13f542f74954604f41f3f6d25ad710b98903f8a92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Sun, 21 Aug 2022 16:36:56 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 23 Nov 2018 11:59:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-158519/158520
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 158520
Expires: Sun, 21 Aug 2022 16:36:56 GMT

Redirect headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:56 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r3---sn-5hnednss.c.2mdn.net/videoplayback/id/f4644014dd0cc698/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/64CD9DE48008279EEA5A3E48A14CA0C1719804FB.0A15771C0BD1C4320EDF0448B264BFB451E2C54E/key/cms1/cms_redirect/yes/mh/gJ/mip/2001:1af8:4020:a034:9876::3/mm/42/mn/sn-5hnednss/ms/onc/mt/1661099437/mv/u/mvi/3/pl/49/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 700
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081501&jk=3795423703058729&bg=!ZGelZyPNAAYUOm8VNDo7ACkAdvg8Wl-scVk4cB0TIjuHx_sem5ISL83w-2onAb9XDhfzKUC0FYi0OgIAAABBUgAAAAJoAQeZAtnG0tknDE2EMjdjHZ1ZgJNP4sXhG38E31H5Ax_ry3SO6Vt97giiMM4S48Y_ZPDtc7e2YtHi9zz9PxwjPyab5qdmwaMUjTBodWAVe2KB7lXwtMON5l4mkjXSTUnZwJCbDemppOzoxnl_wGgcdljVkKX5f6r5KsVJ2bjsKY44uUAjgRQzrZSpBgg-hqD2gAwpFjmICVqDOrdF9DcSj65zuxFPRmtpUzHkagjqIv4Xje6eB5ri1Op_waHzjgcBz4IcOsmAoKRBmfZEUUwzGQ8U6g5Oz15CzU9NsPsHftE6pAxN37L3zXbEtBM7SvTURO59w_z7XmRDp-xfOxem9VgBcaLNRDIw9nh0c-6yD6XcumdpH3YnApFl8apVcs_43tTg06U2kxnIPEL3vitw9txnh70qQQ_W1CNJ15WoSxKPY5sGDZu_BXXe7OaWGZtZ6_hv0GNCoNk3KZp1GcCOOZDLc6s8u-S1D_2TVidRpgnDX-MeY2hFQsOOA7VCAZnCKzHFRzjOHiipFvuBrbccdBJAuff91ol5HUDPjuGmRDjFbGZk7DszEUF8HmJCQPAww2_WBhX9-tJF-VHZe4qsQbGSgIMVTQF8DY67VPriekLGSV38uoHfBxltgEsD05BZltaBcrQR5XdHnS1Meg2B65MGxlc7cYA4eQVU4Q8koQSmdttYTkUV1912ad0XdJrygdtA4IXyTRmnCg2M9CGTtwTHxX-TenfgtdD1__V1Oa2VvbQ53BPpdZrBbCUZxNUmak5KeTRt70PR6lTEK_kdavX0UvxnGjE8Nw3KzRr97F43gmP82QxBffS9x3IqoNBzqPuVixyM95gPrIEZkb1-Xh7iOFXUBrUBqMd1lt6kqto_orLsRch1sR_7OICYMnk8VaFB7lWqP8t2jyCAfrvNh-qz5OXcP3nc15rMl7daKYtu1NqjOBNYZZNnX2ihi4MRpQmmi40L81-Z4nSIIUI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://bg.drunkentengu.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 94EC 17 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:36:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 Aug 2022 16:36:56 GMT

GET
H3 200 hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js Show response
pagead2.googlesyndication.com/bg/ Frame 052F 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hd9qiIGAqjescZkeItwy2wgAtCffeqilIyGkY3Q_MTc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sun, 21 Aug 2022 16:25:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 669
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14041
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 21 Aug 2023 16:25:47 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 190F 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKouqh-Ccy3om3UEx8AezmvCaYjFIajckdu-tj3NqynEcswBGt2yoljQL8yemg00A-IBi-JZ2dhUEuahNfEiZumalz0MJiQDivMUZovxeRKr52Na5Q3EhrRfB7kRi3pWKVw2TzBaScM4Xk&sai=AMfl-YRBsncyNcvz4U4UD19yYKcPBk69K5jMZsb_ZHAhiSUkRkM4kmBwW9WSorwLPrpiCZoLk0Wp5mNUAsA8nMPXSWY9jEOTn2eH_93Vaakq&sig=Cg0ArKJSzOmrTXLVQKKdEAE&cid=CAQSLQCsnQUxMtHBTdeX9YdMGQy2e_dMiu5bKJvckfaKf4hBgMh5KNoyep2NFg5lJQ&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220817&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=250063525&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661099815812&rpt=297&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 Aug 2022 16:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bg.drunkentengu.com/	1970-01-20 05:35:04	Name: __oagr Value: true
.drunkentengu.com/	1970-01-20 14:10:35	Name: _ym_uid Value: 1661099815160690085
.drunkentengu.com/	1970-01-20 14:10:35	Name: _ym_d Value: 1661099815
.yandex.ru/	1970-01-20 14:10:35	Name: yandexuid Value: 5729393921661099815
.yandex.ru/	1970-01-20 14:10:35	Name: yuidss Value: 5729393921661099815
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 539344551661099815
.yandex.ru/	1970-01-20 15:00:59	Name: i Value: FmxxS4T3os+QjNiHkPnttE4IkY56wLZtf4QJE8KMWmC96sA7OO/4iIX4nonUllc9s3a2KOkHTA/o9P1lQ9hKnWX4oG0=
.yandex.ru/	1970-01-20 14:10:35	Name: ymex Value: 1692635815.yrts.1661099815#1692635815.yrtsi.1661099815
.drunkentengu.com/	1970-01-20 05:26:11	Name: _ym_isad Value: 2
.drunkentengu.com/	1970-01-20 14:46:35	Name: __gads Value: ID=0b844a192b2c4fba:T=1661099815:S=ALNI_MbRWuLv3iV5dxwaOH8ak2HJs7bLaQ
.doubleclick.net/	1970-01-20 14:46:35	Name: IDE Value: AHWqTUnsfbUO8G-pCm-sAQ2bgpVi0ub1hm0kyZbXOPKOyhcrau0vew14tPZ-wJvy11k
.adnxs.com/	1970-01-20 07:34:35	Name: uuid2 Value: 2319278153699613257
.adnxs.com/	1970-01-20 07:34:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?^hdQ#7!]tbPl1M>e)ZlrFUfJ+tGXxpK:ESCb@KO3VAG0!D=85'O<upR7]5)YDWQWsHbpRzqF1`b`Jv8+^k
.casalemedia.com/	1970-01-20 07:34:35	Name: CMPS Value: 1163
.casalemedia.com/	1970-01-20 14:10:35	Name: CMID Value: YwJfKEHkGnQIw7L.WMMUbQAA
.casalemedia.com/	1970-01-20 07:34:35	Name: CMPRO Value: 1163
.casalemedia.com/	1970-01-20 07:34:35	Name: CMTS Value: 5129

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://a.drunkentengu.com/lifestyle/shishki-na-zapyaste.-eto-normalno-ili-net.webp Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9e040091e9a42ff06db0deca1be843eb.safeframe.googlesyndication.com
a.drunkentengu.com
adservice.google.com
adservice.google.nl
bg.drunkentengu.com
cdn.jsdelivr.net
cdn.zx-adnet.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cmp.optad360.io
code.jquery.com
drunkentengu.com
dsum-sec.casalemedia.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mc.yandex.ru
pagead2.googlesyndication.com
r3---sn-5hnednss.c.2mdn.net
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bigmp3db.com
www.google.com
www.googletagservices.com
104.18.18.126
142.250.185.130
142.250.186.98
151.101.65.195
172.217.18.98
185.89.211.12
2001:4de0:ac18::1:a:3a
2600:9000:225e:ce00:11:a4de:2580:93a1
2600:9000:2304:600:6:b871:4f00:93a1
2606:4700::6810:5814
2606:4700::6811:180e
2a00:1450:4001:802::2004
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2001
2a00:1450:400e:1b::8
2a02:6b8::1:119
2a06:98c1:3121::c
95.216.65.102
01562d0b16ae096989171c81467c2b0ab3b61b01ab38c1c7c28e92ee741596e8
0b2735a7704a98c54ebd17db6ba3f8177006109dea422593d49dd1874c391a58
0b69ec5f34ccd293aaf7b8dc34ae7c28f457a537624f539c4b46e6c1f8f7eeef
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9027289ffa5d9f6c8b4e0782bb31bbff2cef5ee3708ccbcb7a22df9128bb21
0ea2697dd2d0350ed84ce89be6bc75e8462ad5d56e0d70d53c869df80ab8236a
10cb0495ea6b2b802137d432b18f9ffeda5929a80dc4cda5fe70e26ba16080a5
11cf5d305e18a8bdbf84235a89ef55304ebe093703bdbb56fd5a777d79409dbe
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134d6c0bc270c26699912733931b20816ff6ab0412816cf9794c48248b015e2e
17d42072561e1062e1c7f956f8a8925de5e397eea0f8124f1d808a2ecdac93b7
203e866df115a4d45bb3c5fac94c0eea476b73a0ec061482f02753fb2e655b08
24cecf6c29ff8834a71cb598338e87fb26f928adc7e17021ea032a312df12c13
25d869bea475e775b31ea1ddf082cc84962fe2d5580d5ff1bd4f2df7f4cad8c7
27e92cd648107f42c41d361f2be69689b97ff696824cc144426ac191a585e183
2909fefca348766bcc632252ef22b8c65befdf20193ecc8ecdd8c539bb492a4b
340bc41d8738ba699392b1a633e2da125f1bfc7c0a5b3f2c6fac3905171017eb
3e566eb82a43d5f8c6484843f792eb465c2b13335b6727baeee13b5a2558e9ec
47e936dd24761615de831ec0e299452e6e80cf774b684eecf2fdf810a3363a56
48e1413dec3d42902ce0ae13f542f74954604f41f3f6d25ad710b98903f8a92f
493403e1f71d978d07520c8c4a0f9b43e7a5f8b2a572188e2ed46dc5ee7710c4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bdacb2acadc9f5483096974f545c2a321543ef8277dbba30302a89ec888f407
4fbf2991d4e5b2f1591be13f8b9e67b6c9c5de694fc4fca96aa4a293e65ebb4f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
514afe56f4096db5577453433116f23ce49af809e17f0882c102d53340098459
536ac8e50e067df70633ff75bac0fed30ad1c33defb1f789ac22a60957bee4cc
53d27d8eea86fd7b96d4fa40a44517ab4c61d412a1698f7d80834462bb9868c2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57d3fee7235c2629ed4b486be9a6fac878aa238666b8c67e961332ebffd2898c
5da4c217b21ba4fa142652c572c84e7e134ac0109f1922d13067e37a27a9d28c
5e10163106695b4f032d883cbea74cacb3c041fde3b317fc2fbf8b859a4e20af
5e51a68f75a0b937227bd3d3227b40fc60a8ecbb25af8168b32ba7cd7e66e480
6037f4e430531a28924f0b161e5e4c7159f484c231b01afbf71dbde4bf51b785
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6219cf5785a467690d3e5d0148cfa9bc85620a7ea694a7d84d235aac0787da03
6723ea2989d5cf57335b26d5bd0bcc52feffab866915b917c4cdcae672c99a2a
67a957a857f790ccca03be1bc4c3c575a8335955082c88795c3988e8d9e88688
680e86500b5bc8d5eb1e2e172a61131e6f92ee8b75a7161631cee4acc7d1d5f5
69d3e744161787b13e7fc102a8eafa683ec33d6bdddbf8aa56013d08c788d518
69e14811058fbca80a21807f9bdf20dee72883588fd66bfb3d2cc9b5be5bd85b
6d2af5ea7b4164ec808949f1d2ec37cf3bc2f93a0969d18f4d95164fdc354205
6dbb8decfba207807456eba9405c1e9242c425644bc5dd4506b94685764aa2f8
6fb2352555371675225ce7b1e1832ac4b1ad8e83dc396d10b70a42dac24addc7
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
75307689ad04153bd69b21b044d080830572ee57445531095287a8f81bc88f73
7b5f7b135522fb64f94e4a0f62840878d8432aa50be56ae8cb822fc380d93d0e
7d0aa7d7b8fd2f544d2bb485b305067427afa39eb54b6edeba002fd0deac18a7
814cd4d684f2f4fcc865ee658bff34666d3705008f7f58d70c3459ed9695ac9e
85df6a888180aa37ac71991e22dc32db0800b427df7aa8a52321a463743f3137
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9171d929f89903aab2a0afd2ead0bea5b58eed239e21d7ca547b2bb16da62424
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
980c9465f4f4c3b95280c077d235cf64b06fb99793924789211c647046da9b68
993a47cb6b6462ff80ca8357e7079223e3ba4395a739531d2e45420244a8cafe
9bc191d8cb9555c7187ba6a7e5a94d3ff45e69fd996f094d41713ad4951699c0
9c38da688da287499758730b363eea0119fedc5a907358a7a52d808ad27181c4
9cf8edfe17793caa3eaf3cb5b0b1d715810e2483f4baa9f2901c389af009113b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a10e079a06636011ec2836b8b7d6253fdcda68357d6cdd2c14ecd758bc170757
a322cb3b815da898f7a87a90ffa4c0e2707cffe94d48f2f069ecd6f40ec548d2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a63f23953fa1fb6c7c2d3eaaa8c5801af007c34f19a771fc5de6cee6e3267206
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac105cfb16342981817f978d44838d13ff350172444debd8bdd1847b9ce5cb2b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c78607e7e6af7234f3cad0c9a580e1bc4447686f0186b58f7c89c33b846761
b9739375b98f47648af96503b5ed3e3e21735b4699ec12bdcabaeeb5937c8d50
ba7478138664dfbadff2af30a268f4200a752a73d07dafb55937af20d1061357
bb58e1784321d9201089afb299ee54bc723bf32145f50816f1a1f96060fc3150
bc8aad52def9fae70bca29263a13763c230f574b56f604f739995775e585e1dd
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
beb353743df7f858cd90a1a9d894b278dcde374404323f74a5e044ea4322452a
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c37e88f718acf2e31223149decc6c77497a892a5f556e5e1fc6c2492377e9bc0
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
cbc20e1114ee6feaffb20e41792553d8b491265f27780bbf2ad1367c7d5d13db
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
d01c32d57cc2d21eaa1b725fe400114aeb5e309f29f17d0a2538ffb612762705
d6cd6dd246b6bf17121e9d857d05f1f2ecc363a383cf73d367a6733fa08ada06
d769630dd351205f9363dd5d5808570efb335ce10fdd4e35f690511f6c3d7bae
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e312fa9b3c4a219aa222039ce96dafdf99b9d508536e9ae738f1b39eb44b34b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f020417a8a54015152d9bdf28487c3f4ff4a6e067b3bf03ae385be1ce15b52
e9ce97f2c6670ea653b43bbd02ec2994eca3735a6018bdfa35909ed4b4a6bb53
eb3ae2447c5639af547b26ef41059335562ed70b1d403dddb0b26b65002a0134
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f209dcc61531089e1308c7967e200092c159da256a7e2ed5b7bd9bd2c1d4a233
f2edd00945f34d85159c4406ef23cf6f4728c7eeb168918f172ab7982dc980a1
f839b6f8aecac3aa5b8289f724aed41e2c7b45262454c3295614a0444644dcf1
f8caaf8b364fba9059cf0aee9140d73e9671b81d5714c91d612caf0b24dd834b
fa581fefebecc84d3b82fa27a681ea2587caa31c61a7834c23550fdf64cdf240
fc3b20c79263b8627bdf6d71ed5018c34806fee9ad713785c15454df5ac2425e

bg.drunkentengu.com Open in urlscan Pro 2a06:98c1:3121::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

94 %HTTPS

71 %IPv6

16 Domains

27 Subdomains

24 IPs

7 Countries

3007 kBTransfer

4783 kBSize

17 Cookies

52 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bg.drunkentengu.com Open in urlscan Pro
2a06:98c1:3121::c Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

94 %
HTTPS

71 %
IPv6

16
Domains

27
Subdomains

24
IPs

7
Countries

3007 kB
Transfer

4783 kB
Size

17
Cookies

108 HTTP transactions
3 data transactions