persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
43.174.14.129 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

URL:
https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/ 1mo old
Submission Tags: phishing malicious Search All
Submission: On April 29 via api (April 29th 2026, 5:58:08 pm UTC) from SG — Scanned from SG

Summary HTTP 38 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 16 IPs in 3 countries across 15 domains to perform 38 HTTP transactions. The main IP is 43.174.14.129, located in Singapore and belongs to ACE-AS-AP ACE, SG. The main domain is persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app. 1mo old
TLS certificate: Issued by DigiCert Secure Site OV G2 TLS CN RSA... on November 17th 2025. Valid for: 1yr.

This is the only time persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	43.174.14.129 43.174.14.129	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	2404:6800:400... 2404:6800:4003:c04::61	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.253.144.154 172.253.144.154	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:203... 2600:9000:203f:9400:d:547c:9480:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2600:9000:203... 2600:9000:203f:2a00:1e:61ec:b4c0:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2404:6800:400... 2404:6800:4003:c03::66	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.67.192.190 172.67.192.190	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
4	172.67.149.106 172.67.149.106	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	172.67.163.146 172.67.163.146	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2404:6800:400... 2404:6800:4003:c05::5e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.251.10.155 142.251.10.155	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2404:6800:400... 2404:6800:4003:c01::84	15169 (GOOGLE) (GOOGLE - Google LLC)
1	142.251.153.119 142.251.153.119	15169 (GOOGLE) (GOOGLE - Google LLC)
2	172.253.144.156 172.253.144.156	15169 (GOOGLE) (GOOGLE - Google LLC)
38	16

5 43.174.14.129 (Singapore)

ASN139341 (ACE-AS-AP ACE, SG)

persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app 1mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2404:6800:4003:c04::61 (Singapore, Singapore)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.253.144.154 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sn-in-f154.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2600:9000:203f:9400:d:547c:9480:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d2w9cdu84xc4eq.cloudfront.net 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2600:9000:203f:2a00:1e:61ec:b4c0:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

dcbbwymp1bhlf.cloudfront.net 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2404:6800:4003:c03::66 (Singapore, Singapore)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.67.192.190 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ukankingwithea.com 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 172.67.149.106 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

weiledsteverm.org 8mo old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.67.163.146 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

blooket.schoolcheats.net 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2404:6800:4003:c05::5e (Singapore, Singapore)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.12.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: se-in-f156.1e100.net

googleads.g.doubleclick.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.10.155 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sd-in-f155.1e100.net

ep1.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2404:6800:4003:c01::84 (Singapore, Singapore)

ASN15169 (GOOGLE - Google LLC, US)

ep2.adtrafficquality.google 2yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 142.251.153.119 (United States)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.253.144.156 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: sn-in-f156.1e100.net

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
5	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 337 2yr old ep2.adtrafficquality.google — Cisco Umbrella Rank: 343 2yr old	27 KB
5	edgeone.app persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app 1mo old	102 KB
4	weiledsteverm.org weiledsteverm.org — Cisco Umbrella Rank: 17730 8mo old	1 KB
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 160 10yr old	253 KB
3	gstatic.com www.gstatic.com — Cisco Umbrella Rank: 8 10yr old	109 KB
3	cloudfront.net d2w9cdu84xc4eq.cloudfront.net 2yr old dcbbwymp1bhlf.cloudfront.net — Cisco Umbrella Rank: 55656 2yr old	147 KB
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 62 9yr old	4 KB
2	ukankingwithea.com ukankingwithea.com — Cisco Umbrella Rank: 15451 2yr old	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 112 13yr old
1	schoolcheats.net blooket.schoolcheats.net 2yr old	6 KB
1	google.com accounts.google.com Failed — Cisco Umbrella Rank: 23 13yr old www.google.com — Cisco Umbrella Rank: 3 13yr old	568 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 68 13yr old	157 KB
0	Failed function sub() { [native code] }. Failed
0	glitch.me Failed cdn.glitch.me Failed 5yr old
0	facebook.com Failed www.facebook.com Failed 11yr old
38	15

	Domain	Requested by
5	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
4	weiledsteverm.org	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
4	pagead2.googlesyndication.com	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app pagead2.googlesyndication.com ep2.adtrafficquality.google
3	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
3	www.gstatic.com	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
2	ep1.adtrafficquality.google	pagead2.googlesyndication.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	ukankingwithea.com	d2w9cdu84xc4eq.cloudfront.net dcbbwymp1bhlf.cloudfront.net
2	www.google-analytics.com	www.googletagmanager.com
2	d2w9cdu84xc4eq.cloudfront.net	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app d2w9cdu84xc4eq.cloudfront.net
1	www.google.com	ep2.adtrafficquality.google
1	blooket.schoolcheats.net	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
1	dcbbwymp1bhlf.cloudfront.net	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
1	www.googletagmanager.com	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
0	undefined Failed	dcbbwymp1bhlf.cloudfront.net
0	cdn.glitch.me Failed	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
0	accounts.google.com Failed	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
0	www.facebook.com Failed	persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
38	18

This site contains links to these domains. Also see Links.

Domain
blooketbot.com

Subject Issuer	Validity	Valid
*.edgeone.app DigiCert Secure Site OV G2 TLS CN RSA4096 SHA256 2022 CA1	`2025-11-17` - `2026-11-16`	1yr	crt.sh
*.google-analytics.com WR2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
*.g.doubleclick.net WR2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2026-02-24` - `2026-09-09`	7mo	crt.sh
ukankingwithea.com WE1	`2026-04-18` - `2026-07-17`	3mo	crt.sh
weiledsteverm.org WE1	`2026-04-01` - `2026-06-30`	3mo	crt.sh
schoolcheats.net WE1	`2026-03-29` - `2026-06-27`	3mo	crt.sh
*.gstatic.com WR2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
adtrafficquality.google WR2	`2026-03-30` - `2026-06-22`	3mo	crt.sh
*.google.com WR2	`2026-03-30` - `2026-06-22`	3mo	crt.sh

This page contains 6 frames:

Primary Page: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Frame ID: 96979DE233A6BDE3D7EB71359474DE5C
Requests: 36 HTTP requests in this frame

Frame: https://undefined/N2JvQkRWAAwve1ZfDWQxRQ5SZ3ZxR10EIFQADTU9WhJeICxbBEEhKFgXCyQ2WAwbbCpSFkpwAk0tNw9xVlMfIwxxASEYEQcDNxQeRSEqIQhvNQAIEmIJNRJ1Di08E3BYMQcyD38YVhoGTzMhDnVYADwlDQAkLjIddAhaFhcHBTwPdUcHORB0WDQEEA5vDyEQAk8BIBIoAzU5JRESUCkEPH0oKHE8YyMpGwJ8BT4DFXFaNSB0bRQlLzdRIF8PFG0VKRQSZg1fGi8DBCsoFlY2CCoKeFNfEAZxW1cWFXk1LgUgeio5cgtnJC4mHHZbVxYGfictKBJzJQNvEX8tFzoGUVNacgdhOyMVd30gPiUseAM3NhN0UxxwEXVTIgd3Dy4+cgJjACgYAnM3JWd2cSFfDB1wGx8UAlxWIA0CfgM7F3FYBF8bD28qPgkWZRo1IyxyOzoQfAQ0ORsIfCpXDhUGNywPEk81LHM3DjotABd1KiIhFWYJJg8vRAE5A3ESUCkBPmIrN3B0bzMXJiZTIwMVBwYRHxUGYTsoFglUMzd7IVYzWiYHW1NXFgEDK0koN1gMH383TlYsFHFhL14
Frame ID: 36470B069314DC7E957773A0AFA19883
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20260428/r20190131/zrt_lookup_fy2021.html
Frame ID: 10260C40115CE229E897D52E1CC65A95
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9536566978657336&output=html&adk=1812271804&adf=3025194257&lmt=1777485464&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fpersistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app%2F&pra=5&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777485490205&bpp=4&bdt=562&idt=122&shv=r20260428&mjsv=m202604240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4695150272698&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532524%2C95366174%2C95387779&oid=2&pvsid=561472064862609&tmod=812952184&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=162
Frame ID: 519DC625EAC4BB5333ECE835A28FF3C0
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html
Frame ID: 3C6F553D9CA1E786A18A452A2E0BFD78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 98E2648AEE9CABF8710FB4DA3004F7CE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blooket Bot - Spam Hack Bot, Answers, and AI-Powered Flood Bot Tool

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

DoubleClick Floodlight (Advertising) Expand

Overall confidence: 100%
Detected patterns

\.doubleclick\.net

Google AdSense (Advertising) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Google Tag Manager (Tag managers) Expand

Overall confidence: 100%
Detected patterns

\.googletagmanager\.com/

Page Statistics

38
Requests

87 %
HTTPS

40 %
IPv6

15
Domains

18
Subdomains

16
IPs

3
Countries

990 kB
Transfer

3342 kB
Size

4
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://blooketbot.com/singlebot
Title: Single Bot Deployment Page

Search URL Search Domain Scan URL

URL: https://blooketbot.com/
Title: BlooketBot.com

Search URL Search Domain Scan URL

URL: https://blooketbot.com/sitemap.xml
Title: Sitemap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&dsh=S-568638920:1777485490124003 HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&dsh=S-568638920%3A1777485490124003&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pasg84hytZ_ngi8ADoekg3nlTCg7di7hLIsNkzDVLC4EIWmutLetNshxY9p7Sc3yfBXGOrg6

Request Chain 11

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&dsh=S1192245425:1777485490123884 HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&dsh=S1192245425%3A1777485490123884&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pat93Oxq09V9tPa8isJagAjxdcdsoI9xO272N5xAGK0T4AqitJ1Pg96I6yZGqLiyL1MXK-uv

38 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/ 918 KB
91 KB 28ms
6ms Document
text/html 43.174.14.129
ACE-AS-AP ACE

General

Check archive.org

Download Go to

Full URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.174.14.129 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: edgeone-pages /
Resource Hash: 8b42ffa26378c366d7ab9e086780f04f4f7e8ac15afa9d367b2a44ffa068e0aa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
age: 2
cache-control: public, must-revalidate, max-age=0
content-encoding: gzip
content-length: 92632
content-type: text/html
date: Wed, 29 Apr 2026 17:58:09 GMT
eo-cache-status: Cache Hit
eo-log-uuid: 16552689157447411741
etag: "59b76e5b353424b3a3c23ea029407076"
last-modified: Wed, 29 Apr 2026 17:57:44 GMT
server: edgeone-pages

GET
H2 404 app.css
persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/ 0
0 47ms
44ms Stylesheet
text/html 43.174.14.129
ACE-AS-AP ACE

General

Check archive.org

Download Go to

Full URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/app.css
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.174.14.129 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: edgeone-pages /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

eo-cache-status: Cache Miss
cache-control: public, must-revalidate, max-age=0
etag: "0445e4fdf1e737913bb718eca592a661"
age: 0
eo-log-uuid: 11432607918601643707
accept-ranges: bytes
content-length: 3881
date: Wed, 29 Apr 2026 17:58:09 GMT
content-type: text/html
last-modified: Tue, 23 Sep 2025 09:32:20 GMT
server: edgeone-pages

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 462 KB
157 KB 32ms
18ms Script
application/javascript 2404:6800:4003:c04::61
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-34ZZ69LFNW

Requested by

Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c04::61 Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e4dc89fc797bc16c80655e58476a323061eb6446b28d7a583ad94e7c59427cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
content-encoding: zstd
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
expires: Wed, 29 Apr 2026 17:58:09 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 160289
date: Wed, 29 Apr 2026 17:58:09 GMT
x-xss-protection: 0
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: Google Tag Manager
access-control-allow-headers: Cache-Control

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 157 KB
54 KB 30ms
19ms Script
text/javascript 172.253.144.154
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9536566978657336

Requested by

Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.144.154 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sn-in-f154.1e100.net

Software

cafe /

Resource Hash

5e2caf44d8a5d512adcbb2c01653b9beb0ae6ecf0ceaaf600f7a6b1c5ae171ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 13578775639875919094
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 17:58:09 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 29 Apr 2026 17:58:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 55306
x-xss-protection: 0
server: cafe

GET
H2 200 / Show response
d2w9cdu84xc4eq.cloudfront.net/ 194 KB
66 KB 201ms
177ms Script
text/plain 2600:9000:203f:9400:d:547c:9480:21
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://d2w9cdu84xc4eq.cloudfront.net/?udcwd=1102210
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203f:9400:d:547c:9480:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: f4a8a4ce7e92db573fcdb6bc6df524e114e81a4a6b9bf3da2f9b86181e93b409

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
via: 1.1 7e38ccf244ad9223dd8a570c40eddb7e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 67140
x-amz-cf-id: Q6XZRTKsHjt0iXW5DzIhz-r8pYOe9_rAWkzNANwrXvAn_wSwfXMv2Q==
date: Wed, 29 Apr 2026 17:58:09 GMT
x-amz-cf-pop: SIN3-P4

GET
H2 200 / Show response
dcbbwymp1bhlf.cloudfront.net/ 304 KB
80 KB 203ms
178ms Script
text/plain 2600:9000:203f:2a00:1e:61ec:b4c0:21
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://dcbbwymp1bhlf.cloudfront.net/?wbbcd=1142600
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203f:2a00:1e:61ec:b4c0:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: d217869e87b50b7217196fc25fe8ce230f4ba6f3694a58e7281cd7215cc5cedc

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
via: 1.1 148470925317853b656f5c4aeea32bcc.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 81665
x-amz-cf-id: HAMGKtdSuFOMkNU8_psShV37cHPqC8hQ3D8_L-yDPQBUJCEpZ_MApg==
date: Wed, 29 Apr 2026 17:58:09 GMT
x-amz-cf-pop: SIN3-P4

GET
H2 404 blooket_bot_image.webp
persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/ 4 KB
4 KB 61ms
58ms Image
text/html 43.174.14.129
ACE-AS-AP ACE

General

Check archive.org

Download Go to Show image

Full URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/blooket_bot_image.webp
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.174.14.129 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: edgeone-pages /
Resource Hash: 00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

eo-cache-status: Cache Miss
cache-control: public, must-revalidate, max-age=31536000
etag: "0445e4fdf1e737913bb718eca592a661"
age: 0
eo-log-uuid: 14132978244527254608
accept-ranges: bytes
content-length: 3881
date: Wed, 29 Apr 2026 17:58:09 GMT
content-type: text/html
last-modified: Tue, 23 Sep 2025 09:32:20 GMT
server: edgeone-pages

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 19ms
5ms Fetch
text/plain 2404:6800:4003:c03::66
Google LLC

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-34ZZ69LFNW&gtm=45je64s0v9188303533za200zd9188303533&_p=1777485489783&gcd=13l3l3l3l1l1&npa=0&dma=0&are=1&cid=341391261.1777485490&frm=0&pscdl=noapi&rcb=16&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=en-sg&_s=1&tag_exp=0~115938465~115938468~117266401~117384405~117512542~118463261&sid=1777485489&sct=1&seg=0&dl=https%3A%2F%2Fpersistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app%2F&dt=Blooket%20Bot%20-%20Spam%20Hack%20Bot%2C%20Answers%2C%20and%20AI-Powered%20Flood%20Bot%20Tool&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=319
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34ZZ69LFNW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::66 Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0
report-to: {"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:138:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 17:58:09 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 / Show response
ukankingwithea.com/ 25 B
627 B 268ms
252ms Fetch
text/plain 172.67.192.190
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://ukankingwithea.com/
Requested by: Host: d2w9cdu84xc4eq.cloudfront.net
URL: https://d2w9cdu84xc4eq.cloudfront.net/?udcwd=1102210
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.190 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cabcb044416d3e582de65bab21e699e47cbec59a7003825cd117d559b4ae7e31

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZTvhlqsXYS4lwCeOD4O2qJZ%2F0DadqoLn5Zp2ElDSnr8iwlP9z6TH1ORa4L7u0tw%2BdKu6oALYYnVpGK%2FeCezPgKuzW52MyHErEY%2BMbfB8B5OoTbNn4GVn5Q%2Fgn7lPy4pkVXqn2WI%3D"}]}
cf-ray: 9f403178495f25fd-SIN
access-control-allow-origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/plain
server: cloudflare
priority: u=1,i
access-control-allow-headers: X-Requested-With, content-type

GET
H3 204 AFdVfnwPWlR9ew
weiledsteverm.org/S0g3Y21kd1QQUC4NWBsODRJ1BiwnDW5TVH0JYg8KHwBcIjwMcBEXBC91BlJdeXoGU0s7IVNeXG07QwIZPjsKUksiJlEMUG0+ClJDeHwZUFVlfxEWUHpuQxMMLHUGRR0/PFteXHx/ 0
415 B 264ms
249ms Image
text/plain 172.67.149.106
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL: https://weiledsteverm.org/S0g3Y21kd1QQUC4NWBsODRJ1BiwnDW5TVH0JYg8KHwBcIjwMcBEXBC91BlJdeXoGU0s7IVNeXG07QwIZPjsKUksiJlEMUG0+ClJDeHwZUFVlfxEWUHpuQxMMLHUGRR0/PFteXHx/AFdVfnwPWlR9ew
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.106 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=71982648FOGExDO96sDUwSLn8r5l%2FKlulSmb8Yv7BAAvFrcMgvmq%2FBjUkroUOULVgC20%2BjQs%2F%2FBz6A%2B2sweLiPX%2BBcm%2BdC4nzW%2BRMKiCUfNcuTMnvtRjFU0H%2FrNDMJKzseKKNw%3D%3D"}]}
cf-ray: 9f4031785de3fd6b-SIN
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 29 Apr 2026 17:58:10 GMT
server: cloudflare
priority: u=3,i

GET login.php
www.facebook.com/ 0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&dsh=S-568638920:1777485490124003
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&dsh=S-568638920%3A1777485490124003&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignI...

0
0

GET

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&dsh=S1192245425:1777485490123884
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&dsh=S1192245425%3A1777485490123884&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebS...

0
0

GET
H3 200 popunder.gif
weiledsteverm.org/ 35 B
573 B 9ms
8ms Image
image/gif 172.67.149.106
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL: https://weiledsteverm.org/popunder.gif
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.106 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 292331
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=h8DnRieLYEWgqIQi6EEouzXyrU3RcSO9au%2B29YoEoC0gSVZlVAD6gksNSrXtRByE9IHCPEIi8dOVJAcxnnHQ5VGKhwp99eWRfh42l1BZyQeC8H8DiH9diJcFsIOn3k2Uf4Y1bA%3D%3D"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: image/gif
last-modified: Sun, 26 Apr 2026 08:45:58 GMT
vary: accept-encoding
priority: u=3,i
cache-control: public, max-age=604800, immutable
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: public
cf-ray: 9f403178bdfbfd6b-SIN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58
server: cloudflare

GET
H3 200 / Show response
ukankingwithea.com/ 27 B
591 B 445ms
252ms Fetch
text/plain 172.67.192.190
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://ukankingwithea.com/
Requested by: Host: dcbbwymp1bhlf.cloudfront.net
URL: https://dcbbwymp1bhlf.cloudfront.net/?wbbcd=1142600
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.192.190 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f2eefe276a8f0f297706d95b4c2aeeaef565c12ea2a3c731ee963ceaaa1d3f8

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qibNu8wnurzLXlaHOcJYNtj2ufJBot3jnU73BarIPwfU3qjc2pW%2BCpl%2B2rokOhG%2FQ6hI5PTf%2BTNcMfDSLJLS8IGVBt13etIFwupcTvK442GVqgR6W5MaSGb92ah1k1xhkgC7kU4%3D"}]}
cf-ray: 9f403179da1325fd-SIN
access-control-allow-origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/plain
server: cloudflare
priority: u=1,i
access-control-allow-headers: X-Requested-With, content-type

GET
H3 204 a1pac0ZEZTkAewkxbwkUWxA+FS0PLT9Cf1MLAjF1MxI2MiBYC3wHLw9na0JyWWxqQ2AbMz5OdV58KQcnHy8pTndNMzQVKVZ8LE53RWh0Q2hbfC9Od00uKhIhVmt8AzIfNmdCcVxtbktzX2NqQ3Vf
weiledsteverm.org/ 0
406 B 236ms
235ms Image
text/plain 172.67.149.106
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL: https://weiledsteverm.org/a1pac0ZEZTkAewkxbwkUWxA+FS0PLT9Cf1MLAjF1MxI2MiBYC3wHLw9na0JyWWxqQ2AbMz5OdV58KQcnHy8pTndNMzQVKVZ8LE53RWh0Q2hbfC9Od00uKhIhVmt8AzIfNmdCcVxtbktzX2NqQ3Vf
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.106 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=iPFhWAIRR4BEZBj2osuhPi7d4MBp2JkwTGReidwEYVq5fqWDzLicxMBZrYdmb6LNM98okypF9uuraxAE5aXnEPw7MJvK%2FYSAHiBDEXG%2Bc6Hj2wRj2Klatl9%2Bt1sGqNRGkevr3g%3D%3D"}]}
cf-ray: 9f403178bdfdfd6b-SIN
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 29 Apr 2026 17:58:10 GMT
server: cloudflare
priority: u=3,i

GET
H2 404 blooket_logo.png
persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/ 4 KB
4 KB 55ms
53ms Image
text/html 43.174.14.129
ACE-AS-AP ACE

General

Check archive.org

Download Go to Show image

Full URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/blooket_logo.png
Requested by: Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.174.14.129 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: edgeone-pages /
Resource Hash: 00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

eo-cache-status: Cache Miss
cache-control: public, must-revalidate, max-age=31536000
etag: "0445e4fdf1e737913bb718eca592a661"
age: 0
eo-log-uuid: 3861776243698709327
accept-ranges: bytes
content-length: 3881
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/html
last-modified: Tue, 23 Sep 2025 09:32:20 GMT
server: edgeone-pages

GET
H3 403 play Show response
blooket.schoolcheats.net/api/proxy/play.blooket.com/ 6 KB
6 KB 544ms
504ms Fetch
text/html 172.67.163.146
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://blooket.schoolcheats.net/api/proxy/play.blooket.com/play

Requested by

Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.163.146 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

20719675f66ba679d8821cf35098e9ede40290cb6adc7b0faf50d395c38cd21c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'nonce-oPaNHyhb5hXM9nUUbBOOXk' 'unsafe-eval' https://challenges.cloudflare.com; script-src-attr 'none'; style-src 'unsafe-inline'; img-src 'self' https://challenges.cloudflare.com; connect-src 'self' https://challenges.cloudflare.com; frame-src 'self' https://challenges.cloudflare.com blob:; child-src 'self' https://challenges.cloudflare.com blob:; worker-src blob:; form-action http: https:; base-uri 'self'
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

access-control-expose-headers: *
content-encoding: zstd
cf-cache-status: DYNAMIC
expect-ct: max-age=86400, enforce
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=P1ogL3HISO3iJD65%2FacVk2AC8ao3aGthPo%2BVGXIPjMMLpTXGdtE5RVNbqsJaDbJ0iEm14Fq2CFm0NCsC%2BIxlkvllb05VwWMHXNAtzXFNrywNh5uw5EViulptcWwS2kc9gXRlojT1tLBvrFE%3D"}]}
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
x-content-type-options: nosniff
server-timing: chlray;desc="9f40317bac077d61", cfExtPri
alt-svc: h3=":443"; ma=86400
content-type: text/html; charset=UTF-8
priority: u=1,i
referrer-policy: same-origin
x-xss-protection: 1; mode=block
origin-agent-cluster: ?1
server: cloudflare
x-set-cookie: __cf_bm=p_tLJdHiERvCDWKbwqCSOg4xDd0.ijgmZM_3bViX.a0-1777485490.506504-1.0.1.1-zLU1aM4J0BeZBHBsRP2CifXTNWJl5ec4iucGu8geVE8m3t5gqHBnK.zsWOjnz27I2xpfK87D9b4jqMyKi3SPRN0IzOrk.QFX3Ra.wuIW1MBeCM4ibJFQTeICLJkssvZ9; HttpOnly; Secure; Path=/; Domain=blooket.com; Expires=Wed, 29 Apr 2026 18:28:10 GMT
date: Wed, 29 Apr 2026 17:58:10 GMT
vary: accept-encoding
x-frame-options: SAMEORIGIN
cf-mitigated: challenge
strict-transport-security: max-age=15552000; includeSubDomains
access-control-allow-headers: *
content-security-policy: default-src 'none'; script-src 'nonce-oPaNHyhb5hXM9nUUbBOOXk' 'unsafe-eval' https://challenges.cloudflare.com; script-src-attr 'none'; style-src 'unsafe-inline'; img-src 'self' https://challenges.cloudflare.com; connect-src 'self' https://challenges.cloudflare.com; frame-src 'self' https://challenges.cloudflare.com blob:; child-src 'self' https://challenges.cloudflare.com blob:; worker-src blob:; form-action http: https:; base-uri 'self'
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy: same-origin
access-control-allow-credentials: true
cf-ray: 9f4031794e6ace6d-SIN
cross-origin-embedder-policy: require-corp
permissions-policy: accelerometer=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),xr-spatial-tracking=(self)
access-control-allow-origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app

GET vid.mp4
cdn.glitch.me/50648a61-8fe9-4ce0-a01c-baff9438bbf2/ 0
0

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/10.10.0/ 99 KB
23 KB 35ms
4ms Script
text/javascript 2404:6800:4003:c05::5e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.10.0/firebase-app.js

Requested by

Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

82696f47d01f2695a90ef1e1f764970d6bb924da67c96865e693768f152a22ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
age: 31683
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 29 Apr 2027 09:10:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 09:10:07 GMT
last-modified: Thu, 28 Mar 2024 20:44:39 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22490
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/10.10.0/ 147 KB
39 KB 37ms
7ms Script
text/javascript 2404:6800:4003:c05::5e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.10.0/firebase-auth.js

Requested by

Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

91a1a8403ab1027ff8972e9d185a3da7b7b8b7c66285261cd32aacaf711539b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 29 Apr 2027 17:58:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Mar 2024 20:45:20 GMT
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40023
x-xss-protection: 0
server: sffe

GET
H2 200 firebase-database.js Show response
www.gstatic.com/firebasejs/10.10.0/ 182 KB
48 KB 42ms
12ms Script
text/javascript 2404:6800:4003:c05::5e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/firebasejs/10.10.0/firebase-database.js

Requested by

Host: persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c05::5e Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3259d8ed7e8e6cdeb4c71685f423af1adaca057edad8af888354c39a13fec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
x-content-type-options: nosniff
expires: Thu, 29 Apr 2027 17:58:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Thu, 28 Mar 2024 20:44:44 GMT
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48798
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604240101/ 549 KB
177 KB 9ms
7ms Script
text/javascript 172.253.144.154
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604240101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9536566978657336

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.144.154 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sn-in-f154.1e100.net

Software

cafe /

Resource Hash

a773010c020a85c09bb32f4c92fe4457815da9def5081870589029962540d14c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
etag: 13123629400747075748
age: 10595
x-content-type-options: nosniff
expires: Wed, 13 May 2026 15:01:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Wed, 29 Apr 2026 15:01:35 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 181655
x-xss-protection: 0
server: cafe

GET
H2 200 pdHBudlgXHwAQZwAZCktpRUBcRGlEVh4EPRJNHhMqBxkdAj0aBEMQLRcYHR85WQkPFzweSB8PMRddAgAqG0ceQ2EcFEATPBMVARg9WhEeBn4eAwEYKEknHh4NBh08GDciCQpEfgAKCktgUhwPGD9JVgsYO0lBSBc8Fk1eUCwEHwVLKBoKBxsuAwccHH4BEV-MbNw4... Show response
d2w9cdu84xc4eq.cloudfront.net/ 933 B
906 B 174ms
173ms Script
text/plain 2600:9000:203f:9400:d:547c:9480:21
Amazon.com

General

Check archive.org

Download Go to

Full URL: https://d2w9cdu84xc4eq.cloudfront.net/pdHBudlgXHwAQZwAZCktpRUBcRGlEVh4EPRJNHhMqBxkdAj0aBEMQLRcYHR85WQkPFzweSB8PMRddAgAqG0ceQ2EcFEATPBMVARg9WhEeBn4eAwEYKEknHh4NBh08GDciCQpEfgAKCktgUhwPGD9JVgsYO0lBSBc8Fk1eUCwEHwVLKBoKBxsuAwccHH4BEV-MbNw4ZAho5UUIoQ3ZEVVxGcAxBX1NrNlVcRjQdHhsOfUZAFk5uK0ZaX31GQA8GKBgVGRM6HxkaU2oyRV1BdkdGS0RoXBsGAjUYVVw1fUZAAh8zEVVcRj8REwUZcVFCXhUwBh8DE31GNl9Cb1pAQEZ2RFVcRisVFg8EMVFCKENrQ15dQH4BTV8
Requested by: Host: d2w9cdu84xc4eq.cloudfront.net
URL: https://d2w9cdu84xc4eq.cloudfront.net/?udcwd=1102210
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:203f:9400:d:547c:9480:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: /
Resource Hash: 184569708aa7bf523741de1b8b4037a835307c7f5f0b865ba34ae7e968f844fe

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: max-age=31556926
content-encoding: gzip
via: 1.1 7e38ccf244ad9223dd8a570c40eddb7e.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 631
x-amz-cf-id: 0ao5tAMyu6UFpbSPRFrUnd28ghQHBoZeYgie-f_pWVCsEzRSQ5ja3g==
date: Wed, 29 Apr 2026 17:58:10 GMT
x-amz-cf-pop: SIN3-P4

GET N2JvQkRWAAwve1ZfDWQxRQ5SZ3ZxR10EIFQADTU9WhJeICxbBEEhKFgXCyQ2WAwbbCpSFkpwAk0tNw9xVlMfIwxxASEYEQcDNxQeRSEqIQhvNQAIEmIJNRJ1Di08E3BYMQcyD38YVhoGTzMhDnVYADwlDQAkLjIddAhaFhcHBTwPdUcHORB0WDQEEA5vDyEQAk8BI...
undefined/ Frame 3647 181 KB
181 KB

GET
DATA 200
OK truncated
/ Frame 3647 3 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3647 5 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3647 155 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20260428/r20190131/ Frame 1026 8 KB
4 KB 22ms
7ms Document
text/html 142.251.12.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20260428/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

36127f528a765e887579c62228b555318bbacad3d36f99b3985a1a30a0ade2ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

age: 83417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 3877
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Apr 2026 18:47:53 GMT
etag: 15664404097259849350
expires: Tue, 12 May 2026 18:47:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 519D 603 B
68 B 31ms
18ms Document
text/html 142.251.12.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9536566978657336&output=html&adk=1812271804&adf=3025194257&lmt=1777485464&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32%2C43%3A32&format=0x0&url=https%3A%2F%2Fpersistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app%2F&pra=5&asro=0&aiapmid=0.0001&aiactd=0&aicctd=0&ailctd=0&aimartd=4&aieuf=1&aicrs=1&uach=WyJMaW51eCIsIiIsIng4NiIsIiIsIjE0Ny4wLjc3MjcuMTE2IixudWxsLDAsbnVsbCwiNjQiLFtbIkNocm9taXVtIiwiMTQ3LjAuMC4wIl0sWyJHb29nbGUgQ2hyb21lIiwiMTQ3LjAuMC4wIl0sWyJOb3QtQS5CcmFuZCIsIjI0LjAuMC4wIl1dLDBd&abgtt=6&dt=1777485490205&bpp=4&bdt=562&idt=122&shv=r20260428&mjsv=m202604240101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=4695150272698&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=32&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42532524%2C95366174%2C95387779&oid=2&pvsid=561472064862609&tmod=812952184&uas=0&nvt=1&fsapi=1&fc=1920&brdim=50%2C50%2C50%2C50%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&ifi=1&uci=a!1&fsb=1&dtd=162

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 29 Apr 2026 17:58:10 GMT
expires: Wed, 29 Apr 2026 17:58:10 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 18 KB
13 KB 33ms
13ms XHR
application/json 142.251.10.155
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20260428&st=env&sjk=561472064862609

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604240101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sd-in-f155.1e100.net

Software

cafe /

Resource Hash

614450eb40daca6324a7ce12034cada5a1173effb8a01c011edf93849e8bdfa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13647
date: Wed, 29 Apr 2026 17:58:10 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 404 favicon.ico
persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/ 4 KB
4 KB 48ms
48ms Other
text/html 43.174.14.129
ACE-AS-AP ACE

General

Check archive.org

Download Go to

Full URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.174.14.129 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: edgeone-pages /
Resource Hash: 00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

eo-cache-status: Cache Miss
cache-control: public, must-revalidate, max-age=0
etag: "0445e4fdf1e737913bb718eca592a661"
age: 0
eo-log-uuid: 14548577482068590319
accept-ranges: bytes
content-length: 3881
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/html
last-modified: Tue, 23 Sep 2025 09:32:20 GMT
server: edgeone-pages

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 21 KB
8 KB 20ms
5ms Script
text/javascript 2404:6800:4003:c01::84
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202604240101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb8d603426932f2666666f4bd32b3dde726161c7f7413e385d2e124e6e03039c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
etag: "1775059593017171"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Wed, 29 Apr 2026 17:58:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 7628
x-xss-protection: 0
server: sffe

GET
H2 200 runner.html Show response
ep2.adtrafficquality.google/sodar/sodar2/254/ Frame 3C6F 14 KB
6 KB 12ms
4ms Document
text/html 2404:6800:4003:c01::84
Google LLC

General

Check archive.org

Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

fe2eddeaa8adad53d570fdeeb04412a07ec65ad99b25fe5beb092dfe4fb78cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

accept-ranges: bytes
age: 2244
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5457
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Apr 2026 17:20:46 GMT
expires: Wed, 29 Apr 2026 18:10:46 GMT
last-modified: Wed, 01 Apr 2026 16:06:33 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 98E2 829 B
568 B 14ms
6ms Document
text/html 142.251.153.119
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.153.119 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

7c0bbbffd2671f0eb68dd250dabe0efdd6f91860c994c6098a87756a978ec336

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-o1y_hkMq2ZLSu0g6LN7Gaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Linux"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-o1y_hkMq2ZLSu0g6LN7Gaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Wed, 29 Apr 2026 17:58:10 GMT
expires: Wed, 29 Apr 2026 17:58:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 98E2 0
17 B 19ms
8ms Image
image/ 172.253.144.156
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=254&li=gda_r20260428&jk=561472064862609&rc=

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.144.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sn-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 29 Apr 2026 17:58:10 GMT
x-xss-protection: 0
content-type: image/
server: cafe

GET
H3 200 5A-2rbyuQQakOlUOuHZfzdfL9zZl2ZXnWfONVwSHWyA.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C6F 57 KB
21 KB 16ms
7ms Script
text/javascript 172.253.144.156
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5A-2rbyuQQakOlUOuHZfzdfL9zZl2ZXnWfONVwSHWyA.js

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.144.156 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sn-in-f156.1e100.net

Software

sffe /

Resource Hash

e40fb6adbcae4106a43a550eb8765fcdd7cbf73665d995e759f38d5704875b20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ep2.adtrafficquality.google/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: br
age: 29098
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
x-content-type-options: nosniff
expires: Thu, 29 Apr 2027 09:53:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 09:53:12 GMT
last-modified: Mon, 27 Apr 2026 14:38:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
accept-ranges: bytes
content-length: 21970
x-xss-protection: 0
server: sffe

GET
H2 204 generate_204
ep2.adtrafficquality.google/ Frame 3C6F 0
40 B 7ms
6ms Image
text/plain 2404:6800:4003:c01::84
Google LLC

General

Check archive.org

Download Go to Show image

Full URL: https://ep2.adtrafficquality.google/generate_204?amnTng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 29 Apr 2026 17:58:10 GMT
cross-origin-resource-policy: cross-origin

GET
H3 200 popunder.gif
weiledsteverm.org/ 35 B
0 0ms
0ms Image
image/gif 172.67.149.106
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL: https://weiledsteverm.org/popunder.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.149.106 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

content-encoding: gzip
cf-cache-status: HIT
age: 292331
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=h8DnRieLYEWgqIQi6EEouzXyrU3RcSO9au%2B29YoEoC0gSVZlVAD6gksNSrXtRByE9IHCPEIi8dOVJAcxnnHQ5VGKhwp99eWRfh42l1BZyQeC8H8DiH9diJcFsIOn3k2Uf4Y1bA%3D%3D"}]}
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Wed, 29 Apr 2026 17:58:10 GMT
content-type: image/gif
last-modified: Sun, 26 Apr 2026 08:45:58 GMT
vary: accept-encoding
priority: u=3,i
cache-control: public, max-age=604800, immutable
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: public
cf-ray: 9f403178bdfbfd6b-SIN
accept-ranges: bytes
access-control-allow-origin: *
content-length: 58
server: cloudflare

GET
H3 204 sodar
ep1.adtrafficquality.google/pagead/ 0
17 B 11ms
9ms Image
image/ 142.251.10.155
Google LLC

General

Check archive.org

Download Go to Show image

Full URL

https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=254&t=2&li=gda_r20260428&jk=561472064862609&bg=!wsGlwaPNAAYoaGGQCGg7AEcBe5WfODxVeyAnK5rudOH8JN8oCMRcULC1JIcCsjzH2Y-iO2P_9wnm4DVyJi6gLE26fwRGMQaClp8AjJaFzBgGuhUeNifp2QIAAACGUgAAAANoAQd-ADeNjx9uiElL0hrz4V8SviaGlB1Hm1GWd_ghVnj4x8LMLP-wFotnGvP8c_FIIXmc-N9K1KTWBOtMCgAFx3P24RyZAojq6fY1DLAuNuRAIjffp0KWQyvK1uOuVUpuci1LF-LydmoiDcCwAD_oMm_mnE_sRMwo7NItIHra9pBMwhSBnbTnamhp1h9cQ8K-YBbQBZQ0nXteb4w9uYaIM5sAWx5dCY5ra-q1tj9kMWiGArNhA9LoJBQ-MWTXm3ZH-PBVKKPm9ml0dOlypZdzC2gF1lMmWeqG5gCj4BHi7_UY34JlFGyVVAkU9nyALH8zi81AcNSU62N2X-H0HFOu2FvMlqdDQxHXhPkZW_bn6GL18b5jr04kKqfep0H4oV7I-V-Y2fPAzrGnOAv2NAsM0SupyTiUrXxgZr0gvdANrMAQ3wDWMM1P2gNU_aTPIOg0KNfKDGI3ZTrc9O9wYv55ls6VZmOcVgfKNp_aDaOrbCMP9SGKEI8Gk62ofODFLeuA7Sl3_A0IhTkTQ1-UZa2Sb-pmDRomME_HbY5ySC-lMuh5EnbXkj7inTMikhhJ9YCZRzRUSBLMmEgR-Rja9Fi2-z_tQ2rNcxkGUOKWs0Cjj2HUmXOt4Q5C1UdUMBHm1a0gHtYGziUvbXlSvM6B8Y8wRSsuhAhPbZHYWp8VrtNmsV3XsBFJNpz6DQvUpP_SQj2McxnfWX_NAPcdtHoaKqXcSWj2sXme6udRilr8nOTui0QgOC_9y4-uIeD4ki6wXrlXXdswnQ6DAtAef2SY0e8BSOqfoiKO_DGOief6JD9OyiuwoQGHvROxL4kWOPtLwQJzF8AwUX5MR9rUXK2XU73vpRkYiGhXUc6SQG0QUiZK36aYGbIkCTjsccBDKWimIxZ53DujN9czdI5LJ-rNfD3CVAfiujA_FIkofgrXnnjhwnObgmaLp9KFAvwoZcytggI

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.155 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

sd-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 0
date: Wed, 29 Apr 2026 17:58:11 GMT
x-xss-protection: 0
content-type: image/
server: cafe

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 7ms
5ms Fetch
text/plain 2404:6800:4003:c03::66
Google LLC

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-34ZZ69LFNW&gtm=45je64s0v9188303533za200zd9188303533&_p=1777485489783&gcd=13l3l3l3l1l1&npa=0&dma=0&_eu=AEAAAAQ&ae=a&are=1&cid=341391261.1777485490&frm=0&pscdl=noapi&rcb=16&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B147.0.0.0%7CGoogle%2520Chrome%3B147.0.0.0%7CNot-A.Brand%3B24.0.0.0&uam=&uamb=0&uap=Linux&uapv=&uaw=0&ul=en-sg&_s=2&tag_exp=0~115938465~115938468~117266401~117384405~117512542~118463261&sid=1777485489&sct=1&seg=0&dl=https%3A%2F%2Fpersistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app%2F&dt=Blooket%20Bot%20-%20Spam%20Hack%20Bot%2C%20Answers%2C%20and%20AI-Powered%20Flood%20Bot%20Tool&en=scroll&epn.percent_scrolled=90&_et=53&tfd=5377
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-34ZZ69LFNW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4003:c03::66 Singapore, Singapore, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua-platform: "Linux"
Referer: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
sec-ch-ua: "Chromium";v="147", "Google Chrome";v="147", "Not-A.Brand";v="24"
sec-ch-ua-mobile: ?0

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:138:0
report-to: {"group":"ascnsrsggc:138:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:138:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
cross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:138:0
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 29 Apr 2026 17:58:14 GMT
content-type: text/plain
server: Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&dsh=S-568638920%3A1777485490124003&hl=en&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pasg84hytZ_ngi8ADoekg3nlTCg7di7hLIsNkzDVLC4EIWmutLetNshxY9p7Sc3yfBXGOrg6

Domain: accounts.google.com
URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&dsh=S1192245425%3A1777485490123884&hl=en&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AWa2Pat93Oxq09V9tPa8isJagAjxdcdsoI9xO272N5xAGK0T4AqitJ1Pg96I6yZGqLiyL1MXK-uv

Domain: cdn.glitch.me
URL: https://cdn.glitch.me/50648a61-8fe9-4ce0-a01c-baff9438bbf2/vid.mp4?v=1735642901309

Domain: undefined
URL: https://undefined/N2JvQkRWAAwve1ZfDWQxRQ5SZ3ZxR10EIFQADTU9WhJeICxbBEEhKFgXCyQ2WAwbbCpSFkpwAk0tNw9xVlMfIwxxASEYEQcDNxQeRSEqIQhvNQAIEmIJNRJ1Di08E3BYMQcyD38YVhoGTzMhDnVYADwlDQAkLjIddAhaFhcHBTwPdUcHORB0WDQEEA5vDyEQAk8BIBIoAzU5JRESUCkEPH0oKHE8YyMpGwJ8BT4DFXFaNSB0bRQlLzdRIF8PFG0VKRQSZg1fGi8DBCsoFlY2CCoKeFNfEAZxW1cWFXk1LgUgeio5cgtnJC4mHHZbVxYGfictKBJzJQNvEX8tFzoGUVNacgdhOyMVd30gPiUseAM3NhN0UxxwEXVTIgd3Dy4+cgJjACgYAnM3JWd2cSFfDB1wGx8UAlxWIA0CfgM7F3FYBF8bD28qPgkWZRo1IyxyOzoQfAQ0ORsIfCpXDhUGNywPEk81LHM3DjotABd1KiIhFWYJJg8vRAE5A3ESUCkBPmIrN3B0bzMXJiZTIwMVBwYRHxUGYTsoFglUMzd7IVYzWiYHW1NXFgEDK0koN1gMH383TlYsFHFhL14

Verdicts & Comments Add Verdict or Comment

81 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.edgeone.app/	1970-01-21 23:20:45	Name: _ga Value: GA1.1.341391261.1777485490
.edgeone.app/	1970-01-21 23:20:45	Name: _ga_34ZZ69LFNW Value: GS2.1.s1777485489$o1$g0$t1777485489$j60$l0$h0
.doubleclick.net/	1970-01-21 13:44:46	Name: test_cookie Value: CheckForPermission
ukankingwithea.com/	1970-01-21 22:23:09	Name: csu Value: 1952245521182428@1@1777485490

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/app.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/blooket_bot_image.webp Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/blooket_logo.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app/images/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://blooket.schoolcheats.net/api/proxy/play.blooket.com/play Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://ep2.adtrafficquality.google/sodar/sodar2/254/runner.html Message: [GroupMarkerNotSet(crbug.com/242999)!:333C0020B0A0]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader (about:flags#enable-unsafe-swiftshader) flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
blooket.schoolcheats.net
cdn.glitch.me
d2w9cdu84xc4eq.cloudfront.net
dcbbwymp1bhlf.cloudfront.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
googleads.g.doubleclick.net
pagead2.googlesyndication.com
persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
ukankingwithea.com
undefined
weiledsteverm.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
accounts.google.com
cdn.glitch.me
undefined
www.facebook.com
142.251.10.155
142.251.12.156
142.251.153.119
172.253.144.154
172.253.144.156
172.67.149.106
172.67.163.146
172.67.192.190
2404:6800:4003:c01::84
2404:6800:4003:c03::66
2404:6800:4003:c04::61
2404:6800:4003:c05::5e
2600:9000:203f:2a00:1e:61ec:b4c0:21
2600:9000:203f:9400:d:547c:9480:21
43.174.14.129
00d28cc4359700e1336124d1506eacdd693eb2b196c94bbd4de4d86ed0becd9f
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
184569708aa7bf523741de1b8b4037a835307c7f5f0b865ba34ae7e968f844fe
1e4dc89fc797bc16c80655e58476a323061eb6446b28d7a583ad94e7c59427cf
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
20719675f66ba679d8821cf35098e9ede40290cb6adc7b0faf50d395c38cd21c
2f2eefe276a8f0f297706d95b4c2aeeaef565c12ea2a3c731ee963ceaaa1d3f8
36127f528a765e887579c62228b555318bbacad3d36f99b3985a1a30a0ade2ea
3e3259d8ed7e8e6cdeb4c71685f423af1adaca057edad8af888354c39a13fec8
5e2caf44d8a5d512adcbb2c01653b9beb0ae6ecf0ceaaf600f7a6b1c5ae171ec
614450eb40daca6324a7ce12034cada5a1173effb8a01c011edf93849e8bdfa6
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521
7c0bbbffd2671f0eb68dd250dabe0efdd6f91860c994c6098a87756a978ec336
82696f47d01f2695a90ef1e1f764970d6bb924da67c96865e693768f152a22ef
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8b42ffa26378c366d7ab9e086780f04f4f7e8ac15afa9d367b2a44ffa068e0aa
91a1a8403ab1027ff8972e9d185a3da7b7b8b7c66285261cd32aacaf711539b1
a773010c020a85c09bb32f4c92fe4457815da9def5081870589029962540d14c
bf207aaf7e267995c6a11c5fecc849e8ab68349e73db504e67d86bfc4905eb1a
cabcb044416d3e582de65bab21e699e47cbec59a7003825cd117d559b4ae7e31
cb8d603426932f2666666f4bd32b3dde726161c7f7413e385d2e124e6e03039c
d217869e87b50b7217196fc25fe8ce230f4ba6f3694a58e7281cd7215cc5cedc
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40fb6adbcae4106a43a550eb8765fcdd7cbf73665d995e759f38d5704875b20
e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
f4a8a4ce7e92db573fcdb6bc6df524e114e81a4a6b9bf3da2f9b86181e93b409
fe2eddeaa8adad53d570fdeeb04412a07ec65ad99b25fe5beb092dfe4fb78cc9

persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app 43.174.14.129 Public Scan Open in urlscan Pro

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

87 %HTTPS

40 %IPv6

15 Domains

18 Subdomains

16 IPs

3 Countries

990 kBTransfer

3342 kBSize

4 Cookies

3 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

persistent-fuchsia-yaadj8qyic-lvro7p59hd.edgeone.app
43.174.14.129 Public Scan Open in urlscan Pro

Screenshot
Live screenshot

Full Image

38
Requests

87 %
HTTPS

40 %
IPv6

15
Domains

18
Subdomains

16
IPs

3
Countries

990 kB
Transfer

3342 kB
Size

4
Cookies

38 HTTP transactions
9 data transactions