rpc.lol Open in urlscan Pro
2606:4700:3034::ac43:9277 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rpc.lol/
Effective URL:
https://rpc.lol/
Submission: On December 03 via api (December 3rd 2023, 1:10:38 am UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 20 domains to perform 110 HTTP transactions. The main IP is 2606:4700:3034::ac43:9277, located in United States and belongs to CLOUDFLARENET, US. The main domain is rpc.lol.
TLS certificate: Issued by E1 on October 8th 2023. Valid for: 3 months.

This is the only time rpc.lol was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3033::6815:4f9d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3034::ac43:9277	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
4 14	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1 30	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 9	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3601:357b:9971:3f66:201	16509 (AMAZON-02) (AMAZON-02)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.5.132 37.157.5.132	198622 (ADFORM) (ADFORM)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	18.196.230.223 18.196.230.223	16509 (AMAZON-02) (AMAZON-02)
110	20

1 2606:4700:3033::6815:4f9d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rpc.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3034::ac43:9277 (United States)

ASN13335 (CLOUDFLARENET, US)

rpc.lol	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 216.58.206.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3601:357b:9971:3f66:201 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.5.132 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Loerrach, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	1 MB
24	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	176 KB
16	rpc.lol 1 redirects rpc.lol	2 MB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 138
8	google.com 2 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2693 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	255 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 560	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 773 r.turn.com — Cisco Umbrella Rank: 3570	869 B
2	gstatic.com www.gstatic.com fonts.gstatic.com	36 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	156 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 340 fonts.googleapis.com — Cisco Umbrella Rank: 29	32 KB
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	146 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1428	588 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1618	173 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 550	363 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	715 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5555	554 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 49153	609 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	543 B
1	google.de www.google.de — Cisco Umbrella Rank: 6765	408 B
110	20

	Domain	Requested by
30	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
18	pagead2.googlesyndication.com	rpc.lol pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
16	rpc.lol	1 redirects rpc.lol
14	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cm.g.doubleclick.net	1 redirects rpc.lol googleads.g.doubleclick.net
8	www.googleadservices.com	googleads.g.doubleclick.net rpc.lol
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	region1.analytics.google.com	www.googletagmanager.com
2	c1.adform.net	2 redirects
2	www.googletagmanager.com	rpc.lol www.googletagmanager.com
1	x.bidswitch.net	googleads.g.doubleclick.net
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	r.turn.com	rpc.lol
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	www.google.de	rpc.lol
1	stats.g.doubleclick.net	www.googletagmanager.com
1	ajax.googleapis.com	rpc.lol
110	27

This site contains links to these domains. Also see Links.

Domain
discord.gg

Subject Issuer	Validity	Valid
rpc.lol E1	`2023-10-08` - `2024-01-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://rpc.lol/
Frame ID: 8C7FD1A37DA62C2A0D636B59325B5E9A
Requests: 32 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: 6A7355575690710EDD5F763BD08F0A29
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&adk=1812271804&adf=3025194257&lmt=1696306105&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frpc.lol%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565830760&bpp=5&bdt=299&idt=332&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8116154630478&frm=20&pv=2&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=341
Frame ID: 1EB717A67DC2EEE6293C8EBAD8A996FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=3221977776&adf=2472727101&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565830826&bpp=3&bdt=365&idt=280&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283
Frame ID: FF924B8C66A1D44FF032BD321A96BC17
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=90&adk=1744943809&adf=1939900067&pi=t.aa~a.1666079422~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&to=qs&pwprc=1377689735&format=1200x90&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565831683&bpp=1&bdt=1222&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Frame ID: A9F9ECA571C6ED51B9C5D2807CE3FFF6
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: C64A1B183827BC22F47D7890CD3D39F3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 119F9B61A97FEECA42CBBC6BC0619D5A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C19B43D44B0AF68EBAD2D261D034F8A9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1C2204C1B77D2EEC84CA3BD1477419FA
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5C15E0DCFB7D0E278986494E8833842C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: E80510B967535EE1268FA554B757DB9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 71E81E0F0782674A8E5628A5F7F563F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=1144701990&adf=4235265862&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565833611&bpp=1&bdt=3150&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97f21eec6b3f9b51%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg&gpic=UID%3D00000d01bc816ebe%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w&prev_fmts=0x0%2C1200x280%2C1200x90%2C1005x124&nras=3&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGslby51Z-5fN-2PCOB8vqD2NVbxzvbQJVgouxrZojyNaMzLBsI-VUt1uEXOCnQGRE_xRrJwuGYOoNB9zpeR1vOxcb3iGWJ9T3G2XKs9A4TRWwaDbyA%2CAOrYGskKnLqGh2qK_FYeAZpcagcEvDCpn5tHgwIdiWuP7Uu7eojNXJQr8p_Jai4m-6aE_juUPi4Y6LkuBV_Eo52SNW95iL4%2CAOrYGsmIvkWo3bE6jHuT2hh0gkqiD21rve9-JlYkkDChuqTQt8hzWFcKcNIWeBKFFEehby01BEyyLxwpyL-BcuLDylnASmX3&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Frame ID: 34081FD45D1BC824F00D792AC7317096
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E43BA48C2604F8A1200924E8D58CB3ED
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: DFE566A8DC3D3E1D062ABA98C37325B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F216926612E77389D64919FBFD74491F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E00204AA6A79C63F5ABF5D145E5873B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

RPC.lol Home

Page URL History Show full URLs

http://rpc.lol/ HTTP 301
https://rpc.lol/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

110
Requests

89 %
HTTPS

62 %
IPv6

20
Domains

27
Subdomains

20
IPs

7
Countries

4444 kB
Transfer

6634 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/vVn9aPSRMp

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rpc.lol/ HTTP 301
https://rpc.lol/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://googleads.g.doubleclick.net/pagead/adview?ai=CcfKJh9VrZdafCeiWjuwPo9OYoA6l96CcdKa_5-qKErHR_d8FEAEg_620mAFgleKQgqAHoAH8nJjxKMgBCakCS2-RJ_osgT6oAwHIA8sEqgTAAU_Q4xY7NeaYdnUMdrWomWLkrpgIKwBw_AzkqexHtb5cZ0gOHAs3tHROnhD8IrKNm4ISmh_NcxypBgMiY8C2IrEPCunffMRuSKLYNnYW1IgPW-G4HtxNSEassX_A3c-l-Jh3oU_otGHnCOr-uJHAXC98y5jx8rNOzpRLfX6Ltdnn02lYDLN37GNU_I8SQQ8gjrif-8xZYTRtvDyWRY2pw68WrG-mD2fbYDqmCQUU-3Sx3z7I_3Cnjkz8nCZPTH7UCsAE5_DprdEEiAXcj5GyTZIFBAgEGAGSBQQIBRgEoAYugAf81OjQA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBCCnR7SCB8IgOGAEBABGB8yAqoCOgKAQEi9_cE6WPjhtdeK8oIDmgkqaHR0cHM6Ly93d3cuY2RnYW1lY2x1Yi5jb20va2lkcy1nYW1lcy5odG1sgAoByAsBogwQKg4KDOS0sQLutbECtbixAtgTDNAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zODMzMjM4NzE2NzE1MTEwGAA&sigh=r0vg1iJrpsQ&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwDICaaN3FybcrF6ggxomiyqtDGKn7bS39DMmoQaa4rpATF6zps7O61NyEvwtARyBYRBqUXyQV846_81TEFXUj9Mg8R_YLQiORV4-djgGUIYAQ&template_id=494&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228413989987099645802%22,%22debug_reporting%22:true,%22destination%22:%22https://cdgameclub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974793340%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226327431784437539569%22}&andc=true

Request Chain 50

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODckZTCtAEQoAYYoAYyCNdj1gGSfV68 HTTP 301
https://tpc.googlesyndication.com/simgad/12902248066304502756

Request Chain 51

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ2kmh9VrZd3wCOmkjuwP-euggA3XqPfIdKKPvYOTEqe339-XOBABIP-ttJgBYJXikIKgB6ABvJy-kCnIAQKpAocWcjmKQrI-qAMByAPJBKoEtQFP0E6u--koqLRMjC1918fS0Zv2mEdLcbwDSMfGFHzLSLj-M-DuXQqL4vPqsWatZ_tNkjsY5pJDJGO9OAR98cFooottOxo47Aw91GAfSzBIeabvA3fSWbArvuX3NmRmcA7haHKg1ElIXABhdZT8pbzSM7itZB2qvLzbLMpwG5aJfb3JwbIWt8xYQBbExgCOFt1ouUjPO8NR9i3y_eGZ-_IXeJHMo13FQk5IaPkwNNko5m5wFP8vwATosOTvrgSIBezXmddHkgUECAQYAZIFBAgFGASgBgKAB7zUjvADqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ4IEI0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOljwsrXXivKCA5oJGGh0dHBzOi8vemlwbC51cy9mb3J0bml0ZYAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMM0BUBgBcBshccChoIABIUcHViLTM4MzMyMzg3MTY3MTUxMTAYAA&sigh=jkyEjokkrvY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNeSuqQm6xu2S0uziWUO7bl9YZYdbMM-azucdEWB43dUCwu00U--n_0htT5SpYTUMuiJNH64M8povn66qB0buK65JhlNwYmpJR68UYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212927081488514932164%22,%22debug_reporting%22:true,%22destination%22:%22https://zipl.us%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040427580%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22385315656645174241%22}&andc=true

Request Chain 67

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 70

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPqU19XQezHvn2qco4IdnSI&google_cver=1&google_push=AXcoOmTYtFIjxuQvEBABTkLXFBwZbjDJJ6DlZCKn8sNXTNofKIj71xdVFYw7HBNerzLPgYsqE_Cmgo4Xg1gV-Ny28CQ7h1A9ithhRVo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA2MjAyMTk2MDE1Mjk0MTc2Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPqU19XQezHvn2qco4IdnSI&google_cver=1

Request Chain 71

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHZvsn5SiNUHxi86d6A9kaE&google_cver=1&google_push=AXcoOmRWGxUXSV29Z8t0oMcdRraFheMFzrmCKT4_ERZkZ1KOszrCovjeKXA4ezo9b51ugyiTp80Yq9kCcS_JSGk_9gLY0kOsp14yvz8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZvsn5SiNUHxi86d6A9kaE&google_push=AXcoOmRWGxUXSV29Z8t0oMcdRraFheMFzrmCKT4_ERZkZ1KOszrCovjeKXA4ezo9b51ugyiTp80Yq9kCcS_JSGk_9gLY0kOsp14yvz8

Request Chain 72

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEO5vkkV3CSaoCt9Lah-W3N8&google_cver=1&google_push=AXcoOmQPhYhKit2PZk0FSTA6wJM_IEja8b419GLx7YmJn6imdUNlb27Dg3sW3Bd7uYghlal9xwNAyM9D4Rd1ri8WzDJg9gUh7uSqaBA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPhYhKit2PZk0FSTA6wJM_IEja8b419GLx7YmJn6imdUNlb27Dg3sW3Bd7uYghlal9xwNAyM9D4Rd1ri8WzDJg9gUh7uSqaBA&google_hm=Yt8w1EZeQduO1dld_Ha8k7E

Request Chain 73

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBTNtCBmDPLtEAHOZeu08nA&google_cver=1&google_push=AXcoOmTYlR60tvTdmhOWy4YJ1LgdlzD2gKvdmrzBd_ckLJZVKmjockkI3V--0IrYOS3hEc_WUtVT1zEW-OKosaBzJj9P_co-YXU1TK8 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6jHYScYQQgSqZrDhG_Epg&google_push=AXcoOmTYlR60tvTdmhOWy4YJ1LgdlzD2gKvdmrzBd_ckLJZVKmjockkI3V--0IrYOS3hEc_WUtVT1zEW-OKosaBzJj9P_co-YXU1TK8

Request Chain 74

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFrgaR5ERrP3SHTWwd4klN4&google_cver=1&google_push=AXcoOmR2INfq6Tj39_fs69n2G62qXn-Yl6kBcMTVwbnMQpkUQObHVodpvxXJ-_E9goD-m9pu7IZo5gwgdM95QG7nJFbH2uuOrv1-zmU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2INfq6Tj39_fs69n2G62qXn-Yl6kBcMTVwbnMQpkUQObHVodpvxXJ-_E9goD-m9pu7IZo5gwgdM95QG7nJFbH2uuOrv1-zmU&google_hm=eS1lQ1JXQjdoRTJwRUlFaXRoY1VkQnA0MGdhLnZHMTIuR35B

Request Chain 76

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAL--w7b4ac-Nq3PS9rEkDg&google_cver=1&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyeeDKvjE_TMCUoP0d9ZlNWl39RTI HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAL--w7b4ac-Nq3PS9rEkDg&google_cver=1&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyeeDKvjE_TMCUoP0d9ZlNWl39RTI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc4MDM2ODMyMjEzMDA5OTU3Nw&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyeeDKvjE_TMCUoP0d9ZlNWl39RTI

Request Chain 78

https://googleads.g.doubleclick.net/pagead/adview?ai=C9RJWh9VrZerNLInNjuwPh4awmAv09Lvxc8-c-qCSEuDd8emPDhABIP-ttJgBYJXikIKgB6ABo42j6ijIAQKoAwHIA8kEqgS_AU_Q4BSiGb9irZuZka-TE2AOvzeHNPcti0tKvZFUSOuCgK7mgqZY9WN4uy7O3SpXVWMU7WpOlMa1xcDHTsCpOkWHWqFhOHjMZ5h8avhbvIoqIVpTN5F5Cqfke9maahw7jEaxF-IprvTNWcShi0zRUGTE_O8jEsGFSWtVgriJIaUZuvcbpFwd1XhPinJDvhQ2K2l9IuZlMhAHUE4Vacna9Tfv5YKdGLxT_fMDcEJmJCf3usoTyTl9qj2fT_2-fbehwASg7MriygSIBam8_9lLkgUECAQYAZIFBAgFGASgBgKAB6PF88kDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQrJQD0ggfCIDhgBAQARgfMgKqAjoCgEBIvf3BOliNi9nXivKCA5oJKWh0dHBzOi8vcGxheXBsYXlnYW1lcy5jb20vYmVzdC1nYW1lcy5odG1sgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLYEwzQFQGAFwGyFxwKGggAEhRwdWItMzgzMzIzODcxNjcxNTExMBgA&sigh=DE3V7cljGkk&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNc2ChDnty5taH1Y4k-kl99uR42yFOmGmD5EB4nvMlrHY86jZianH4a7_p__yleXJEJuvcwVPnABgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223966721688340190356%22,%22debug_reporting%22:true,%22destination%22:%22https://playplaygames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210960291491%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218236887540196326881%22}&andc=true

Request Chain 97

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFtVs99zpr3LPkyfjlIGXRg&google_cver=1&google_push=AXcoOmQLI5Pr56xoO5y0b569-kdg4lWmGsgZhQ0Ua68FPCrTomme7aBjyzKGpxr2T595ONM0Q2rbh_YAqSexKv6x_d90nBZSZ6_SWAds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODE2OTYwOTAyNTA5MTczNA%3D%3D&google_push=AXcoOmQLI5Pr56xoO5y0b569-kdg4lWmGsgZhQ0Ua68FPCrTomme7aBjyzKGpxr2T595ONM0Q2rbh_YAqSexKv6x_d90nBZSZ6_SWAds

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=CAFv3idVrZaOiKInBjuwPktq1oAv09Lvxc-L1wtnUEeDd8emPDhABIP-ttJgBYJXikIKgB6ABo42j6ijIAQKoAwHIA8kEqgTAAU_QQ9k6up0uQlSMax7CLJ0euwUcVTKPH5ITqQ3BngDOmSWI7GJ64HOVcvMI9mRMelLK6mzSUmDFooW49CVDjrVdMPT-iycA5MvdXnO_1bYhf40LfxjbxOc4_lj1aXGM5RQfDldRCMTLjvImBO3Hj1W77HGKUrwO1IvYzmBjiG0czzUuqfV8NeMlFzp1w9mVVHM307tBbWiYGTzk2ixZm4AHSzzjwckK6MtVRItZ7BxSPPTsjcTQJEUeFZmjbEahd8AEoOzK4soEiAWpvP_ZS5IFBAgEGAGSBQQIBRgEoAYCgAejxfPJA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPeZEtIIHwiA4YAQEAEYHzICqgI6AoBASL39wTpYl9_O2IryggOaCSlodHRwczovL3BsYXlwbGF5Z2FtZXMuY29tL2Jlc3QtZ2FtZXMuaHRtbIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2BMM0BUBgBcBshccChoIABIUcHViLTM4MzMyMzg3MTY3MTUxMTAYAA&sigh=iNYV3JYViHo&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPADICaaNsW_OqdTz8KaEGdYow8QxLcL2nUxOG6z584LbiD_9WlCBuMzLbFfS0T7k9bR699JEh--CimdT5xgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213470240216482025886%22,%22debug_reporting%22:true,%22destination%22:%22https://playplaygames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210960291491%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214728055603337708897%22}&andc=true

110 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
rpc.lol/
Redirect Chain

http://rpc.lol/
https://rpc.lol/

5 KB
2 KB

377ms
358ms

Document
text/html

2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f085a2e4f82da217dbdc4a405219117b40ac76bcd857f2600ebe9ddb980438

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 82f7ee262c8a1d8e-FRA
content-encoding: br
content-type: text/html
date: Sun, 03 Dec 2023 01:10:30 GMT
last-modified: Tue, 03 Oct 2023 04:08:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FPDGvuEe8rBN7LVE72gPrMrw2lP9LTurhEVlsNHdQAQfRHFsipzYu%2FZjLpNrQjJgew%2BqQNyYrQwD5iTqpkqSeitKCVsMma6dE8KbK84E%2FtmwTk8zAls%2BzgQHp9Vl66rqNsAE1uZj"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 82f7ee25ea9c1e66-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 03 Dec 2023 01:10:30 GMT
Expires: Sun, 03 Dec 2023 02:10:30 GMT
Location: https://rpc.lol/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M3bJu4BzZ0KH4pTuaVViKs2LVPgXs3kSynkssTuMWyMR3LIMYaow5jwwbIxtGJaV2Lgkk9mXTA5CEOKEFmI7OajabkJAryiH6OQ3KzRNFjfy55rymWhJ0A03tCLGxQ00DvqAzRN"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.4/ 88 KB
31 KB 179ms
57ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:06:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50666
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31154
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 03:27:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 11:06:04 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
52 KB 194ms
72ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3833238716715110

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c805a6fab7affd36524b2ff316569cf12ef44754a0807e5aafcd341aee315c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Origin: https://rpc.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52674
x-xss-protection: 0
server: cafe
etag: 8191324506009228087
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:30 GMT

GET
H2 200 index.css
rpc.lol/ 2 KB
898 B 359ms
358ms Stylesheet
text/css 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.lol/index.css
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52583bd5f292a362d901fc2d5daa001a6fd41a859937e7d3e1710284aefe4cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 12 Oct 2023 19:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"992-6078a551fdc12-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gq%2BebDh%2F1M5sSmOtIdv0R0OzEjoS1Tsil0PcekVMFe%2BpR8D8IJFMS93jsvZkCLT%2B6KGUci98EiLQEAvEqSTgPTzsDIk04QAOYPw4lu8GSAnbRkkgG2EjSmIhnk8Ml9WfHXKBNbCS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 82f7ee286e551d8e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 randomgame.js Show response
rpc.lol/games/ 1 KB
841 B 362ms
361ms Script
text/javascript 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.lol/games/randomgame.js
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2dca734883aa198dd11f70f7fe4595975745f6ab7d61e6c7f187b4b14860b5ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 May 2023 05:53:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"4b5-5fad7c9d5a504-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czjLvT7t9OEscgM%2FbCDIA7RwpHeLHt1ksgDUImCywzngvmmUPsAPokUf55CzbbgePBDYvD1K6%2F4%2BasCB3Ph9HZBbN9sMU2%2BpxoG3J65mezA3Yf%2BewdXRmDmAhEwZqmtDJaMM%2BC9j"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 82f7ee286e561d8e-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 funny.png
rpc.lol/images/ 11 KB
11 KB 361ms
360ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/images/funny.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0141096de9953659ace2c6d66bbe9bf606865b4d876f8ae6e49698bc63d56a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:30 GMT
cf-cache-status: MISS
last-modified: Thu, 11 May 2023 15:52:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b61-5fb6cf93da861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okeMV7nMwGfACZueyXT0XKaW8KwRhU8QKGHooF5IQ7x6sEGDrVpPRCvNi2gFlqPHhsBKo1NWeX0DVUQx1HrjRfH8SxWQGi1o5lfYJh%2BasC0DYQhEWEQyRkKnQ0m90CCS7R5uyFLT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee286e571d8e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 11105

GET
H2 200 rpc.png
rpc.lol/images/ 1 MB
1 MB 695ms
695ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/images/rpc.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fac49238f9cf066a26be068a02bf3bd63802d44583491bbfa73c3209a16e2b54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
cf-cache-status: MISS
last-modified: Fri, 28 Apr 2023 15:52:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10d752-5fa6777851f41"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QaLWB2swd43ObJ2HAy3%2FoKc1NLUQJVLyJ4crNBlEFZx%2BobhspTNJ2CmSuJACUi3AmVqtD39KvynVu%2FLugZXHANWNBzEMFUFSzMNzKwnuxHuGg0feGLhqlg%2BEEIenPm%2B7uY4xzdh5"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee286e581d8e-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1103698

GET
H3 200 games.png
rpc.lol/images/ 13 KB
14 KB 1894ms
1894ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/images/games.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 445753054fab535ef4f0f98fe1e8b3b5f44926416c1c72fb7ba33b9037103451

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
cf-cache-status: MISS
last-modified: Fri, 30 Dec 2022 04:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3519-5f103f20fe2ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CBV1tao9RPM0UaSmZMJqrwCvEju3AgCL9%2BvRoq9yPACw8TrPHY3Sg4RprTx0zVZGJqtQN3yCBxzcj4Xy8NVVaBEA%2B54f2Foi5jwNMKuAvf8rOieSakfFAUtyeKo%2FRso%2FG0%2BdSCHc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9141c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13593

GET
H3 200 mobile.png
rpc.lol/images/ 69 KB
70 KB 703ms
702ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/images/mobile.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2da6815572d096a6a78af3f72059b7225a35d4d25b67539c377bfdc8feb8acd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Sep 2023 04:06:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "1145a-606271451b6a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qugem3QDRcej%2BLPwlMRnZ2BJ%2FlPHB1kYoTniRgE8VwN85HXy22WPVtmtZWTPTL6yAaYi5KNYgtu47wO1yV8rArXbRVxlmxZtO6YQJRBF%2B1AEjPrDt%2FMOGeW8qx7YJZFMx8jJUJ8t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9241c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 70746

GET
H3 200 chats.png
rpc.lol/images/ 64 KB
64 KB 686ms
685ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/images/chats.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 888de8fc2477ec0efabacb8d1a4a1018a0387be2355fd9e2ddf08da11265bc21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
cf-cache-status: MISS
last-modified: Mon, 02 Oct 2023 03:26:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "fe47-606b355731070"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvBghzci8IwDbA1cgfXmw8OE3h2wqhu1JFmVv1YSJ9%2BW2G%2Bu6kLeLO11fM8E7OVdy2bkFlAAQU5JIV9528R47Y7gV%2B27hhofsBVbbkmCDzW%2FnbhTl4nMMG48asvG4U4m2QwKR%2F9Q"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9341c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 65095

GET
H3 200 discord.png
rpc.lol/images/ 24 KB
24 KB 509ms
508ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/images/discord.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 034fe1386acc95d6a7a730ae6ab8215582b5587e66589b4fe7ecb47757b6fadf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Dec 2022 12:30:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5eb7-5f0e28949436b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjoiBNM3g27zEjVDlfXKSQmOqf2VAZRzFa7%2BN0%2BzeeQuk1lMTp1yELlgDJBEYdmQpI%2FSTy58EJwEAaQHhHRViC7rsyd%2Fm3DE9TI9di%2FMLYCC1w%2F3c5t2VLckSLuxZlILLxfihTgn"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9641c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 24247

GET
H3 200 logo.jpg
rpc.lol/games/projects/drive-mad/ 15 KB
16 KB 3054ms
3053ms Image
image/jpeg 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/games/projects/drive-mad/logo.jpg
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f978cc3e5674617fee48b12d917a1fdb9242f8a0ded90b9a4bd319d9f9e2e3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:33 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Dec 2022 01:56:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "3cfd-5f060fa59663d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2FETmDPfuTEB3U0l8J65z38Jx3j7uplIdl0rZqP7bUVi7le%2BjEn3tlTHzz3XVuAOMJhNHP6vN9Vx2nOuW3K1NZTHMiPl5OY9%2BbfPKsYFGUMkWYTGQOfc%2BCTbr7K7N6GU%2FVpkwScy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9741c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15613

GET
H3 200 unnamed.jpg
rpc.lol/games/projects/stickman-hook/ 541 KB
542 KB 739ms
739ms Image
image/jpeg 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/games/projects/stickman-hook/unnamed.jpg
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5d97b5814ba42f5822566817e24cf21c51ec20c891a78ead36939647813b172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Dec 2022 01:56:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "8748b-5f060fbb2ad7a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pgBjVdwjBJdlddbnPzjxTkVpC5FbNgRY2c3oL%2FcyJ2YxcvXu8emVNdKNS%2F%2Bv3EiWt%2BwhXbdEPaQ7fvLkqpQC5M%2B76bOHpyhnb5J2htQ0KoK9zL79gJ8Rww2DDWbAipCRKUL1saDy"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9841c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 554123

GET
H3 200 cookie1.jpeg
rpc.lol/games/projects/cookie-clicker/ 6 KB
7 KB 1894ms
1894ms Image
image/jpeg 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/games/projects/cookie-clicker/cookie1.jpeg
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4176724c4bc390c3ba4294313a6a9ed2e13dee14e09ad40e9132741c6edd468d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Dec 2022 01:56:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "19d1-5f060fa3ad5f5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A6oDqk3L8RMRG2%2FlcLfXr0IoSUJZMDdIb5lzvMVIzn3GgKGJGO%2FDRCLNfIHV8E03W5BuQSmpuBK8DhuUeMSVDFVZrmC8pXbldpy21Zg3ghs9%2FlFudmY2eBPUXzRmXWRu%2Bp%2B6v5XD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9941c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 6609

GET
H3 200 death.png
rpc.lol/games/projects/death-run-3d/img/ 62 KB
63 KB 1293ms
1292ms Image
image/png 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/games/projects/death-run-3d/img/death.png
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efbb74669292ce16cfe3a1483ad7bf2b0ea58063f381417c5b5d034826924804

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
cf-cache-status: MISS
last-modified: Thu, 22 Dec 2022 01:56:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "f8cb-5f060fa52edf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAv4RHeA9s%2FwxqUt%2BqWa3VoXHUjBo4INlLEUprxRw7NwZ6wsvrVGOFCXOfxKhWvbJGNSJKA39bxFMQumEu16oeloRkLC4HUbmJs5d39458s14Lc%2Fg%2BZkr2WupfirBdcZIBdjU00C"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9a41c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 63691

GET
H3 200 Adventure-capitalist.jpg
rpc.lol/games/thumb/ 443 KB
443 KB 740ms
740ms Image
image/jpeg 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rpc.lol/games/thumb/Adventure-capitalist.jpg
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549bc129d5be77e81190a1462e6ac9171f5e275aa35bb067e614346b5394d41d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
cf-cache-status: MISS
last-modified: Mon, 25 Sep 2023 22:59:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6eaf9-60636e94ee1c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6fQm0a5iWEfX8VhGkCxRnkwzwN64ewF%2BgsZnnoh0hzRwLKj9LLrRC2%2BKJOqTVRHwItT%2FhlbT%2FAzrZXjwMnbe%2BUeMsT9aDrp8TOYhYcS1rDxcooE%2F%2BDD1qLu%2FX8CTEuMv3HzD%2Fsz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 82f7ee2a0c9b41c2-AMS
alt-svc: h3=":443"; ma=86400
content-length: 453369

GET
H3 200 checkurlprams.js Show response
rpc.lol/games/ 3 KB
2 KB 2893ms
2892ms Script
text/javascript 2606:4700:3034::ac43:9277
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rpc.lol/games/checkurlprams.js
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:9277 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651bf0ec1a9d0213192c88e2fd3aeba4ca24a1c9db964acc8b3eb243ddc25aa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 26 Sep 2023 20:02:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b37-606488f2e806b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwURQo9xkly1gpHkDtODHJ1Z%2BgtWoXsX8ajgSAPyhfSGHfuxODxgIaqxeBLDPjjXAiypJVOuwDI0qCWvZWvaBBjfTYp9y2i1YaRxbeAO5rb08aZ%2F%2FJMXsSQy6jdk7rO%2B5Jm91tJK"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=14400
cf-ray: 82f7ee2a0c9541c2-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
60 KB 182ms
67ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5LXH54NH

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45987cd1cb846d4d8fc96a481729900bd91a1ddd6c1e5f56ce604bd64938a41a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61486
x-xss-protection: 0
last-modified: Sun, 03 Dec 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 03 Dec 2023 01:10:30 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 397 KB
134 KB 199ms
86ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3833238716715110&plah=rpc.lol

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3833238716715110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4a714f1d06976020aff8e38106bb6529fa36d621550f8d4019a2d72d623367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137283
x-xss-protection: 0
server: cafe
etag: 3389157957887978475
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame 6A73 9 KB
4 KB 169ms
54ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3833238716715110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 21:10:45 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 21:10:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
95 KB 69ms
68ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YG7D2FJ68R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5LXH54NH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

106df77b15bffc7c3c35da08e62a98fb61616b5467a3940a85079299c5f2ec12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97240
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 03 Dec 2023 01:10:31 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EB7 129 KB
43 KB 489ms
489ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&adk=1812271804&adf=3025194257&lmt=1696306105&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frpc.lol%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565830760&bpp=5&bdt=299&idt=332&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8116154630478&frm=20&pv=2&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=341

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3833238716715110&plah=rpc.lol

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

999b903b8e2ddd666da868d2076bb16fbf9994d7d6bed37870d885ad863a5c2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43316
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:31 GMT
expires: Sun, 03 Dec 2023 01:10:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FF92 139 KB
42 KB 721ms
720ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=3221977776&adf=2472727101&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565830826&bpp=3&bdt=365&idt=280&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d7b3242b9d0bc63f117e4ea1b872d1849d69aa797412e1f17bccd4ca354dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42603
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:31 GMT
expires: Sun, 03 Dec 2023 01:10:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 145ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YG7D2FJ68R&gtm=45je3bt0v9166531651z89166533775&_p=1701565830716&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=40593539.1701565831&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701565831&sct=1&seg=0&dl=https%3A%2F%2Frpc.lol%2F&dt=RPC.lol%20Home&en=page_view&_fv=1&_ss=1&tfd=1118
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG7D2FJ68R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpc.lol
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 162ms
52ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YG7D2FJ68R&cid=40593539.1701565831&gtm=45je3bt0v9166531651z89166533775&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG7D2FJ68R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpc.lol
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 172ms
62ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YG7D2FJ68R&cid=40593539.1701565831&gtm=45je3bt0v9166531651z89166533775&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1346805954

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/ 160 KB
55 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b0659ee1d9db273594fdf4f64ddbd8383058ae91e757038cc3a385d76c778da8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55848
x-xss-protection: 0
server: cafe
etag: 7952102679156344631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:31 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1353538071195403&num=0&dvc=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9F9 104 KB
39 KB 404ms
403ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=90&adk=1744943809&adf=1939900067&pi=t.aa~a.1666079422~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&to=qs&pwprc=1377689735&format=1200x90&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565831683&bpp=1&bdt=1222&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cfb1954b9be8687deed79424c5e19afcbf165986fbe76073eb7bf1ff8ee4aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40237
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:32 GMT
expires: Sun, 03 Dec 2023 01:10:32 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=1&wpc=ca-pub-3833238716715110&warn=13&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20231128_093520&sat=1701530846712&afm=0&as_count=1&d_count=0&ng_count=0&am_count=1&atf_count=1&mdns=0.186&alldns=0.246&allp=2&fd=(0%2C2%2C1)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=1502&abl=false&rr=n&su=rpc.lol&pvc=185358193516071&r=0.1&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame C64A 9 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4121
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 03:54:16 GMT
etag: 12051592065903069241
expires: Sat, 16 Dec 2023 03:54:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame C64A 24 KB
9 KB 322ms
210ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 119F 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C64A 3 KB
1 KB 305ms
194ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C64A 20 KB
9 KB 162ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18501
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 10486116522091783744
tpc.googlesyndication.com/daca_images/simgad/ Frame C64A 24 KB
24 KB 175ms
65ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10486116522091783744

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fda244bc0ecb10fc5c95047ffe8e28130df6690280423a3d0afe992ee298594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:10:42 GMT
x-content-type-options: nosniff
age: 287989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24367
x-xss-protection: 0
last-modified: Tue, 07 Nov 2023 11:07:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 17:10:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C64A 202 KB
64 KB 174ms
63ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:31 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame C64A 36 KB
15 KB 312ms
202ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame FF92 2 KB
819 B 65ms
65ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 03 Dec 2023 01:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 02 Dec 2023 23:52:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 03 Dec 2023 01:10:31 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FF92 2 KB
874 B 301ms
213ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FF92
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcfKJh9VrZdafCeiWjuwPo9OYoA6l96CcdKa_5-qKErHR_d8FEAEg_620mAFgleKQgqAHoAH8nJjxKMgBCakCS2-RJ_osgT6oAwHIA8sEqgTAAU_Q4xY7NeaYdnUMdrWomWLkrpgIKwBw_Az...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228413989987099645802%22,%22debug_reporting%22:true,%22destination%22:%22https://cdgameclub.com%22,%22event_report_window%22...

0
0

147ms
70ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228413989987099645802%22,%22debug_reporting%22:true,%22destination%22:%22https://cdgameclub.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974793340%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226327431784437539569%22}&andc=true

Requested by

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8413989987099645802","debug_reporting":true,"destination":"https://cdgameclub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974793340"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"6327431784437539569"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:10:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:10:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8413989987099645802","debug_reporting":true,"destination":"https://cdgameclub.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974793340"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"6327431784437539569"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame FF92 24 KB
9 KB 282ms
197ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FF92 3 KB
1 KB 294ms
208ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame FF92 20 KB
8 KB 275ms
190ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF92 202 KB
64 KB 242ms
157ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:31 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame FF92 37 KB
16 KB 161ms
51ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 07:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 26 Feb 2024 07:40:28 GMT

GET
H2 200 14039319194320183356
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF92 20 KB
20 KB 233ms
155ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/14039319194320183356?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e3bdbf3a6d2fce5737eff20150c3f9a38d92f8bffd9330463b9eb7c3a3f1bdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 21:41:39 GMT
x-content-type-options: nosniff
age: 271732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20778
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 10:30:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 21:41:39 GMT

GET
H2 200 10030390694402074888
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF92 11 KB
11 KB 218ms
140ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10030390694402074888?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3611efcd767812b5452dcad4a085d141a0ff3e5aeebae0c0f5a19b0559b197e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 17:12:03 GMT
x-content-type-options: nosniff
age: 287908
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11640
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 10:30:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 17:12:03 GMT

GET
H2 200 10436233463328308190
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF92 8 KB
8 KB 134ms
58ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/10436233463328308190?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0909d437eb6d378ec40f03f87c6904fb22478cea0e21084b0549421ab1fb248

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 18:58:19 GMT
x-content-type-options: nosniff
age: 108732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7748
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 10:30:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 18:58:19 GMT

GET
H2 200 1592845956444860997
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF92 18 KB
18 KB 198ms
122ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/1592845956444860997?w=300&h=300&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

957531bc5bcb8a5b77ea2089e5e70968a3c268a4e5ac526a3f73c6483b629587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Wed, 29 Nov 2023 07:16:58 GMT
x-content-type-options: nosniff
age: 323613
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18425
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 10:30:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 28 Nov 2024 07:16:58 GMT

GET
H2 200 12137727885173753852
tpc.googlesyndication.com/gpa_images/simgad/ Frame FF92 27 KB
27 KB 246ms
170ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/gpa_images/simgad/12137727885173753852

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fd50eacad0c40128f9f47afd4e4172c43b69d4697626fb2245fdd49cea75954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Thu, 30 Nov 2023 11:44:04 GMT
x-content-type-options: nosniff
age: 221187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27304
x-xss-protection: 0
last-modified: Wed, 07 Jun 2023 10:30:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 29 Nov 2024 11:44:04 GMT

GET
H2

200

12902248066304502756
tpc.googlesyndication.com/simgad/ Frame FF92
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODckZTCtAEQoAYYoAYyCNdj1gGSfV68
https://tpc.googlesyndication.com/simgad/12902248066304502756

699 KB
700 KB

58ms
58ms

Image
image/png

2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12902248066304502756

Requested by

Protocol

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00dfb4aed25b6c76022b74df76c60b45aad682404bc3b40cc3db7a8ccb61a7f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 19:25:22 GMT
x-content-type-options: nosniff
age: 20710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 715975
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 02:47:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 19:25:22 GMT

Redirect headers

date: Sat, 02 Dec 2023 18:00:03 GMT
x-content-type-options: nosniff
server: cafe
age: 25828
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/12902248066304502756
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 2024 18:00:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 119F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

64ms
63ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:32 GMT
expires: Sun, 03 Dec 2023 01:10:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 170ms
72ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:10:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 37ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YG7D2FJ68R&gtm=45je3bt0v9166531651&_p=1701565830716&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=40593539.1701565831&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1701565831&sct=1&seg=0&dl=https%3A%2F%2Frpc.lol%2F&dt=RPC.lol%20Home&en=scroll&epn.percent_scrolled=90&_et=3&tfd=1975
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG7D2FJ68R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpc.lol
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C64A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 676eb796c9ce07a8d3a646a3dde3a4d16bca202a920e28367265fc41c7b3dd87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14479459375506109752
tpc.googlesyndication.com/simgad/ Frame A9F9 27 KB
27 KB 64ms
64ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14479459375506109752?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmhInn5BUqjYA76AGq1e5VTVVJ1Kg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=90&adk=1744943809&adf=1939900067&pi=t.aa~a.1666079422~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&to=qs&pwprc=1377689735&format=1200x90&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565831683&bpp=1&bdt=1222&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a9a63605188b9dc042ace3aeaf65872e1c39d97283c48df1a2ad442196f921a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 02:55:54 GMT
x-content-type-options: nosniff
age: 166478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27139
x-xss-protection: 0
last-modified: Mon, 13 Mar 2023 06:39:55 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 30 Nov 2024 02:55:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame A9F9 24 KB
9 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C19B 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=90&adk=1744943809&adf=1939900067&pi=t.aa~a.1666079422~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&to=qs&pwprc=1377689735&format=1200x90&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565831683&bpp=1&bdt=1222&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 370
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:04:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A9F9 3 KB
1 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10375
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1C22 1 KB
643 B 59ms
57ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31942
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A9F9 20 KB
8 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18502
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A9F9 0
0 63ms
61ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGf5-eeFbJxPW6ngOHFIknuxdKy1KqJJ8g_wZsCHOuEkSD2SYAMAEixpuKx1BcJuGnmHSdZGNRBhsPbPe8d7KkAOTTnA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=90&adk=1744943809&adf=1939900067&pi=t.aa~a.1666079422~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&to=qs&pwprc=1377689735&format=1200x90&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565831683&bpp=1&bdt=1222&idt=0&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=2&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1402&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9F9 202 KB
64 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:32 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame A9F9 36 KB
14 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47668
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame C64A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CZ2kmh9VrZd3wCOmkjuwP-euggA3XqPfIdKKPvYOTEqe339-XOBABIP-ttJgBYJXikIKgB6ABvJy-kCnIAQKpAocWcjmKQrI-qAMByAPJBKoEtQFP0E6u--koqLRMjC1918fS0Zv2mEdLcbw...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212927081488514932164%22,%22debug_reporting%22:true,%22destination%22:%22https://zipl.us%22,%22event_report_window%22:%2225...

0
0

71ms
71ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2212927081488514932164%22,%22debug_reporting%22:true,%22destination%22:%22https://zipl.us%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211040427580%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22385315656645174241%22}&andc=true

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"12927081488514932164","debug_reporting":true,"destination":"https://zipl.us","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040427580"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"385315656645174241"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:10:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"12927081488514932164","debug_reporting":true,"destination":"https://zipl.us","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11040427580"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"385315656645174241"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FF92 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b19f2d0370426abe44584f8c9bce6391fc79b670f5bb662af0e06a0fb27291

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame FF92 20 KB
21 KB 176ms
56ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:35:37 GMT
x-content-type-options: nosniff
age: 9295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Dec 2024 22:35:37 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C19B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

63ms
62ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:32 GMT
expires: Sun, 03 Dec 2023 01:10:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:32 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 5C15 51 KB
19 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
DATA 200
OK truncated
/ Frame A9F9 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e22ac670fcde5be97f0f4991e5c767df525c531aadae7c8b0e3d58e63f11b590

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 1C22
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPqU19XQezHvn2qco4IdnSI&google_cver=1&google_push=AXcoOmTYtFIjxuQvEBABTkLXFBwZbjDJJ6DlZCKn8sNXTNofKIj71xdVFYw7HBNerzLPgYsqE_Cmgo4Xg1gV-Ny28CQ7h1A9ithhRVo
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=OTA2MjAyMTk2MDE1Mjk0MTc2Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPqU19XQezHvn2qco4IdnSI&google_cver=1

43 B
398 B

14ms
13ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPqU19XQezHvn2qco4IdnSI&google_cver=1
Requested by: Host: rpc.lol
URL: https://rpc.lol/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPqU19XQezHvn2qco4IdnSI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C22
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZvsn5SiNUHxi86d6A9kaE&google_push=AXcoOmRWGxUXSV29Z8t0oMcdRraFheMFzrmCKT4_ERZkZ1KOszrCovjeKX...

170 B
232 B

45ms
45ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZvsn5SiNUHxi86d6A9kaE&google_push=AXcoOmRWGxUXSV29Z8t0oMcdRraFheMFzrmCKT4_ERZkZ1KOszrCovjeKXA4ezo9b51ugyiTp80Yq9kCcS_JSGk_9gLY0kOsp14yvz8

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230074-FRA
pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1701565832.249421,VS0,VE101
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHZvsn5SiNUHxi86d6A9kaE&google_push=AXcoOmRWGxUXSV29Z8t0oMcdRraFheMFzrmCKT4_ERZkZ1KOszrCovjeKXA4ezo9b51ugyiTp80Yq9kCcS_JSGk_9gLY0kOsp14yvz8
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C22
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEO5vkkV3CSaoCt9Lah-W3N8&google_cver=1&google_push=AXcoOmQPhYhKit2PZk0FSTA6wJM_IEja8b419GLx7YmJn6imdUNlb27Dg3sW3Bd7uYghlal9xwNAyM9D4Rd...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPhYhKit2PZk0FSTA6wJM_IEja8b419GLx7YmJn6imdUNlb27Dg3sW3Bd7uYghlal9xwNAyM9D4Rd1ri8WzDJg9gUh7uSqaBA&google_hm=Yt8w1EZeQduO1dld_...

170 B
409 B

71ms
46ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPhYhKit2PZk0FSTA6wJM_IEja8b419GLx7YmJn6imdUNlb27Dg3sW3Bd7uYghlal9xwNAyM9D4Rd1ri8WzDJg9gUh7uSqaBA&google_hm=Yt8w1EZeQduO1dld_Ha8k7E

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmQPhYhKit2PZk0FSTA6wJM_IEja8b419GLx7YmJn6imdUNlb27Dg3sW3Bd7uYghlal9xwNAyM9D4Rd1ri8WzDJg9gUh7uSqaBA&google_hm=Yt8w1EZeQduO1dld_Ha8k7E
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C22
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEBTNtCBmDPLtEAHOZeu08nA&google_cver=1&google_push=AXcoOmTYlR60tvTdmhOWy4YJ1LgdlzD2gKvdmrzBd_ckLJZVKmjockkI3V--0IrYOS3hEc_WUtVT1zEW-OKosaBz...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6jHYScYQQgSqZrDhG_Epg&google_push=AXcoOmTYlR60tvTdmhOWy4YJ1LgdlzD2gKvdmrzBd_ckLJZVKmjockkI3V--0IrYOS3hEc_WUtVT1zEW-OKosaBzJj9P_co-YXU1TK8

170 B
232 B

72ms
46ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6jHYScYQQgSqZrDhG_Epg&google_push=AXcoOmTYlR60tvTdmhOWy4YJ1LgdlzD2gKvdmrzBd_ckLJZVKmjockkI3V--0IrYOS3hEc_WUtVT1zEW-OKosaBzJj9P_co-YXU1TK8

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:10:32 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=H6jHYScYQQgSqZrDhG_Epg&google_push=AXcoOmTYlR60tvTdmhOWy4YJ1LgdlzD2gKvdmrzBd_ckLJZVKmjockkI3V--0IrYOS3hEc_WUtVT1zEW-OKosaBzJj9P_co-YXU1TK8
x-host: tde-deliveryengine-production-6987bbc57b-dk4cc
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C22
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEFrgaR5ERrP3SHTWwd4klN4&google_cver=1&google_push=AXcoOmR2INfq6Tj39_fs69n2G62qXn-Yl6kBcMTVwbnMQpkUQObHVodpvxXJ-_E9goD-m9pu7IZo5gwgdM95QG7nJFbH2uu...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2INfq6Tj39_fs69n2G62qXn-Yl6kBcMTVwbnMQpkUQObHVodpvxXJ-_E9goD-m9pu7IZo5gwgdM95QG7nJFbH2uuOrv1-zmU&google_hm=eS1lQ1JXQjdoRTJwRUl...

170 B
232 B

51ms
48ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2INfq6Tj39_fs69n2G62qXn-Yl6kBcMTVwbnMQpkUQObHVodpvxXJ-_E9goD-m9pu7IZo5gwgdM95QG7nJFbH2uuOrv1-zmU&google_hm=eS1lQ1JXQjdoRTJwRUlFaXRoY1VkQnA0MGdhLnZHMTIuR35B

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 03 Dec 2023 01:10:32 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmR2INfq6Tj39_fs69n2G62qXn-Yl6kBcMTVwbnMQpkUQObHVodpvxXJ-_E9goD-m9pu7IZo5gwgdM95QG7nJFbH2uuOrv1-zmU&google_hm=eS1lQ1JXQjdoRTJwRUlFaXRoY1VkQnA0MGdhLnZHMTIuR35B
content-length: 0

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 1C22 43 B
363 B 59ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR0plgWQNrljCdscVZELpHv2Itzvxlpl8xPMieY9wO_X7X4nbmvF7KPh0ZGKuyqKrLzWejmwG8zWXdFy5_fsgXpwC5UOTpvQso&google_gid=CAESEGuRFgGZodMpSBvKZYFpbiI&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:31 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 178331
expires: Sun, 03 Dec 2023 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 1C22
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAL--w7b4ac-Nq3PS9rEkDg&google_cver=1&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyeeDK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAL--w7b4ac-Nq3PS9rEkDg&google_cver=1&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6k...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc4MDM2ODMyMjEzMDA5OTU3Nw&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyee...

170 B
232 B

46ms
46ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc4MDM2ODMyMjEzMDA5OTU3Nw&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyeeDKvjE_TMCUoP0d9ZlNWl39RTI

Requested by

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc4MDM2ODMyMjEzMDA5OTU3Nw&google_push=AXcoOmQDYz8AQCDM6lSo-Sikai8L3fdMOQWxrTuCOv_TZz0gweXk7COIvDHCylxvZDZLDXtXF6kyeeDKvjE_TMCUoP0d9ZlNWl39RTI
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1C22 0
50 B 151ms
49ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LO_ZhYDaWT_zJG9SUW2BBRb5-tghekaQJ64xa_i_0-ct9SKLdmFIr_3Lpt3HlhK0NGM72S

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame A9F9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9RJWh9VrZerNLInNjuwPh4awmAv09Lvxc8-c-qCSEuDd8emPDhABIP-ttJgBYJXikIKgB6ABo42j6ijIAQKoAwHIA8kEqgS_AU_Q4BSiGb9irZuZka-TE2AOvzeHNPcti0tKvZFUSOuCgK7...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223966721688340190356%22,%22debug_reporting%22:true,%22destination%22:%22https://playplaygames.com%22,%22event_report_window...

0
0

76ms
76ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%223966721688340190356%22,%22debug_reporting%22:true,%22destination%22:%22https://playplaygames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210960291491%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218236887540196326881%22}&andc=true

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:32 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"3966721688340190356","debug_reporting":true,"destination":"https://playplaygames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10960291491"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"18236887540196326881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:10:32 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:10:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"3966721688340190356","debug_reporting":true,"destination":"https://playplaygames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10960291491"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"18236887540196326881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 72ms
72ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:10:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame E805 51 KB
19 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 73ms
73ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:10:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame 71E8 51 KB
19 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9538
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C64A 42 B
174 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxx4u2DDKAe83lTuQgbvI9xuVxdXf_kzwlTm3rxIqNxyIwVmSYByQoK11pM4Qe8beba5LX6o-UPjLAVbJaZSV0_1st5nE98Mnaml6_2aQzTM_RScbEt5xARkpmoGmlzc_iNqKyUGeZiQC2&sai=AMfl-YTQst97egFXkO50g99cSY4a1zGaI4brjLs15cn_GZr8huJUveIGqaeUWo0ChGrdDlBahg0ZLQTGl5Bk7t7r2dMBQxUlL_-4OHxfMvMBfmnbqhGWDKKlGEKDOosbAI7Etsqau3wLnC2Ve7xwnTz6owXOWUWXj6Q1k8hU&sig=Cg0ArKJSzBzWXH-cv6ScEAE&cid=CAQSTwDICaaNeSuqQm6xu2S0uziWUO7bl9YZYdbMM-azucdEWB43dUCwu00U--n_0htT5SpYTUMuiJNH64M8povn66qB0buK65JhlNwYmpJR68UYAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=89,773,1000,1010,1010&tos=89,684,227,10,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701565831760&rpt=379&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FF92 42 B
64 B 93ms
93ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEykKSyWja3lyZm3IG05edLM9bNjOZwAcL8sU8JXVAyDdSEgKP1nfglyZOonfkSWKOPVJd8SWfmg8cSUSQePzh-2wEo03x96_lZ-x7-d3aYPTfDEgskARqZbCaYtyS2LJ47vCl4Rk1gKt0&sai=AMfl-YRGbYAZt07vREHnTN7wBdXJ99nen_xNxDp9K2QNESPkIqg0nzZkq51tVEZXDo8Jfth9Le4--NvwWj_oanL9llfnBfZRYj7ts5oEoxBtsLbivdLHh1eDpz2Zv2mPbOSSWGzzpsNRfomaJJJlWwy1UQclbrbvX-8HjSOP&sig=Cg0ArKJSzJ9mqdPCRp72EAE&cid=CAQSTwDICaaN3FybcrF6ggxomiyqtDGKn7bS39DMmoQaa4rpATF6zps7O61NyEvwtARyBYRBqUXyQV846_81TEFXUj9Mg8R_YLQiORV4-djgGUIYAQ&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3221977776&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701565831109&rpt=1323&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3833238716715110

Requested by

Host: rpc.lol
URL: https://rpc.lol/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aab534da5386beb93121b3fa3d074cbdb93396633af4d9e3216173ffca2028b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Origin: https://rpc.lol
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51712
x-xss-protection: 0
server: cafe
etag: 2132234618583317419
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:33 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3408 131 KB
41 KB 435ms
434ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=1144701990&adf=4235265862&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565833611&bpp=1&bdt=3150&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97f21eec6b3f9b51%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg&gpic=UID%3D00000d01bc816ebe%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w&prev_fmts=0x0%2C1200x280%2C1200x90%2C1005x124&nras=3&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGslby51Z-5fN-2PCOB8vqD2NVbxzvbQJVgouxrZojyNaMzLBsI-VUt1uEXOCnQGRE_xRrJwuGYOoNB9zpeR1vOxcb3iGWJ9T3G2XKs9A4TRWwaDbyA%2CAOrYGskKnLqGh2qK_FYeAZpcagcEvDCpn5tHgwIdiWuP7Uu7eojNXJQr8p_Jai4m-6aE_juUPi4Y6LkuBV_Eo52SNW95iL4%2CAOrYGsmIvkWo3bE6jHuT2hh0gkqiD21rve9-JlYkkDChuqTQt8hzWFcKcNIWeBKFFEehby01BEyyLxwpyL-BcuLDylnASmX3&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30c61e76dd1dfa24230e96827afe113e1f16cb8af19ebaca047e389f77fc2449

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 42345
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:34 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 15815835843372586222
tpc.googlesyndication.com/simgad/ Frame 3408 86 KB
86 KB 66ms
66ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15815835843372586222?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnkQe_aQM6f7PZQFfznHVQi4zGS8A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=1144701990&adf=4235265862&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565833611&bpp=1&bdt=3150&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97f21eec6b3f9b51%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg&gpic=UID%3D00000d01bc816ebe%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w&prev_fmts=0x0%2C1200x280%2C1200x90%2C1005x124&nras=3&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGslby51Z-5fN-2PCOB8vqD2NVbxzvbQJVgouxrZojyNaMzLBsI-VUt1uEXOCnQGRE_xRrJwuGYOoNB9zpeR1vOxcb3iGWJ9T3G2XKs9A4TRWwaDbyA%2CAOrYGskKnLqGh2qK_FYeAZpcagcEvDCpn5tHgwIdiWuP7Uu7eojNXJQr8p_Jai4m-6aE_juUPi4Y6LkuBV_Eo52SNW95iL4%2CAOrYGsmIvkWo3bE6jHuT2hh0gkqiD21rve9-JlYkkDChuqTQt8hzWFcKcNIWeBKFFEehby01BEyyLxwpyL-BcuLDylnASmX3&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9ac2a0e395c91ff866beda86da11f6d1f0b772906bfc8e9dad0e2fd61963b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 08:59:14 GMT
x-content-type-options: nosniff
age: 58280
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88439
x-xss-protection: 0
last-modified: Sat, 25 Mar 2023 13:40:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 01 Dec 2024 08:59:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3408 24 KB
9 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9305
x-xss-protection: 0
server: cafe
etag: 13635642240219548939
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3408 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 22:17:37 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E43B 1 KB
643 B 62ms
61ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 31944
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 16:18:10 GMT
etag: 48472445140208031
expires: Sun, 03 Dec 2023 16:18:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 3408 67 B
91 B 76ms
76ms Image
image/png 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 17:28:07 GMT
x-content-type-options: nosniff
server: cafe
age: 27747
etag: 2462972746714251406
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67
x-xss-protection: 0
expires: Sun, 03 Dec 2023 17:28:07 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3408 20 KB
8 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 20:02:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8544
x-xss-protection: 0
server: cafe
etag: 17124069415086231762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 20:02:10 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3408 0
0 64ms
63ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKltF-3QZCIgFzlPfvl1mYGLjCR6jlrYr7kLhJDWTpzwYttyRz-cCxEASlqu8psPqbyMFtJvxWEFzzSLQxXljQAHpWSw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=1144701990&adf=4235265862&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565833611&bpp=1&bdt=3150&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97f21eec6b3f9b51%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg&gpic=UID%3D00000d01bc816ebe%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w&prev_fmts=0x0%2C1200x280%2C1200x90%2C1005x124&nras=3&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGslby51Z-5fN-2PCOB8vqD2NVbxzvbQJVgouxrZojyNaMzLBsI-VUt1uEXOCnQGRE_xRrJwuGYOoNB9zpeR1vOxcb3iGWJ9T3G2XKs9A4TRWwaDbyA%2CAOrYGskKnLqGh2qK_FYeAZpcagcEvDCpn5tHgwIdiWuP7Uu7eojNXJQr8p_Jai4m-6aE_juUPi4Y6LkuBV_Eo52SNW95iL4%2CAOrYGsmIvkWo3bE6jHuT2hh0gkqiD21rve9-JlYkkDChuqTQt8hzWFcKcNIWeBKFFEehby01BEyyLxwpyL-BcuLDylnASmX3&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3408 202 KB
64 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 01:10:34 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3408 36 KB
14 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 11:56:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47670
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14781
x-xss-protection: 0
server: cafe
etag: 13719831398043079576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 16 Dec 2023 11:56:04 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame E43B 0
173 B 144ms
18ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEobx7izrt1BnHrC3Gb84OQ&google_cver=1&google_push=AXcoOmQ3kGLh3fzr1GRbWgWmr4UE7icsba-NhleqrtgUClUVynA9VAATe5VRYGSvz9TozRGvuKX4QqycKWrmLeSwUj8GkKgYAc6a6LuW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=1144701990&adf=4235265862&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565833611&bpp=1&bdt=3150&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97f21eec6b3f9b51%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg&gpic=UID%3D00000d01bc816ebe%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w&prev_fmts=0x0%2C1200x280%2C1200x90%2C1005x124&nras=3&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGslby51Z-5fN-2PCOB8vqD2NVbxzvbQJVgouxrZojyNaMzLBsI-VUt1uEXOCnQGRE_xRrJwuGYOoNB9zpeR1vOxcb3iGWJ9T3G2XKs9A4TRWwaDbyA%2CAOrYGskKnLqGh2qK_FYeAZpcagcEvDCpn5tHgwIdiWuP7Uu7eojNXJQr8p_Jai4m-6aE_juUPi4Y6LkuBV_Eo52SNW95iL4%2CAOrYGsmIvkWo3bE6jHuT2hh0gkqiD21rve9-JlYkkDChuqTQt8hzWFcKcNIWeBKFFEehby01BEyyLxwpyL-BcuLDylnASmX3&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E43B
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFtVs99zpr3LPkyfjlIGXRg&google_cver=1&google_push=AXcoOmQLI5Pr56xoO5y0b569-kdg4lWmGsgZhQ0Ua68FPCrTomme7aBjyzKGpxr2T595ONM0Q2rbh_YAqSexKv...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODE2OTYwOTAyNTA5MTczNA%3D%3D&google_push=AXcoOmQLI5Pr56xoO5y0b569-kdg4lWmGsgZhQ0Ua68FPCrTomme7aBjyzKGpxr2T595ONM0Q2rbh_YAqSexKv6x_d...

170 B
188 B

45ms
45ms

Image
image/png

216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODE2OTYwOTAyNTA5MTczNA%3D%3D&google_push=AXcoOmQLI5Pr56xoO5y0b569-kdg4lWmGsgZhQ0Ua68FPCrTomme7aBjyzKGpxr2T595ONM0Q2rbh_YAqSexKv6x_d90nBZSZ6_SWAds

Protocol

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwODE2OTYwOTAyNTA5MTczNA%3D%3D&google_push=AXcoOmQLI5Pr56xoO5y0b569-kdg4lWmGsgZhQ0Ua68FPCrTomme7aBjyzKGpxr2T595ONM0Q2rbh_YAqSexKv6x_d90nBZSZ6_SWAds
Date: Sun, 03 Dec 2023 01:10:34 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 sync
x.bidswitch.net/ Frame E43B 43 B
146 B 133ms
8ms Image
image/gif 18.196.230.223
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEB2bri5TLIYA8e6ixeXh_M4&google_cver=1&google_push=AXcoOmTE2ByABMXocx90K-tU3sZtJge88Fuu8MWvGnaZtMcB4ZPmlqtk9tK12rNZtfMSzAwmh5TTIdr123maA7Mx2qGTz1aGiWb_jrzx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3833238716715110&output=html&h=280&slotname=3496794550&adk=1144701990&adf=4235265862&pi=t.ma~as.3496794550&w=1200&fwrn=4&fwrnh=100&lmt=1696306105&rafmt=1&format=1200x280&url=https%3A%2F%2Frpc.lol%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701565833611&bpp=1&bdt=3150&idt=1&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D97f21eec6b3f9b51%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg&gpic=UID%3D00000d01bc816ebe%3AT%3D1701565831%3ART%3D1701565831%3AS%3DALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w&prev_fmts=0x0%2C1200x280%2C1200x90%2C1005x124&nras=3&correlator=8116154630478&frm=20&pv=1&ga_vid=40593539.1701565831&ga_sid=1701565831&ga_hid=202233825&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=1939&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31079826%2C42531706%2C44795921%2C44809314%2C31078301%2C44807763%2C44808148%2C44808284%2C44809072&oid=2&psts=AOrYGslby51Z-5fN-2PCOB8vqD2NVbxzvbQJVgouxrZojyNaMzLBsI-VUt1uEXOCnQGRE_xRrJwuGYOoNB9zpeR1vOxcb3iGWJ9T3G2XKs9A4TRWwaDbyA%2CAOrYGskKnLqGh2qK_FYeAZpcagcEvDCpn5tHgwIdiWuP7Uu7eojNXJQr8p_Jai4m-6aE_juUPi4Y6LkuBV_Eo52SNW95iL4%2CAOrYGsmIvkWo3bE6jHuT2hh0gkqiD21rve9-JlYkkDChuqTQt8hzWFcKcNIWeBKFFEehby01BEyyLxwpyL-BcuLDylnASmX3&pvsid=185358193516071&tmod=41987547&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E43B 0
49 B 44ms
43ms Image
text/html 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13INkQEVACT6buQIdOjGuaX6-OPFVp3OUAauGVNpeSShhw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 3408 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbbeb8a0b25205426dc840fe48080594ad6cded01a2bf9ea52232f4699374a10

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 3408
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CAFv3idVrZaOiKInBjuwPktq1oAv09Lvxc-L1wtnUEeDd8emPDhABIP-ttJgBYJXikIKgB6ABo42j6ijIAQKoAwHIA8kEqgTAAU_QQ9k6up0uQlSMax7CLJ0euwUcVTKPH5ITqQ3BngDOmSW...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213470240216482025886%22,%22debug_reporting%22:true,%22destination%22:%22https://playplaygames.com%22,%22event_report_windo...

0
0

71ms
70ms

Fetch
text/css

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2213470240216482025886%22,%22debug_reporting%22:true,%22destination%22:%22https://playplaygames.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210960291491%22],%224%22:[%2212-03%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2214728055603337708897%22}&andc=true

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"13470240216482025886","debug_reporting":true,"destination":"https://playplaygames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10960291491"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"14728055603337708897"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 03 Dec 2023 01:10:34 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 03 Dec 2023 01:10:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"13470240216482025886","debug_reporting":true,"destination":"https://playplaygames.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10960291491"],"4":["12-03"],"6":["true"]},"priority":"500","source_event_id":"14728055603337708897"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 70ms
69ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6474fa0d5a3b20d6b3ff67157ed1fc25b8839eff6013c169fe0bc14179d1454c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12180
x-xss-protection: 0

GET
H3 200 EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js Show response
pagead2.googlesyndication.com/bg/ Frame DFE5 51 KB
19 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sat, 02 Dec 2023 22:31:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9540
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19864
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 01 Dec 2024 22:31:34 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 01:10:34 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 73ms
73ms Preflight
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 03 Dec 2023 01:10:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F216 13 KB
5 KB 55ms
53ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 27399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 02 Dec 2023 17:33:55 GMT
expires: Sun, 01 Dec 2024 17:33:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E00 829 B
560 B 66ms
65ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0903d8d6d2b96a35ea9502102d7e1d1f8476e7126eea8d59fc0090b014e9e8cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NgSSetpErIZW0WlGsHPz1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rpc.lol/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NgSSetpErIZW0WlGsHPz1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 03 Dec 2023 01:10:34 GMT
expires: Sun, 03 Dec 2023 01:10:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame F216 39 KB
15 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Fri, 01 Dec 2023 22:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 97076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Nov 2024 22:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E00 0
0 91ms
91ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=185358193516071&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F216 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?C5OS3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date: Sun, 03 Dec 2023 01:10:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
92ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=185358193516071&bg=!S0ilSAfNAAY3kmNgF5I7ADQBe5WfOD8ZzixQ3RECRHAdtmwxPjiBGMFH_m_c5TWOUZK7CqngwZGo8150qIzUBy1YuLOQAgAAADVSAAAAAmgBB5kCsIURi-dc4Ehl3POS7jDLVG99g2ENCSjfDcIZ88mECgGeooelpvWZjlSGuMcOF2NpZnFwOxPnnlPQ90llLxMf2kfVpN7Mw1uELumZFxwIfKycm5keh9qLpfTqOHDoe8Swl9NAhsqT7c8b9a3KbCfJE5lOWSK8uXd7ZyF1CtGXhLzLOBU536CGFCrjBQITuQ5yI8KGxAAcEPdORwsRf3tr3AXUYIvy-xRs9u8fiE73iPMMAaoPgMxUnNd8OXn0XAdQob_X0fmLG6lUV_yHc__74GEH0vNW150ro5YHVkW3aDMz9Yn1PHL4opOyjJ4he8AW9_VHG795OGSFijEezrfmdWG-egWANCFPtyrXtLFa7zB-ukJIUljG1popMnKS8gg-0BqI5uXsLuLOqSCE90feIIZn4CkdQz-rhxyhlbk1HrDhwIBOYEblAMFRXjpWW45VgClPpSIxPUE68mfeS4EvzLY4q-koXKzQM5b-P2JZnAfYorHXDrWzKaJfW7zhRQEM8v3CRrCU938-p4fCzaididTOIMr1tc1kaQndpM8ihUwwuK_G3Jo5Avz_7lRJihme8k5HlJECTzjQZLTgemTQFtvB6vsT63Os4TyM6tgIf1vLr04DRsHDMOjDqIQQPxTBwTt7gGvtcos68D-XJn8M4PWqAHC-Gb274JODkUqL05rKGpKR84U3HKccj1j2MPj9HHi7nq66SlxP4BCpIkg3tMmPJq2W4GRlMPXqh_LmpCcmdPo4-4xSZt2uQm6_w87mDJ_yYblHSxSasSa_D6DjbvaItMqT5daRtT0_3W1BaFyLcfpWxrnSK9fp5nyze4J9C0VMjVq-b9XMDhP68ZQLPdkdFMkaTpWAxfLmE3VAQgHhqgFIgtsntqZP5uRMqhgGR5cMKpBRpjZOn47-Bg1i2WI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rpc.lol/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 38ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YG7D2FJ68R&gtm=45je3bt0v9166531651&_p=1701565830716&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=40593539.1701565831&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1701565831&sct=1&seg=0&dl=https%3A%2F%2Frpc.lol%2F&dt=RPC.lol%20Home&_s=3&tfd=6976
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YG7D2FJ68R&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://rpc.lol/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 03 Dec 2023 01:10:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rpc.lol
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rpc.lol/	1970-01-21 02:15:25	Name: _ga Value: GA1.1.40593539.1701565831
.rpc.lol/	1970-01-21 02:01:01	Name: __gads Value: ID=97f21eec6b3f9b51:T=1701565831:RT=1701565831:S=ALNI_MaJRNOikvHoehXnqwcueBiFHXo0Zg
.rpc.lol/	1970-01-21 02:01:01	Name: __gpi Value: UID=00000d01bc816ebe:T=1701565831:RT=1701565831:S=ALNI_MYXvOipSZDAcm1BAkHU_13Jqprg3w
.doubleclick.net/	1970-01-21 02:01:01	Name: IDE Value: AHWqTUn2FO8aLVdSNm0JLrAlQv2W6SX_ps3IvObQNcLxx1PCPx2uOfoXF10OTEQn2pg
.doubleclick.net/	1970-01-20 16:39:29	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 20:58:37	Name: uid Value: 9062021960152941767
.travelaudience.com/	1970-01-21 02:11:06	Name: _tracker Value: %7B%22UUID%22%3A%221FA8C761-2718-4108-12A9-9AC3846FC4A6%22%7D
.googleadservices.com/	1970-01-20 18:49:01	Name: ar_debug Value: 1
.ctnsnet.com/	1970-01-21 01:25:01	Name: cid_62df30d4465e41db8ed5d95dfc76bc93 Value: 1
.ctnsnet.com/	1970-01-21 01:25:01	Name: gid_CAESEO5vkkV3CSaoCt9Lah-W3N8 Value: 1
.adform.net/	1970-01-20 17:24:04	Name: C Value: 1
.yahoo.com/	1970-01-21 01:25:23	Name: A3 Value: d=AQABBIjVa2UCEJZvOycHjUQrMN_fALHqU8QFEgEBAQEnbWV1ZQAAAAAA_eMAAA&S=AQAAAjadUqRU6eWuYUVJQuUx8tI
.adform.net/	1970-01-20 18:05:49	Name: uid Value: 7780368322130099577
.everesttech.net/	1970-01-21 01:25:01	Name: everest_g_v2 Value: g_surferid~ZWvViAAEEWLZ_QBd
.rpc.lol/	1970-01-21 02:15:25	Name: _ga_YG7D2FJ68R Value: GS1.1.1701565831.1.0.1701565834.57.0.0
.adfarm1.adition.com/	1970-01-20 18:49:01	Name: UserID1 Value: 7308169609025091734
.blismedia.com/	1970-01-21 01:25:05	Name: b Value: 656BD58AD3B50CD200B4D8B8BLIS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
ajax.googleapis.com
c1.adform.net
cm.g.doubleclick.net
dis.criteo.com
dsp.adfarm1.adition.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.analytics.google.com
rpc.lol
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
tr.blismedia.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
142.250.181.226
151.101.130.49
178.250.1.9
18.196.230.223
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.58.206.34
2606:4700:3033::6815:4f9d
2606:4700:3034::ac43:9277
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a05:d018:d29:3601:357b:9971:3f66:201
34.96.105.8
35.186.193.173
35.190.0.66
37.157.5.132
85.114.159.118
00dfb4aed25b6c76022b74df76c60b45aad682404bc3b40cc3db7a8ccb61a7f1
0141096de9953659ace2c6d66bbe9bf606865b4d876f8ae6e49698bc63d56a5d
034fe1386acc95d6a7a730ae6ab8215582b5587e66589b4fe7ecb47757b6fadf
0903d8d6d2b96a35ea9502102d7e1d1f8476e7126eea8d59fc0090b014e9e8cb
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
106df77b15bffc7c3c35da08e62a98fb61616b5467a3940a85079299c5f2ec12
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1cfb1954b9be8687deed79424c5e19afcbf165986fbe76073eb7bf1ff8ee4aa2
2da6815572d096a6a78af3f72059b7225a35d4d25b67539c377bfdc8feb8acd0
2dca734883aa198dd11f70f7fe4595975745f6ab7d61e6c7f187b4b14860b5ee
30c61e76dd1dfa24230e96827afe113e1f16cb8af19ebaca047e389f77fc2449
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c805a6fab7affd36524b2ff316569cf12ef44754a0807e5aafcd341aee315c2
4176724c4bc390c3ba4294313a6a9ed2e13dee14e09ad40e9132741c6edd468d
41b19f2d0370426abe44584f8c9bce6391fc79b670f5bb662af0e06a0fb27291
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
445753054fab535ef4f0f98fe1e8b3b5f44926416c1c72fb7ba33b9037103451
45987cd1cb846d4d8fc96a481729900bd91a1ddd6c1e5f56ce604bd64938a41a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d7b3242b9d0bc63f117e4ea1b872d1849d69aa797412e1f17bccd4ca354dd40
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd50eacad0c40128f9f47afd4e4172c43b69d4697626fb2245fdd49cea75954
52583bd5f292a362d901fc2d5daa001a6fd41a859937e7d3e1710284aefe4cf6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
549bc129d5be77e81190a1462e6ac9171f5e275aa35bb067e614346b5394d41d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6474fa0d5a3b20d6b3ff67157ed1fc25b8839eff6013c169fe0bc14179d1454c
651bf0ec1a9d0213192c88e2fd3aeba4ca24a1c9db964acc8b3eb243ddc25aa4
676eb796c9ce07a8d3a646a3dde3a4d16bca202a920e28367265fc41c7b3dd87
6a9a63605188b9dc042ace3aeaf65872e1c39d97283c48df1a2ad442196f921a
7aab534da5386beb93121b3fa3d074cbdb93396633af4d9e3216173ffca2028b
7e3bdbf3a6d2fce5737eff20150c3f9a38d92f8bffd9330463b9eb7c3a3f1bdb
888de8fc2477ec0efabacb8d1a4a1018a0387be2355fd9e2ddf08da11265bc21
957531bc5bcb8a5b77ea2089e5e70968a3c268a4e5ac526a3f73c6483b629587
999b903b8e2ddd666da868d2076bb16fbf9994d7d6bed37870d885ad863a5c2f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9fda244bc0ecb10fc5c95047ffe8e28130df6690280423a3d0afe992ee298594
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
ac4a714f1d06976020aff8e38106bb6529fa36d621550f8d4019a2d72d623367
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b0659ee1d9db273594fdf4f64ddbd8383058ae91e757038cc3a385d76c778da8
b3611efcd767812b5452dcad4a085d141a0ff3e5aeebae0c0f5a19b0559b197e
b5d97b5814ba42f5822566817e24cf21c51ec20c891a78ead36939647813b172
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bed7ff4a6dc1fabcb99a5dd12ff481d05de252b39d3544be0cb93fe66663c059
c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f
cbbeb8a0b25205426dc840fe48080594ad6cded01a2bf9ea52232f4699374a10
e22ac670fcde5be97f0f4991e5c767df525c531aadae7c8b0e3d58e63f11b590
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f978cc3e5674617fee48b12d917a1fdb9242f8a0ded90b9a4bd319d9f9e2e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbb74669292ce16cfe3a1483ad7bf2b0ea58063f381417c5b5d034826924804
f0909d437eb6d378ec40f03f87c6904fb22478cea0e21084b0549421ab1fb248
f0f085a2e4f82da217dbdc4a405219117b40ac76bcd857f2600ebe9ddb980438
f9ac2a0e395c91ff866beda86da11f6d1f0b772906bfc8e9dad0e2fd61963b79
fac49238f9cf066a26be068a02bf3bd63802d44583491bbfa73c3209a16e2b54

rpc.lol Open in urlscan Pro 2606:4700:3034::ac43:9277 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

110 Requests

89 %HTTPS

62 %IPv6

20 Domains

27 Subdomains

20 IPs

7 Countries

4444 kBTransfer

6634 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rpc.lol Open in urlscan Pro
2606:4700:3034::ac43:9277 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

89 %
HTTPS

62 %
IPv6

20
Domains

27
Subdomains

20
IPs

7
Countries

4444 kB
Transfer

6634 kB
Size

17
Cookies

110 HTTP transactions
4 data transactions