www.realmofdarkness.net Open in urlscan Pro
45.114.226.249 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.realmofdarkness.net/
Effective URL:
https://www.realmofdarkness.net/
Submission: On January 02 via api (January 2nd 2024, 9:11:34 pm UTC) from US — Scanned from CA

Summary HTTP 72 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 72 HTTP transactions. The main IP is 45.114.226.249, located in Canada and belongs to COGECO-PEER1, CA. The main domain is www.realmofdarkness.net.
TLS certificate: Issued by R3 on December 3rd 2023. Valid for: 3 months.

This is the only time www.realmofdarkness.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	45.114.226.249 45.114.226.249	13768 (COGECO-PEER1) (COGECO-PEER1)
9	172.253.115.156 172.253.115.156	15169 (GOOGLE) (GOOGLE)
1 9	172.253.122.155 172.253.122.155	15169 (GOOGLE) (GOOGLE)
6	172.64.141.23 172.64.141.23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	142.251.111.132 142.251.111.132	15169 (GOOGLE) (GOOGLE)
3	172.253.63.155 172.253.63.155	15169 (GOOGLE) (GOOGLE)
1 2	142.251.167.147 142.251.167.147	15169 (GOOGLE) (GOOGLE)
14	172.253.63.100 172.253.63.100	15169 (GOOGLE) (GOOGLE)
2	142.251.167.95 142.251.167.95	15169 (GOOGLE) (GOOGLE)
3	172.253.115.94 172.253.115.94	15169 (GOOGLE) (GOOGLE)
2	142.251.163.155 142.251.163.155	15169 (GOOGLE) (GOOGLE)
72	12

9 45.114.226.249 (Canada) 1 redirects

ASN13768 (COGECO-PEER1, CA)
PTR: sloav120.hostpapavps.net

www.realmofdarkness.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.253.115.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.253.122.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.64.141.23 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
g.bidbrain.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.251.111.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.147 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ww-in-f147.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.253.63.100 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f100.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.167.95 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.115.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.163.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f155.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 tpc.googlesyndication.com — Cisco Umbrella Rank: 185	513 KB
16	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 6 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1187	72 KB
9	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	124 KB
9	realmofdarkness.net 1 redirects www.realmofdarkness.net	189 KB
6	bidbrain.app cdn.bidbrain.app — Cisco Umbrella Rank: 43436 g.bidbrain.app — Cisco Umbrella Rank: 39931	166 KB
3	gstatic.com www.gstatic.com	17 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	184 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 173
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	2 KB
72	9

	Domain	Requested by
16	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com www.realmofdarkness.net
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net www.realmofdarkness.net
9	pagead2.googlesyndication.com	www.realmofdarkness.net pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	www.realmofdarkness.net	1 redirects www.realmofdarkness.net
4	cdn.bidbrain.app	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	g.bidbrain.app	www.realmofdarkness.net cdn.bidbrain.app
2	www.googleadservices.com	www.realmofdarkness.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
72	12

This site contains links to these domains. Also see Links.

Domain
www.mariouniverse.com
www.sonicgalaxy.net
www.castlevaniacrypt.com
www.cartoonsoundboards.com

Subject Issuer	Validity	Valid
*.realmofdarkness.net R3	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
bidbrain.app E1	`2023-12-31` - `2024-03-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://www.realmofdarkness.net/
Frame ID: 72D984F8C9D7AD90A6F7129D0D74A5F0
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: 5893CC649FEFEC7AC924B27A204237F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146
Frame ID: 5EC15007719FDB2DDD7B9144AD184C80
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154
Frame ID: 75FB05BE5592D279C24D437D944CEB6F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&adk=1812271804&adf=1573534164&lmt=1689943775&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890349&bpp=3&bdt=219&idt=158&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280%2C1020x280&nras=1&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=166
Frame ID: 27F9B83326E61962A7C0FC9601443AD0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 149829298EBB8BC2DCAAFE23E6A9C9B9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0B3F86BDE08BB707DEA62DE5BFC807BC
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Poppins%3A400%2C600
Frame ID: 952C1A56EB6E50750BD7F1F2B149FC53
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 1526B2B13CBE38292A33E7032EF0D6D1
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js
Frame ID: 88D694C61C484324DD30D4B1EE050171
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 177E3E287E0C2D1EA51DBE21FD961692
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AD275B56CDB8D690BBC69DD5B8A29646
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Realm of Darkness.net

Page URL History Show full URLs

http://www.realmofdarkness.net/ HTTP 301
https://www.realmofdarkness.net/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

72
Requests

99 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

1267 kB
Transfer

2977 kB
Size

8
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.mariouniverse.com/
Title: Mario Universe.com

Search URL Search Domain Scan URL

URL: https://www.sonicgalaxy.net/
Title: Sonic Galaxy.net

Search URL Search Domain Scan URL

URL: https://www.castlevaniacrypt.com/
Title: Castlevania Crypt.com

Search URL Search Domain Scan URL

URL: https://www.cartoonsoundboards.com/
Title: Cartoon Soundboards.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.realmofdarkness.net/ HTTP 301
https://www.realmofdarkness.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 52

https://googleads.g.doubleclick.net/pagead/adview?ai=Cph9TAnyUZcXfIY_x998P5qK8uAefkZ-_c5HnmbSFEuaF88CNDhABIN3GpARg_aCZgegDoAGJxbiwAsgBAqkCYeEl7oYsgT6oAwHIA8kEqgTrAU_QaISqitqcAIiWQFe8lltNtP3zNUOItvnbefizcq5JD2wkEYTsIXe7aQd9bENDDs7DnnhRwLoNZYFVODbU__3Q4enjgyj7T54nEQMM_qsJfHOQTZiHScyEEz_eQVUVyHnybWELR-jANS9VYWi89kI-gZuSdpyxGxIxbZhb7I5KYUCkRZ_OIry5RNb9JlEMCwzOkJ0P_WM9ruq9nyFh7R5wEeQEhKLoHqSSO-0V3Vh69kqRrosE1V0BJL6qO_-EfXGz89xTiWP-3dPA7plHn1zH4_cGFoeqbs7jGrj_OCaFPuNsXvRW3GMNMlLABIjEpNe7BIgFife4vkmSBQQIBBgBkgUECAUYBKAGAoAH37rHzwGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCu8QPSCB8IgGEQARgfMgKKAjoEgECAQEi9_cE6WP_y9YnPv4MDmgknaHR0cHM6Ly93d3cuaDVnYW1lc3RyZWV0LmNvbS9raWRzLWdhbWVzgAoByAsBogwgKh4KHOS0sQLutbECtbixAqy6sQLktLEC7rWxAru7sQLaDBEKCxCQ0IPXsvXi1M0BEgIBA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi0wNDkwODI5MzUyMTUxMDM3GACyGAMiAQA&sigh=bqJQhDtPd7Q&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_arIfgsyZF64fKTXieQLchszTfuYSq3aOC2Kus4plJt18GPHTRUdxX238yr52GaVhfj-EqulwqooEK7PX8H14dElhqnplrGOdFsIYAQ&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3a06b82e5ed73fd80000000000000000%22,%222%22:%220x2e5e3ab6760beb380000000000000000%22,%223%22:%220x7cf0a9267cbb89570000000000000000%22,%224%22:%220x495c53f0bc0789580000000000000000%22,%225%22:%220x6c18552301c614ed0000000000000000%22},%22debug_key%22:%2213312298443627207737%22,%22debug_reporting%22:true,%22destination%22:%22https://h5gamestreet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22638460553%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221227445651532844993%22}&andc=true

72 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.realmofdarkness.net/
Redirect Chain

http://www.realmofdarkness.net/
https://www.realmofdarkness.net/

3 KB
1 KB

57ms
19ms

Document
text/html

45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: 3de53d6f883417d48f5bc1a8d2b38433191d148f10496b6c4dce027a1e5dd0f2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: br
Content-Length: 867
Content-Type: text/html
Date: Tue, 02 Jan 2024 21:11:30 GMT
Keep-Alive: timeout=5, max=100
Last-Modified: Fri, 21 Jul 2023 12:49:35 GMT
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 240
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 02 Jan 2024 21:11:30 GMT
Keep-Alive: timeout=5, max=100
Location: https://www.realmofdarkness.net/
Server: Apache

GET
H/1.1 200
OK rod.css
www.realmofdarkness.net/ 611 B
536 B 20ms
18ms Stylesheet
text/css 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.realmofdarkness.net/rod.css
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: ab1c654b9c479b6f4ca460e079d409832d45fcd869dc7a8e708c82f396ed4c85

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Content-Encoding: br
Last-Modified: Mon, 20 Apr 2015 03:10:08 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 251

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
51 KB 145ms
73ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

8e04e71828ef3129fa5aac597e14bfd738f71bd7e59776d5d023709463626b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51858
x-xss-protection: 0
server: cafe
etag: 5756499845370803380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:11:30 GMT

GET
H/1.1 200
OK rod.png
www.realmofdarkness.net/img/logos/ 16 KB
16 KB 40ms
20ms Image
image/png 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realmofdarkness.net/img/logos/rod.png
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: 83cbb57e1adb6a7073f1000afc637c1a61f42e0fc5805b429ce63d07c25dc761

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Last-Modified: Thu, 29 Dec 2022 19:27:17 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 16341

GET
H/1.1 200
OK dq.png
www.realmofdarkness.net/img/logos/ 28 KB
29 KB 52ms
19ms Image
image/png 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realmofdarkness.net/img/logos/dq.png
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: d9b57b04d67e3468a1208936f6f9e1480f6afcddaf8a1035b48e34f836d9b08e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Last-Modified: Thu, 01 Oct 2020 15:37:25 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 28966

GET
H/1.1 200
OK mario.png
www.realmofdarkness.net/img/logos/ 44 KB
44 KB 52ms
19ms Image
image/png 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realmofdarkness.net/img/logos/mario.png
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: 4f0eeb6218e4f08b3b7996de9056867b4abf481e619b0fe461e0a5ce82535cbc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Last-Modified: Sat, 31 Oct 2020 13:10:56 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 44589

GET
H/1.1 200
OK sonic.png
www.realmofdarkness.net/img/logos/ 31 KB
31 KB 55ms
22ms Image
image/png 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realmofdarkness.net/img/logos/sonic.png
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: 649dc858753d50154bfc38090f2d09da61a6cee68f1c4c0471313e50a9725bbe

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Last-Modified: Fri, 06 Apr 2018 17:49:31 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 31597

GET
H/1.1 200
OK cv.png
www.realmofdarkness.net/img/logos/ 41 KB
41 KB 54ms
20ms Image
image/png 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realmofdarkness.net/img/logos/cv.png
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: b657bb4a51e1d6fcc080ddf9464a7bea755ee51774c452ff2e21e66684e2152b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Last-Modified: Sat, 21 Nov 2020 16:52:55 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 42149

GET
H/1.1 200
OK cts.png
www.realmofdarkness.net/img/logos/ 26 KB
26 KB 37ms
21ms Image
image/png 45.114.226.249
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.realmofdarkness.net/img/logos/cts.png
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.114.226.249 , Canada, ASN13768 (COGECO-PEER1, CA),
Reverse DNS: sloav120.hostpapavps.net
Software: Apache /
Resource Hash: f6b89af956b78e431a13590b8c1b754ca2e04ada416e565b82bad20ef0ff5f21

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 02 Jan 2024 21:11:30 GMT
Last-Modified: Fri, 26 Jan 2018 22:28:58 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 26464

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 399 KB
135 KB 71ms
69ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

b3f8b6630b6dff3720b43b2e745b4a2c6843539a16af9dc3cf5b98af45eb4a52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137927
x-xss-protection: 0
server: cafe
etag: 6944461894553272985
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:11:30 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame 5893 9 KB
4 KB 110ms
36ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 84242
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 01 Jan 2024 21:47:28 GMT
etag: 5585625838579639069
expires: Mon, 15 Jan 2024 21:47:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5EC1 48 KB
18 KB 371ms
370ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

32eaad162b746c4a6f8d0412e802ba1d9b49c3a5f49c3194cf27f9f912e37c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 18267
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:30 GMT
expires: Tue, 02 Jan 2024 21:11:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 75FB 117 KB
41 KB 445ms
444ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

59772855fac9175497f46139966cffb190265fa9e62e5904e3d36f96d07d0139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42027
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:30 GMT
expires: Tue, 02 Jan 2024 21:11:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 27F9 278 KB
56 KB 524ms
523ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&adk=1812271804&adf=1573534164&lmt=1689943775&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890349&bpp=3&bdt=219&idt=158&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280%2C1020x280&nras=1&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=166

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

cc1b94c8727313b6c1194c7a1e120ce18681d2136dd17f8d772690974102ecc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 57192
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:31 GMT
expires: Tue, 02 Jan 2024 21:11:31 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index-9054913c.js Show response
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 5EC1 107 KB
40 KB 210ms
79ms Script
application/javascript 172.64.141.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2091
x-guploader-uploadid: ABPtcPo9H2hxJOmO4LdHC_b5GWSSaw4HomDWCWmNETI3ThLbL9RFxzntylVo1BNezVhcHOe8etMsSHotSviNU7j8iFlDsg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 27 Dec 2023 15:31:02 GMT
server: cloudflare
etag: W/"40e352943a9eb2976fe265c973a285f1"
vary: Accept-Encoding
x-goog-generation: 1703691062394998
content-language: en
content-type: application/javascript
x-goog-hash: crc32c=qIxOWA==, md5=QONSlDqespdv4mXJc6KF8Q==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDXUMlbBureYcmUXcd1NMm9D1n9YTIX4cwdRkSE2uPuNSR5WWij5LQg09PthTzsv5iq2NI7Rp6TkXSZ5JMnfpVvTJPsbKLgN9QYdqqSmffGz0czg%2F8fHkxW86xjmt1r9HmOI"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 109104
access-control-allow-origin: *
cf-ray: 83f5feb2cf5e0f3a-EWR
expires: Tue, 02 Jan 2024 21:04:47 GMT

GET
H2 200 index-af5b3122.css
cdn.bidbrain.app/ng-assets/creative/assets/ Frame 5EC1 13 KB
4 KB 200ms
69ms Stylesheet
text/css 172.64.141.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-af5b3122.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:31 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49
x-guploader-uploadid: ABPtcPo6M14HER78MVNLKyiBmA3CV5IEZ71E3j0w_J_NGVIPxEhuwP_b1NJzUQVb4Y5SvarKwjSPT87Zbr_fyQkjh5o4
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 11 Dec 2023 09:35:44 GMT
server: cloudflare
etag: W/"e698b92f41bf324999730858bf1a8adb"
vary: Accept-Encoding
x-goog-hash: crc32c=jBuSJw==, md5=5pi5L0G/MkmZcwhYvxqK2w==
x-goog-generation: 1701355216717373
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgHmJT%2FYYA%2FyM8iM0WO2H7oMk%2FDd2RHZbC12yERCjcgQPrE0eEZU3CI8Ls7hMyr32qPLnWS1hxvViAcCxTlm7%2Fiy2g2%2B9hV4dpN2VG2AiXX6WmnYinJbJw82%2FbFegAIn39QR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12801
cf-ray: 83f5feb2c93f436a-EWR
expires: Tue, 02 Jan 2024 21:30:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5EC1 3 KB
1 KB 105ms
39ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 06:43:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 5EC1 20 KB
9 KB 108ms
35ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 20:25:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5EC1 194 KB
61 KB 2251ms
2176ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:11:33 GMT

GET
H2 200 3253153100294887212
tpc.googlesyndication.com/daca_images/simgad/ Frame 75FB 87 KB
87 KB 44ms
43ms Image
image/png 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3253153100294887212

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

sffe /

Resource Hash

d8d4dff672bb1bf2581d71d0722eac6a4e4802f4f3d8819121b327c14c0db6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 01 Jan 2025 12:54:08 GMT
date: Tue, 02 Jan 2024 12:54:08 GMT
x-content-type-options: nosniff
age: 29842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 88709
x-xss-protection: 0
last-modified: Wed, 08 Mar 2023 10:05:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 75FB 23 KB
9 KB 36ms
35ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 10:19:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 75FB 3 KB
1 KB 64ms
64ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 06:43:02 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 75FB 20 KB
8 KB 39ms
39ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 20:25:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 75FB 194 KB
62 KB 2123ms
2122ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:11:33 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 75FB 36 KB
15 KB 61ms
61ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 05:18:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57161
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14812
x-xss-protection: 0
server: cafe
etag: 15202890134401013038
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 05:18:49 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1498 143 B
166 B 37ms
36ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 1663
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 20:43:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 75FB 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2e7bd6522d0c30e58cf4f967326a7df825eda407d506e6c1eccc8a049797e85

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1498
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

48ms
48ms

Document
text/html

172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:31 GMT
expires: Tue, 02 Jan 2024 21:11:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:31 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/ 160 KB
55 KB 61ms
61ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js?bust=31080181

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

4477d49db3a01bfb2432a793949e0d9a6466eb750c2499f095cb7e81bc7c1969

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56023
x-xss-protection: 0
server: cafe
etag: 7925323801610594656
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:11:31 GMT

GET
H2 200 ca-pub-0490829352151037 Show response
fundingchoicesmessages.google.com/i/ 182 KB
61 KB 148ms
70ms Script
application/javascript 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-0490829352151037?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

25f5a26c7c09cfd7694b88fe18a35b5e3fa5d229fa2f224be730e9f78c60000a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lfzne9ZhrjfDWPFjsUFGTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-lfzne9ZhrjfDWPFjsUFGTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5EC1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb77a2e3e3c02660c2be279be7c531f710542d3bc124000028d6a46b5b686cba

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 0B3F 9 KB
4 KB 36ms
36ms Document
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

age: 59822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 04:34:29 GMT
etag: 5585625838579639069
expires: Tue, 16 Jan 2024 04:34:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxWajdLsyRn-JFT6TiiohPoesrtwCdTxy8Nbp1sPd9c-smIqt5jAuIHOTRPGpj0peTeXPCuQr5JzEBiTPzaAJYx8Y6eaygQ5kBIyNypfxlpk0pFcLq7-vyLg7G6Vp4_5MXMvxYfTpw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 65ms
64ms Script
application/javascript 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWajdLsyRn-JFT6TiiohPoesrtwCdTxy8Nbp1sPd9c-smIqt5jAuIHOTRPGpj0peTeXPCuQr5JzEBiTPzaAJYx8Y6eaygQ5kBIyNypfxlpk0pFcLq7-vyLg7G6Vp4_5MXMvxYfTpw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MjI5ODkxLDMwODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucmVhbG1vZmRhcmtuZXNzLm5ldC8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

9ec3887edd874b13463933de1ede8856d386daa2b4d8ed7fe37ab3c0738b99c0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ioRgUyI1O2fvGLs4m5etag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-ioRgUyI1O2fvGLs4m5etag' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0B3F 4 KB
1 KB 118ms
44ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jan 2024 21:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 19:37:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jan 2024 21:11:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0B3F 205 B
649 B 113ms
36ms Image
image/png 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:12:36 GMT
x-content-type-options: nosniff
age: 3535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Jan 2025 20:12:36 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0B3F 604 B
694 B 114ms
37ms Image
image/png 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 18:28:52 GMT
x-content-type-options: nosniff
age: 9759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 01 Jan 2025 18:28:52 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0B3F 16 KB
7 KB 36ms
35ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 03:52:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6766
x-xss-protection: 0
server: cafe
etag: 14924840246271906451
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 03:52:55 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 0B3F 22 KB
9 KB 36ms
36ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9210
x-xss-protection: 0
server: cafe
etag: 13914886398874665762
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 06:42:23 GMT

GET
H3 200 AGSKWxWET9o2D1s6f1ndoJI2GSiTgaWMkb_ZMa0cjITpzWT-_nIjCqCRFTld1N3Fi3QiTj7VSwDkgJotnEGNl9oNehfP_3jEbadmhd5UjenJYojVv8kffKXnFBujEooEYQFTB2pmNRQHFw== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 82ms
81ms Script
application/javascript 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWET9o2D1s6f1ndoJI2GSiTgaWMkb_ZMa0cjITpzWT-_nIjCqCRFTld1N3Fi3QiTj7VSwDkgJotnEGNl9oNehfP_3jEbadmhd5UjenJYojVv8kffKXnFBujEooEYQFTB2pmNRQHFw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MjI5ODkxLDM4MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnJlYWxtb2ZkYXJrbmVzcy5uZXQvIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

6303ac3f561dce94c50897383323843c09b7325d17b76740258ab4670caa5eed

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iX4UCO2zZk6cM1NeL0LB1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:31 GMT
content-security-policy: script-src 'report-sample' 'nonce-iX4UCO2zZk6cM1NeL0LB1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 952C 2 KB
553 B 45ms
44ms Stylesheet
text/css 142.251.167.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C600

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f95.1e100.net

Software

ESF /

Resource Hash

e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 02 Jan 2024 21:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 02 Jan 2024 19:50:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 02 Jan 2024 21:11:31 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 952C 2 KB
822 B 35ms
35ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 11:44:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34018
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 11:44:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 952C 23 KB
9 KB 35ms
35ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 10:19:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
server: cafe
etag: 11706523405290302210
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 10:19:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 952C 3 KB
1 KB 37ms
35ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 06:43:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 06:43:02 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 952C 20 KB
8 KB 37ms
36ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

cafe /

Resource Hash

8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:25:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2753
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8571
x-xss-protection: 0
server: cafe
etag: 5853369240893788875
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Jan 2024 20:25:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 952C 194 KB
61 KB 1592ms
1589ms Script
text/javascript 172.253.63.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f155.1e100.net

Software

sffe /

Resource Hash

976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62516
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1702472459035717"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:11:33 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 952C 37 KB
15 KB 38ms
35ms Script
text/javascript 172.253.115.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.115.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f94.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 14:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 281800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 14:54:51 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 61ms
59ms Image
image/gif 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.2501506029690983

Requested by

Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-r5U1-mMvCPYgskM-59l9Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-r5U1-mMvCPYgskM-59l9Iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 54ms
53ms Image
image/gif 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=7.911790102943412

Requested by

Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0Xm0AvAgy8nYsLQWGeVgvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:32 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-0Xm0AvAgy8nYsLQWGeVgvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 129ms
56ms XHR
text/html 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-82aIee0VrgX05RrzMJkqEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:32 GMT
content-security-policy: script-src 'report-sample' 'nonce-82aIee0VrgX05RrzMJkqEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.realmofdarkness.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adserverpub Show response
fundingchoicesmessages.google.com/f/AGSKWxUIdp9ZRoVhy0INPS4OV_X7Y4AevFHmir9J3McdjNGTVGlUjMjpwhcsSuyMMN_9V-1iCQK7IUlvZe4DUXe4ElJlU8O3MQUFX7Leel690vPFs4K4WjW7p4t4xQoZrWP8TXHc5C6H4_98xHqafTIpHPrfw9wM_... 54 B
109 B 56ms
55ms Script
application/javascript 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUIdp9ZRoVhy0INPS4OV_X7Y4AevFHmir9J3McdjNGTVGlUjMjpwhcsSuyMMN_9V-1iCQK7IUlvZe4DUXe4ElJlU8O3MQUFX7Leel690vPFs4K4WjW7p4t4xQoZrWP8TXHc5C6H4_98xHqafTIpHPrfw9wM_JTvCStMifs3wnXn6CsGtj2JfOOmQpwc/_/delayedad./download/ads/house_ad_/adserverpub?/cnads.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

4e161956e5b85b78c26cafc209437d0b8c17f8114a1de5ec6d026e37ed25a252

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-79GysuSvAMMUwlRS2uiwZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-79GysuSvAMMUwlRS2uiwZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 lidar.js Show response
pagead2.googlesyndication.com/pagead/js/ 84 KB
30 KB 36ms
35ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:31:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30828
x-xss-protection: 0
server: cafe
etag: 1270192977547311863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 02 Jan 2024 21:31:50 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nPDFbKa2sMzvX1Y2ZXrKeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-nPDFbKa2sMzvX1Y2ZXrKeg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.realmofdarkness.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 1526 51 KB
19 KB 37ms
36ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 14:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Dec 2024 14:46:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 75FB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Cph9TAnyUZcXfIY_x998P5qK8uAefkZ-_c5HnmbSFEuaF88CNDhABIN3GpARg_aCZgegDoAGJxbiwAsgBAqkCYeEl7oYsgT6oAwHIA8kEqgTrAU_QaISqitqcAIiWQFe8lltNtP3zNUOItvn...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3a06b82e5ed73fd80000000000000000%22,%222%22:%220x2e5e3ab6760beb380000000000000000%22,%223%22:%220x7cf0a9...

0
0

123ms
50ms

Fetch
text/css

142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x3a06b82e5ed73fd80000000000000000%22,%222%22:%220x2e5e3ab6760beb380000000000000000%22,%223%22:%220x7cf0a9267cbb89570000000000000000%22,%224%22:%220x495c53f0bc0789580000000000000000%22,%225%22:%220x6c18552301c614ed0000000000000000%22},%22debug_key%22:%2213312298443627207737%22,%22debug_reporting%22:true,%22destination%22:%22https://h5gamestreet.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22638460553%22],%2222%22:[%22true%22],%224%22:[%2201-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221227445651532844993%22}&andc=true

Requested by

Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/

Protocol

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x3a06b82e5ed73fd80000000000000000","2":"0x2e5e3ab6760beb380000000000000000","3":"0x7cf0a9267cbb89570000000000000000","4":"0x495c53f0bc0789580000000000000000","5":"0x6c18552301c614ed0000000000000000"},"debug_key":"13312298443627207737","debug_reporting":true,"destination":"https://h5gamestreet.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["638460553"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"1227445651532844993"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 Jan 2024 21:11:33 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 Jan 2024 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x3a06b82e5ed73fd80000000000000000","2":"0x2e5e3ab6760beb380000000000000000","3":"0x7cf0a9267cbb89570000000000000000","4":"0x495c53f0bc0789580000000000000000","5":"0x6c18552301c614ed0000000000000000"},"debug_key":"13312298443627207737","debug_reporting":true,"destination":"https://h5gamestreet.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["638460553"],"22":["true"],"4":["01-02"],"6":["true"]},"priority":"500","source_event_id":"1227445651532844993"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5EC1 0
23 B 63ms
62ms Image
text/html 172.253.122.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCJI1AnyUZbPqILjC998PhMSZuA_SkbaNbbnQrsqWD8CNtwEQASAAYP2gmYHoA4IBF2NhLXB1Yi0wNDkwODI5MzUyMTUxMDM3yAEJqAMByAMCqgTWAU_QtxicNfRvIHobO9-Og6unm34B_fFm-E1lO_1s6fYhYjJgggLPSJ4QrRuXyT_8h56udoPOjBXPcABfdr9dU88pks_K98BOJCQIe_TrrDtnRBV_Rvp_Zfvrv1fLcyYS73d_MO2FfMI4NVIMQJHOTueOVcToQ9IIdM2eU0-N-_2_AxMhMJgF6pERfemMRaxdv0X2DvrbzlfjHDTw3NuN1-0e85FgBfFB2CUkThU0_1XB0u7WFxfmI68WebpBv09jy55Rq1ghVseC4H5TBAAtFoNrQ0DZxu6ABv71k9LN7qGMf6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlithfWJz7-DA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0wNDkwODI5MzUyMTUxMDM3GAA&sigh=OPOuJ1sVqcU&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_RQz3H26n51M1YoUMn_QUXOU4sVk4GDvKs4RYbPTxmA9u4qlpjUWCdmYnpWfwdOOEDRxkW2iZvIF4lXgixa0IF5aTBlHKkO1yw7EYAQ&cbvp=2&vis=1

Requested by

Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bh-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 02 Jan 2024 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 02 Jan 2024 21:11:33 GMT

GET
H2 204 rtimp
g.bidbrain.app/ Frame 5EC1 0
948 B 124ms
120ms Image
text/plain 172.64.141.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.bidbrain.app/rtimp?sid=7ffa6650-a9b3-11ee-86b7-fe44a5cf9e6b&d=www.realmofdarkness.net&cr=ext_ng_start_sec12&a=imp&p=ZZR8AgAINTMF_eE4AAZiBDOVubBgD2lLSXz5CQ&im=J6fgU5iv93o5ohj47UXT1UZUYKGEcOykM9wB26eKn600Jri3Fv4FpAYv07d7RM-oEFob0_WU6pLRITqgvAxkIqavxTVmmGrRXejcujdwpln5YXWsn_jDcOPNz7vialtngye5MHEpiVVjBOc1_NX9WhAejinA2eGBAakn-EO2GUUiDa1tjLCFIJvIr48Cmm9xxN8GzZs7DI1ZBT2eKd-1V9FjwovBJRgRRvSDW3VarZm_9xaDnKXkjGy34-qBNCTda8q4abGVKXVDQB1YNdgiEQQp3uyDiP6yHo9CrRnuHx971BgrokgyiAqN5wXW2hwm&cbvp=2
Requested by: Host: www.realmofdarkness.net
URL: https://www.realmofdarkness.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQPQpMElnnqjKwaR%2FGj4HVIBzB7%2Fmm3oBVoOEyc%2Bdcv13MXw7VWIi1DVPHRvlQkyN%2FRLDlcSHtTyeb8EQn7IGS2fOx1qJgQhzgo5pXlPNLqa2DIOboP1msoZhcqHovXFzA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83f5fec12bb0436a-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

GET
H2 200 RobotoRegular.woff2
cdn.bidbrain.app/compressedFonts/ Frame 5EC1 60 KB
61 KB 96ms
95ms Font
application/octet-stream 172.64.141.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoRegular.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1199
x-guploader-uploadid: ABPtcPo_PoXr_nWUjp8A9GS2d_gWSsASDdoBiEJQQqK409iHyt_zigb38KfZsX686K3eYFbejRh0xHCHD190_DS_QqPrlw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61736
last-modified: Wed, 29 Nov 2023 10:07:40 GMT
server: cloudflare
etag: "ede84d96808c486e3de74cbd8f2a2c80"
vary: Accept-Encoding
x-goog-generation: 1701252459996546
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=fte1vA==, md5=7ehNloCMSG4950y9jyosgA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jmo%2BNx7bOaXUeZS58wFnhJ0gM7aYz1bh7fYRyWWK8JG3HdSAt5NqvbyJJ3rH22hlndnfO4vky2r8QraxvTRWeimNHU%2FYWLnJ5kL%2B1X0v6bKCq9FOODMFZFVsH1LBkPzzhNmq"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61736
accept-ranges: bytes
cf-ray: 83f5fec13b070f3a-EWR
expires: Tue, 02 Jan 2024 21:18:19 GMT

GET
H2 200 RobotoBold.woff2
cdn.bidbrain.app/compressedFonts/ Frame 5EC1 60 KB
61 KB 72ms
71ms Font
application/octet-stream 172.64.141.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bidbrain.app/compressedFonts/RobotoBold.woff2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=331652642&adf=3025194257&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890330&bpp=4&bdt=200&idt=128&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&correlator=6381760612928&frm=20&pv=2&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 73
x-guploader-uploadid: ABPtcPrlKFMyTWWzDp19PN1YggjlLzAgV4_v0F_mznKjm5iKYRmwOCZbdEPLX8A7nCZSkakqkIpkuW65s_z32iDZK36SwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 61628
last-modified: Wed, 29 Nov 2023 10:09:00 GMT
server: cloudflare
etag: "1033a47731e45f7bd46a1962359e96b4"
vary: Accept-Encoding
x-goog-generation: 1701252540208192
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=8QCKtg==, md5=EDOkdzHkX3vUahliNZ6WtA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QS2%2B6La%2FsLNqLMVUDRPCxioDqDcTM2ZV27celYoorNeaHcmbquaEIlFSADzi%2BB2RAoSVheCGDiEAR90iM49AYPSum8QGMnkHewczLrrQJJmv6pVlTHUL87%2BM7z%2F4Em5PMiJR"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 61628
accept-ranges: bytes
cf-ray: 83f5fec13b0a0f3a-EWR
expires: Tue, 02 Jan 2024 21:34:25 GMT

GET
H3 200 1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js Show response
pagead2.googlesyndication.com/bg/ Frame 88D6 51 KB
19 KB 36ms
36ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1_7gewjyGlqcOFIguOJ5AHUn6L-zJDTVPaBHJ2ADYro.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0490829352151037&output=html&h=280&slotname=9025750243&adk=1849718230&adf=854766408&pi=t.ma~as.9025750243&w=1020&fwrn=4&fwrnh=100&lmt=1689943775&rafmt=1&format=1020x280&url=https%3A%2F%2Fwww.realmofdarkness.net%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1704229890335&bpp=1&bdt=205&idt=151&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=1020x280&correlator=6381760612928&frm=20&pv=1&ga_vid=1461038941.1704229890&ga_sid=1704229890&ga_hid=988409978&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=1646&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079759%2C31080181%2C95320885&oid=2&pvsid=2576699267626447&tmod=1654600371&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=154

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

sffe /

Resource Hash

d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 14:46:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 282333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19719
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 29 Dec 2024 14:46:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a1jZKeObWCZTRT4CRz4k3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-a1jZKeObWCZTRT4CRz4k3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.realmofdarkness.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UOAo0pW0ZfICbjB9EBjAsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-UOAo0pW0ZfICbjB9EBjAsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.realmofdarkness.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Og1HdZit0AeITtTvgajfiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Og1HdZit0AeITtTvgajfiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://www.realmofdarkness.net
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxX0w0nf4GeqgmHgHfYv3x9Vrkn7gbDFGshmL-ycO0cf2Jc08yViMKrIqIiG1HY18EviWFBzZ-zl9UcW5IuffxJK_mB-Qc3wRTb89VxaeJeVfnpX6eIhXf7wtHY7zJ4x8PXqq87Bsg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 63ms
63ms Script
application/javascript 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX0w0nf4GeqgmHgHfYv3x9Vrkn7gbDFGshmL-ycO0cf2Jc08yViMKrIqIiG1HY18EviWFBzZ-zl9UcW5IuffxJK_mB-Qc3wRTb89VxaeJeVfnpX6eIhXf7wtHY7zJ4x8PXqq87Bsg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA0MjI5ODkzLDMxNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucmVhbG1vZmRhcmtuZXNzLm5ldC8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

20d6fa39524837b22a5466a9919928b4dafb941e3837bcc32ae3ae09a2c46ff6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l-G1KKxEsFdARC3C07cAgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-l-G1KKxEsFdARC3C07cAgQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 125ms
49ms Preflight
text/html 142.251.163.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.163.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wv-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 02 Jan 2024 21:11:33 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rtimp
g.bidbrain.app/ Frame 5EC1 0
466 B 116ms
116ms Ping
text/plain 172.64.141.23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://g.bidbrain.app/rtimp
Requested by: Host: cdn.bidbrain.app
URL: https://cdn.bidbrain.app/ng-assets/creative/assets/index-9054913c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.141.23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
pragma: no-cache
server: cloudflare
access-control-allow-methods: GET,HEAD,OPTIONS,POST,PUT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uJX4RYgShZnxUYdeW5Ww0HEsEjhYMyB4c83cIkTUNRFQUF35uQxM1YkC%2F7ltkRHlK3CXlu3%2FPSsXe7GwzDqCIhTKn1UXGUaoMJ7CSAOn9kRI7AeAtP5mDtGs2nmPWBkNJg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 83f5fec1ac38436a-EWR
access-control-allow-headers: Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires: 0

POST
H3 204 AGSKWxXW9ngNSFEpQpCeN6QmhldQWn3WPYFdpjhiNULQB8_R1pLYRBAIk-metlGOrWdoTMcM0F_BvNeSLz1tyhymYwB2R7U4EErqRDt-bDG4nPyphKfTqxbD_yYsRzK8KSb2biYS_3hJ-w== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 62ms
62ms XHR
text/html 172.253.63.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXW9ngNSFEpQpCeN6QmhldQWn3WPYFdpjhiNULQB8_R1pLYRBAIk-metlGOrWdoTMcM0F_BvNeSLz1tyhymYwB2R7U4EErqRDt-bDG4nPyphKfTqxbD_yYsRzK8KSb2biYS_3hJ-w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-G8DtAoj54UTDKM-MSGbiDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-G8DtAoj54UTDKM-MSGbiDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.realmofdarkness.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVkkeIrEOoMMJS5ovugm4CfebP5NLSNo_yLlJW063wjJ_SVWiQjl2DF95UFPvhDxyG9OBtrxopqKXDjbkVBsgsxcm0iv_hg7xL9uoivmDwLhVVTzULy3b2FgvWv96EQfjFi_MeQrw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bi-in-f100.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BA3gXYdY2F2Sid8f7flfhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-security-policy: script-src 'report-sample' 'nonce-BA3gXYdY2F2Sid8f7flfhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.realmofdarkness.net
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 127ms
56ms XHR
application/json 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

cafe /

Resource Hash

b9c00d40016ed4dfde1bd13bdcf56647282ba4fa80c2d492ffcbd41cd06eb028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12174
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 37ms
36ms Script
text/javascript 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js?bust=31080181

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.realmofdarkness.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 02 Jan 2024 21:11:33 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 177E 13 KB
5 KB 36ms
35ms Document
text/html 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.111.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ranges: bytes
age: 12707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 17:39:46 GMT
expires: Wed, 01 Jan 2025 17:39:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AD27 829 B
999 B 51ms
50ms Document
text/html 142.251.167.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.167.147 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ww-in-f147.1e100.net

Software

GSE /

Resource Hash

eaa2c7fb02a60a046fc76804c434eccb7e079183748ce0699b2acc7227615b23

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f1p5nJbJMqb8j2EXQP6Fyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.realmofdarkness.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-f1p5nJbJMqb8j2EXQP6Fyg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 02 Jan 2024 21:11:33 GMT
expires: Tue, 02 Jan 2024 21:11:33 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 177E 39 KB
15 KB 36ms
35ms Script
text/javascript 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.115.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bg-in-f156.1e100.net

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 20:12:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Jan 2025 20:12:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AD27 0
0 50ms
50ms Image
text/html 172.253.115.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2576699267626447&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.253.115.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bg-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 177E 0
10 B 35ms
35ms Image
text/plain 142.251.111.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?BVt6eQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.111.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: bk-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 21:11:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.realmofdarkness.net/	1970-01-21 02:45:25	Name: __gads Value: ID=9257d1b1336b750e:T=1704229890:RT=1704229890:S=ALNI_MZQ_8Jpx5ayaYT4MuU3RRU_LpX0hA
.realmofdarkness.net/	1970-01-21 02:45:25	Name: __gpi Value: UID=00000db05cbc251c:T=1704229890:RT=1704229890:S=ALNI_Mbi5SI_d0JxixM-OYZt0f2R2TLlmQ
.doubleclick.net/	1970-01-20 17:23:53	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 02:59:49	Name: IDE Value: AHWqTUlgx-DwnqmoqRj5QmLhXzAFTg21SgyxXMkZ7iCRnXf9uC3QHl5U7fySihhBEP8
.bidbrain.app/	1970-01-20 17:23:57	Name: sid_cross Value: 7ffa6650-a9b3-11ee-86b7-fe44a5cf9e6b
.realmofdarkness.net/	1970-01-21 02:09:25	Name: FCNEC Value: %5B%5B%22AKsRol-EnvQADHjFNUsxtq8Jfmbyslso-7jqZSbqGELcedQFmwFsrNcDS9wNf0tRwRiLdWarVW4V8YBjofZNbBS00KXU7llfUqMFUgh-LhEoxYBkvxjQxzMXMatbefqlxwQqcKJaRZonBWWoxZHtVD_oXadKHDEyTA%3D%3D%22%5D%5D
.bidbrain.app/	1970-01-21 02:59:49	Name: uid_cross Value: 81a2f26e-a9b3-11ee-a108-0ebba72f3b8e
.googleadservices.com/	1970-01-20 19:33:25	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.bidbrain.app
fonts.googleapis.com
fundingchoicesmessages.google.com
g.bidbrain.app
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
www.realmofdarkness.net
142.251.111.132
142.251.163.155
142.251.167.147
142.251.167.95
172.253.115.156
172.253.115.94
172.253.122.155
172.253.63.100
172.253.63.155
172.64.141.23
45.114.226.249
02f1dcc0c722e24cba9be4b720831a79489e766d5edf8b77f582e0869312d86e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
20d6fa39524837b22a5466a9919928b4dafb941e3837bcc32ae3ae09a2c46ff6
25f5a26c7c09cfd7694b88fe18a35b5e3fa5d229fa2f224be730e9f78c60000a
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32eaad162b746c4a6f8d0412e802ba1d9b49c3a5f49c3194cf27f9f912e37c27
3de53d6f883417d48f5bc1a8d2b38433191d148f10496b6c4dce027a1e5dd0f2
3f9bc1c2c975dd8572a1be2de18b57e04aeefb74ed1e5e15639d62af36ffe0bf
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4477d49db3a01bfb2432a793949e0d9a6466eb750c2499f095cb7e81bc7c1969
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e161956e5b85b78c26cafc209437d0b8c17f8114a1de5ec6d026e37ed25a252
4f0eeb6218e4f08b3b7996de9056867b4abf481e619b0fe461e0a5ce82535cbc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59772855fac9175497f46139966cffb190265fa9e62e5904e3d36f96d07d0139
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c412fbdbbf1417355373a80125c8cf7e5cbaab4218bae0316fe6ef917bf798
6303ac3f561dce94c50897383323843c09b7325d17b76740258ab4670caa5eed
649dc858753d50154bfc38090f2d09da61a6cee68f1c4c0471313e50a9725bbe
7ceb4dbe94c74fcaa999121708478fb1ef7f529e23ffef7d23d898ae81848a10
83cbb57e1adb6a7073f1000afc637c1a61f42e0fc5805b429ce63d07c25dc761
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8e04e71828ef3129fa5aac597e14bfd738f71bd7e59776d5d023709463626b0c
976b1d446e9f000ebc33704968e386bdf9a1c80afa733825c1fb92006d1736ae
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9ec3887edd874b13463933de1ede8856d386daa2b4d8ed7fe37ab3c0738b99c0
ab1c654b9c479b6f4ca460e079d409832d45fcd869dc7a8e708c82f396ed4c85
af5b3122532645b03bf84f88ca6c239a9ca9ddd18f20835a080d87f910bd2a87
b3f8b6630b6dff3720b43b2e745b4a2c6843539a16af9dc3cf5b98af45eb4a52
b657bb4a51e1d6fcc080ddf9464a7bea755ee51774c452ff2e21e66684e2152b
b9c00d40016ed4dfde1bd13bdcf56647282ba4fa80c2d492ffcbd41cd06eb028
bb77a2e3e3c02660c2be279be7c531f710542d3bc124000028d6a46b5b686cba
cc1b94c8727313b6c1194c7a1e120ce18681d2136dd17f8d772690974102ecc7
d7fee07b08f21a5a9c385220b8e279007527e8bfb32434d53da04727600362ba
d8d4dff672bb1bf2581d71d0722eac6a4e4802f4f3d8819121b327c14c0db6cd
d9b57b04d67e3468a1208936f6f9e1480f6afcddaf8a1035b48e34f836d9b08e
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e2e7bd6522d0c30e58cf4f967326a7df825eda407d506e6c1eccc8a049797e85
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e537bb0b81601eabcdc6dd4e2eb938917a7c6887765651882ec0ed5081c26c67
eaa2c7fb02a60a046fc76804c434eccb7e079183748ce0699b2acc7227615b23
f6b89af956b78e431a13590b8c1b754ca2e04ada416e565b82bad20ef0ff5f21

www.realmofdarkness.net Open in urlscan Pro 45.114.226.249 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

99 %HTTPS

0 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

1267 kBTransfer

2977 kBSize

8 Cookies

4 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.realmofdarkness.net Open in urlscan Pro
45.114.226.249 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

99 %
HTTPS

0 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

1267 kB
Transfer

2977 kB
Size

8
Cookies

72 HTTP transactions
2 data transactions