sites.google.com Open in urlscan Pro
2a00:1450:4001:82a::200e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Effective URL:
https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Submission: On November 15 via manual (November 15th 2022, 3:46:18 pm UTC) from IN — Scanned from DE

Summary HTTP 184 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 3 countries across 29 domains to perform 184 HTTP transactions. The main IP is 2a00:1450:4001:82a::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is sites.google.com. The Cisco Umbrella rank of the primary domain is 2824.
TLS certificate: Issued by GTS CA 1C3 on October 25th 2022. Valid for: 3 months.

This is the only time sites.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2606:4700:310... 2606:4700:310c::ac42:2cdd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	64.156.14.61 64.156.14.61	20473 (AS-CHOOPA) (AS-CHOOPA)
10	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
19	2606:4700:303... 2606:4700:3032::6815:351f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	64.190.90.88 64.190.90.88	399334 (SKYSILK-02) (SKYSILK-02)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223d:4000:17:62f0:2dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.248.90 18.66.248.90	16509 (AMAZON-02) (AMAZON-02)
3	34.242.92.110 34.242.92.110	16509 (AMAZON-02) (AMAZON-02)
5	2a06:98c1:312... 2a06:98c1:3121::3	() ()
1	52.49.181.242 52.49.181.242	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:5800:4:cd76:8580:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.70 142.250.186.70	() ()
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	() ()
1	35.244.174.68 35.244.174.68	() ()
1	35.186.253.211 35.186.253.211	() ()
2 2	185.64.190.78 185.64.190.78	() ()
4	172.217.18.2 172.217.18.2	() ()
1 1	69.173.144.138 69.173.144.138	() ()
2 2	172.64.154.237 172.64.154.237	() ()
1	2a00:1450:400... 2a00:1450:4001:812::2006	() ()
184	34

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

sites.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

script.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:310c::ac42:2cdd (United States)

ASN13335 (CLOUDFLARENET, US)

advanced-channeler.02.gz-associates.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.156.14.61 (Los Angeles, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 64.156.14.61.vultrusercontent.com

vivanews.asia	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:3032::6815:351f (United States)

ASN13335 (CLOUDFLARENET, US)

too-advanced-for-society.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.190.90.88 (United States)

ASN399334 (SKYSILK-02, US)

thegreatbanana.ripservers.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223d:4000:17:62f0:2dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.raygun.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-90.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.242.92.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-92-110.eu-west-1.compute.amazonaws.com

game.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
msgrt.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a06:98c1:3121::3 (None, )

ASN- ()

look-at-those.penguins-and-magic.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.181.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:5800:4:cd76:8580:93a1 (United States)

ASN16509 (AMAZON-02, US)

hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (None, ) 1 redirects

ASN- ()

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (None, )

ASN- ()

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (None, )

ASN- ()

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (None, )

ASN- ()

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (None, ) 2 redirects

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.2 (None, )

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (None, ) 1 redirects

ASN- ()

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (None, ) 2 redirects

ASN- ()

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (None, )

ASN- ()

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com Failed 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 136 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101	694 KB
30	google.com 4 redirects sites.google.com — Cisco Umbrella Rank: 2824 apis.google.com — Cisco Umbrella Rank: 98 script.google.com — Cisco Umbrella Rank: 10839 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	408 KB
27	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 ad.doubleclick.net cm.g.doubleclick.net	412 KB
19	too-advanced-for-society.gq too-advanced-for-society.gq — Cisco Umbrella Rank: 46971	1 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	838 KB
6	googleusercontent.com n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com — Cisco Umbrella Rank: 44805	52 KB
5	penguins-and-magic.gq look-at-those.penguins-and-magic.gq	472 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	189 KB
4	google.de adservice.google.de — Cisco Umbrella Rank: 8709	1 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	3 KB
3	gamedistribution.com game.api.gamedistribution.com — Cisco Umbrella Rank: 24722 msgrt.gamedistribution.com	3 KB
3	ripservers.com thegreatbanana.ripservers.com — Cisco Umbrella Rank: 48108	255 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	40 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 984 bcp.crwdcntrl.net — Cisco Umbrella Rank: 744	12 KB
2	vivanews.asia vivanews.asia	3 KB
2	gz-associates.com advanced-channeler.02.gz-associates.com — Cisco Umbrella Rank: 49032 Failed	3 KB
1	2mdn.net s0.2mdn.net	63 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com	516 B
1	openx.net rtb.openx.net	351 B
1	rlcdn.com id.rlcdn.com	98 B
1	quantserve.com cms.quantserve.com	465 B
1	improvedigital.com hb.improvedigital.com — Cisco Umbrella Rank: 21873
1	raygun.io cdn.raygun.io — Cisco Umbrella Rank: 12849	21 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	43 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	tunnl.com Failed ana.tunnl.com Failed
0	rudolph-the-red-nosed-reindeer.ga Failed rudolph-the-red-nosed-reindeer.ga Failed
184	29

	Domain	Requested by
23	tpc.googlesyndication.com	c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com sites.google.com googleads.g.doubleclick.net pagead2.googlesyndication.com
19	too-advanced-for-society.gq	advanced-channeler.02.gz-associates.com too-advanced-for-society.gq sites.google.com cdn.raygun.io
17	pagead2.googlesyndication.com	c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com securepubads.g.doubleclick.net 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com sites.google.com googleads.g.doubleclick.net
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	www.gstatic.com	sites.google.com www.gstatic.com n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
10	securepubads.g.doubleclick.net	vivanews.asia securepubads.g.doubleclick.net c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com www.googletagservices.com
8	www.google.com	4 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
8	script.google.com	sites.google.com script.google.com
7	apis.google.com	sites.google.com apis.google.com www.gstatic.com
6	n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com	script.google.com n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
5	look-at-those.penguins-and-magic.gq	advanced-channeler.02.gz-associates.com look-at-those.penguins-and-magic.gq
4	cm.g.doubleclick.net	sites.google.com googleads.g.doubleclick.net
4	www.googletagservices.com	c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	fonts.googleapis.com	sites.google.com script.google.com
3	thegreatbanana.ripservers.com	advanced-channeler.02.gz-associates.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com too-advanced-for-society.gq
3	fonts.gstatic.com	fonts.googleapis.com
3	sites.google.com	www.gstatic.com
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	msgrt.gamedistribution.com	cdn.raygun.io
2	8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	vivanews.asia	n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
2	advanced-channeler.02.gz-associates.com	www.gstatic.com advanced-channeler.02.gz-associates.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	id.rlcdn.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	hb.improvedigital.com	too-advanced-for-society.gq
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	game.api.gamedistribution.com	cdn.raygun.io
1	tags.crwdcntrl.net	too-advanced-for-society.gq
1	cdn.raygun.io	too-advanced-for-society.gq
1	c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.googletagmanager.com	sites.google.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	ana.tunnl.com Failed	cdn.raygun.io
0	rudolph-the-red-nosed-reindeer.ga Failed	advanced-channeler.02.gz-associates.com
184	42

This site contains links to these domains. Also see Links.

Domain
www.google.com

Subject Issuer	Validity	Valid
*.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
advanced-channeler.02.gz-associates.com Cloudflare Inc ECC CA-3	`2022-01-13` - `2023-01-12`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
vivanews.asia Sectigo RSA Domain Validation Secure Server CA	`2022-11-09` - `2023-11-09`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-03-05` - `2023-03-04`	a year	crt.sh
thegreatbanana.ripservers.com R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh
*.raygun.io Amazon RSA 2048 M02	`2022-10-11` - `2023-11-09`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
gamedistribution.com Amazon	`2022-09-19` - `2023-10-18`	a year	crt.sh
improvedigital.com Amazon	`2022-04-05` - `2023-05-04`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-10-25` - `2023-01-17`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Frame ID: 404357738EBB9710338B4FAAA83676B2
Requests: 21 HTTP requests in this frame

Frame: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
Frame ID: 5414D72AEC68F8D6ED8893A43670CCA9
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&r=907339296
Frame ID: FEA8784E1D76EA3C60FBBE2DD1953DED
Requests: 6 HTTP requests in this frame

Frame: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
Frame ID: 495B0780923564A909B96028B40A25B8
Requests: 5 HTTP requests in this frame

Frame: https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple
Frame ID: FD309B651426D487E92A6C3E92EEB99F
Requests: 1 HTTP requests in this frame

Frame: https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple
Frame ID: 8EFF77DF27541682CF39A0DA82A3FA91
Requests: 8 HTTP requests in this frame

Frame: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel
Frame ID: 2F4296C8FAA20AEC6138BFA790C5DBF7
Requests: 2 HTTP requests in this frame

Frame: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel
Frame ID: 5DAF1705B043E833310B73A125D4CE20
Requests: 2 HTTP requests in this frame

Frame: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/blank
Frame ID: 1615C19C7CF7E0AEEB4E0B5BA98555AC
Requests: 2 HTTP requests in this frame

Frame: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/blank
Frame ID: 0ED48DC746E5012F2CD727EC4FA07658
Requests: 2 HTTP requests in this frame

Frame: https://vivanews.asia/970x250.html
Frame ID: 7C536216F8DBCFB1FAFA261913506E3D
Requests: 8 HTTP requests in this frame

Frame: https://vivanews.asia/970x250.html
Frame ID: ED8DE085F6DF49E5D221FF6B773AF205
Requests: 9 HTTP requests in this frame

Frame: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Frame ID: CBE0C3EEB6B22A1D24D4D29E2B1E4083
Requests: 36 HTTP requests in this frame

Frame: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 453563D1A0D5B34E1C3AADE6F3342048
Requests: 1 HTTP requests in this frame

Frame: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 395E674872C31C6FFA008AE23EF37148
Requests: 1 HTTP requests in this frame

Frame: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: 855C1A4A591809CACDACBC79133E174B
Requests: 12 HTTP requests in this frame

Frame: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4
Frame ID: CFDF0097E705BFF3FFCAB2266E6D4949
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 1C9733BA973A0B97D9EA51F66A163CFA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4B7AF0B5B3474FBA90813263693F911
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0B912F769F19BDD865E80298CB6A7C34
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=376782693&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175536&bpp=4&bdt=186&idt=259&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=8297827612656&frm=8&ife=1&pv=2&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.azw9xzc9rhvp&fsb=1&dtd=279
Frame ID: 129AC3460E155B7DA2D28CAD6AAA77EA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=376782691&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175576&bpp=4&bdt=284&idt=253&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=4663328646530&frm=8&ife=1&pv=2&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.z8tyjx8ttj08&fsb=1&dtd=273
Frame ID: BD65929F8ED98C9CFF736169323B390A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327
Frame ID: ED2E4E031A09E41D9FDFD2EADE867E19
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294
Frame ID: 71C91B35CAFA9196BF7E1BCB2B2615AB
Requests: 9 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=13998/rand=256190941/pv=y/act=play/med=game/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20too-advanced-for-society.gq/int=%23OpR%2386566%23too-advanced-for-society.gq%20%3A%20Site%20Section%20%3A%20tmm-fireboy-watergirl-in-the-forest-temple/rt=ifr
Frame ID: A981D2D4C8E63E66374DCF50BFC0A4A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0F287590B9091F5B0BD90198C83C08AF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 90827793D279F1BFAB0677CB574D4B33
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
Frame ID: 7171F7980AB4CFE1179306948A1E6C16
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html
Frame ID: FC179379D8EE6555BDEC61CF58A3FCB1
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 798B81BA47BB2A85D1D984E1E527B68B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC0A0501FE9C88FCC9A82E4803C6A6B5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF72E26475EAA26276608D41CF9C0B19
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tyrone's Unblocked Games - Fireboy and Watergirl: In the Light Temple

Page URL History Show full URLs

http://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple HTTP 307
https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple Page URL

Detected technologies

Google Sites (CMS) Expand

Overall confidence: 100%
Detected patterns

^https?://sites\.google\.com

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Page Statistics

184
Requests

91 %
HTTPS

67 %
IPv6

29
Domains

42
Subdomains

34
IPs

3
Countries

4355 kB
Transfer

14647 kB
Size

5
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/policies/technologies/cookies/
Title: Weitere Informationen

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple HTTP 307
https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 44

https://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 135

https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.350139965;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.350139965;dc_pre=COCY0o3EsPsCFZpt4AodhysHoQ;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 147

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYe3UJuyN-M8oaIDdTpSNk&google_cver=1&google_push=ASkJ3FYY4NX8e_feXQUX7l_8W5Slogrw4MI5EEN2Ak1YfaQVxwT5M6UKRs5WhEAGPAztRSAWFLWpM4CydomPVNoOln4anm9-RgU0ZqkSHSjVxwiktHjr_8PuRddVZgKH7JgpxJ5QDmP0hJ2Y5OzMsO6U8V0 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKYe3UJuyN-M8oaIDdTpSNk&google_cver=1&google_push=ASkJ3FYY4NX8e_feXQUX7l_8W5Slogrw4MI5EEN2Ak1YfaQVxwT5M6UKRs5WhEAGPAztRSAWFLWpM4CydomPVNoOln4anm9-RgU0ZqkSHSjVxwiktHjr_8PuRddVZgKH7JgpxJ5QDmP0hJ2Y5OzMsO6U8V0&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQWHcTY3Sh6pwMHkXkl3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYY4NX8e_feXQUX7l_8W5Slogrw4MI5EEN2Ak1YfaQVxwT5M6UKRs5WhEAGPAztRSAWFLWpM4CydomPVNoOln4anm9-RgU0ZqkSHSjVxwiktHjr_8PuRddVZgKH7JgpxJ5QDmP0hJ2Y5OzMsO6U8V0

Request Chain 148

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENdVXOj63gjzYkVd7doMhCc&google_cver=1&google_push=ASkJ3FZC_A8onuxy0iUgf0sfAmTaVEfRi0_laEXNNFMY0QZllmMPG44V6XVOS8mdEu0KG1i14HGMIm8ci_U-tBypLgsojzacvSOnwafIE3Yil1Z24tmUOts7pQcs5VULgkf0vtI8oeNIwp_SynzX8j7TQqY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRTAxUzQtMjEtNDlDQg==&google_push=ASkJ3FZC_A8onuxy0iUgf0sfAmTaVEfRi0_laEXNNFMY0QZllmMPG44V6XVOS8mdEu0KG1i14HGMIm8ci_U-tBypLgsojzacvSOnwafIE3Yil1Z24tmUOts7pQcs5VULgkf0vtI8oeNIwp_SynzX8j7TQqY

Request Chain 149

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_cver=1&google_push=ASkJ3FZQJh4pyWg9m5VxNWASqJkf5obpNfyjDfPMO1qZ4uEGm6YVM2zBka1LYye8iewIGUs5OKg1tRpMzFQDGIKcvkj7hNDkxOKn_Z0jbt-hF7Wg9Pwnay-TTDhsRazLWCga4_xXGWjoxFBpdjiHgZtymBw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_push=ASkJ3FZQJh4pyWg9m5VxNWASqJkf5obpNfyjDfPMO1qZ4uEGm6YVM2zBka1LYye8iewIGUs5OKg1tRpMzFQDGIKcvkj7hNDkxOKn_Z0jbt-hF7Wg9Pwnay-TTDhsRazLWCga4_xXGWjoxFBpdjiHgZtymBw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_hm=Y3O0SeOg2pzR5bR6Fgrn-wAABKMAAAAB&google_nid=index&google_push=ASkJ3FZQJh4pyWg9m5VxNWASqJkf5obpNfyjDfPMO1qZ4uEGm6YVM2zBka1LYye8iewIGUs5OKg1tRpMzFQDGIKcvkj7hNDkxOKn_Z0jbt-hF7Wg9Pwnay-TTDhsRazLWCga4_xXGWjoxFBpdjiHgZtymBw

Request Chain 152

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 173

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

184 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request fireboy-and-watergirl-in-the-light-temple Show response
sites.google.com/site/tyroneunblockedgame/
Redirect Chain

http://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

362 KB
31 KB

297ms
224ms

Document
text/html

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1238660c3026a481762d99eb5f3514e640cb0a925a2b272ef6d418b7122851aa

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-rXRu49aQoLdcoge2SW8D3w' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-rXRu49aQoLdcoge2SW8D3w' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
content-type: text/html; charset=utf-8
cross-origin-opener-policy: unsafe-none
date: Tue, 15 Nov 2022 15:46:12 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ESF
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Non-Authoritative-Reason: HSTS

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 84ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

205200acf73f653da1b5f5b306246d80720b4170128314423575d36c35f63bec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 15:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 14:30:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 15:46:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
913 B 86ms
34ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3Ai%2Cbi%2C700%2C400%2C500&display=swap

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 15:46:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 15:46:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 15:46:12 GMT

GET
H2 200 rs=AGEqA5lXxIqsbJj7bDw8UXAUDI1v7jM2mQ
www.gstatic.com/_/atari/_/ss/k=atari.vw.98tpv-mjFlk.L.W.O/d=1/ 1 MB
135 KB 78ms
25ms Stylesheet
text/css 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.98tpv-mjFlk.L.W.O/d=1/rs=AGEqA5lXxIqsbJj7bDw8UXAUDI1v7jM2mQ

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2769b236db007e768e8c7270e9fdd11912c617f4c0aff871b3e923fc4d3967f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 17:22:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 512649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138105
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Thu, 09 Nov 2023 17:22:03 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 17 KB
7 KB 117ms
58ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b545e8dbb9533f8475d1447b87dd73e62d1d193131c313cb954cb9e41202b90

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 15:46:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6892
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "b759cb48e0d7f2ee"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 98ms
33ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130251524-7

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4680a735991395644275ccb0c3d3614975e5c528a51edf3433cff28d9a7de1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43598
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 15 Nov 2022 15:46:12 GMT

GET
H2 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/ 516 KB
175 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe00e8df8c80e1905cabfa7f1a656a352552cc904c039418b7fb656e6821f11b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Sun, 13 Nov 2022 07:24:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202902
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 179066
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Mon, 13 Nov 2023 07:24:30 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 308 KB
105 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4430fd3ae9ba835127e6e79bc2f1e8a0d506a5a082a285bc8097fdfbb79a1592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 10:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106804
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 10:05:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 91ms
20ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 417837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 19:42:15 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ 28 KB
28 KB 96ms
24ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 21:35:41 GMT
x-content-type-options: nosniff
age: 411031
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 21:35:41 GMT

GET
H2 200 exec Show response
script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/ Frame 5414 3 KB
2 KB 1015ms
924ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3698531ebf8607955693573df0c8106f47ed01adbca6d81e048dab7af146e2e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-daXbALlMIFQ4hy5vmpPWnQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sites.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-daXbALlMIFQ4hy5vmpPWnQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame FEA8 2 KB
1 KB 25ms
21ms Document
text/html 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 443870
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 922
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Thu, 10 Nov 2022 12:28:22 GMT
expires: Fri, 10 Nov 2023 12:28:22 GMT
last-modified: Wed, 09 Nov 2022 13:33:16 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 exec Show response
script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/ Frame 495B 3 KB
2 KB 648ms
558ms Document
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c20c562e8e0e40ee6cff2d4bedff7af51e42ddffef70c87f60d814a8bbeb6552

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AwRhXmie-wZkz2Lt7dFVVQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://sites.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-AwRhXmie-wZkz2Lt7dFVVQ' 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /cspreport
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 65ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sites.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 445592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Nov 2023 11:59:40 GMT

GET
H3 200 m=sy1b,sy1c,sy1a,FoQBg Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/ 36 KB
12 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=sy1b,sy1c,sy1a,FoQBg

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7777e71c0bf1e9beeb9fb8c7ee5c9a81897bf05f02d6118f617f442b9462f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12252
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 10 Nov 2023 08:49:40 GMT

GET
H3 200 m=sy2n,TRvtze Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/ 854 B
520 B 26ms
25ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=sy2n,TRvtze

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b378678c970d59b708eb6200b3bb325bfc89d1b400e0f59b9ae76b96cf80438

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 494
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 10 Nov 2023 08:49:40 GMT

GET
H3 200 m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy15,TGYpv,sy10,X85Uvc,HIeYee,QxOCld,syy,YXyON,sy2p,abQiW,W26a5e,hJUyqe,sy12,sy17,sy13,sy14,sy16,fuVYe,syl,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,sy19,zPx2U,qEW1W,oNFsLb,sy3n... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/ 1 MB
394 KB 29ms
24ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=MpJwZc,n73qwf,A4UTCb,qAKInc,sy15,TGYpv,sy10,X85Uvc,HIeYee,QxOCld,syy,YXyON,sy2p,abQiW,W26a5e,hJUyqe,sy12,sy17,sy13,sy14,sy16,fuVYe,syl,ruhlUe,KUM7Z,XDKZTc,sy11,qkPXAf,sy19,zPx2U,qEW1W,oNFsLb,sy3n,yxTchf,sy3o,sy3p,xQtZb,yf2Bs,sy3,sya,yyxWAc,qddgKe,sy2r,SM1lmd,sy8,sy7,syx,RRzQxe,zZvHmd,syz,YV8yqd,sy9,syc,sym,syb,fNFZH,sy2q,sy1h,sy1s,syn,RrXLpc,cgRV2c,sy1t,o1L5Wb,X4BaPc,syh,Md9ENb,sy1j,sy1k,sy1l,syp,sy1e,sy1f,sy1g,sy1i,sy1r,syq,syw,KlrXId,NlqxW,sy1o,sy1p,sy1q,sy1n,sy4,syd,sy1m,sy1v,sy1y,sy20,sy25,sy1w,sy24,sy2c,sy1u,sy1x,sy22,sy1z,sy23,sy26,sy29,sy2b,sy2e,sy2f,sy1d,T807ad,sy21,ZDEHrf,sy27,sy28,sy2a,sy2d,oy3iwb,dBhIIb,syr,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,heobjb,R4KMEc,sy2g,sy2h,sy2i,sy2j,UYjpC,vVEdxc,sy5,VYKRW,sy18,CG0Qwb,RZ9OZ,N0NZx

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73537bc32f59176164bf424ddee4e2c9c8792a1199283b99f3edfd152fddf6fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 22:39:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61574
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403552
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Tue, 14 Nov 2023 22:39:58 GMT

GET
H3 200 m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/ 27 KB
10 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=sy3e,IZT63,vfuNJf,sy38,sy3c,sy3f,sy3s,sy3q,sy3r,siKnQd,sy36,sy3d,sy3h,YNjGDd,sy3g,sy3i,PrPYRd,iFQyKf,hc6Ubd,sy3t,SpsfSb,sy39,sy3b,wR5FRb,pXdRYb,dIoSBb,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f41c19767f2eafb06083042af4b6384e6b8794acf181e8140c5b58ada68f5771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 08:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 456992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10035
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Fri, 10 Nov 2023 08:49:40 GMT

GET
H3 200 m=m9oV,sy3j,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,syt,syv,HYv29e,sy2u,uY3Nvd Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/ 33 KB
11 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=0/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=m9oV,sy3j,NTMZac,rCcCxc,mzzZzc,RAnnUd,sy2s,uu7UOe,nAFL3,sy2m,gJzDyc,sy2t,sy3u,soHxf,syt,syv,HYv29e,sy2u,uY3Nvd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a66b254edfcabcbaf0626a5ff8769babb01a81b2a1ee59671dce713a58106e80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 16:38:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10977
x-xss-protection: 0
last-modified: Tue, 08 Nov 2022 13:45:40 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
expires: Tue, 14 Nov 2023 16:38:06 GMT

GET
H3 200 api.js Show response
apis.google.com/js/ Frame FEA8 17 KB
7 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 15:46:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6890
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "de7c76c1ab2f4ad3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130251524-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1818
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 17:15:54 GMT

POST
H3 200 logImpressions Show response
sites.google.com/_/view/ 16 B
64 B 177ms
132ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.google.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ 262 B
207 B 22ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_1?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

770de255552a7557975420998849f18950da44c03bc70087acbb177467021bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sites.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 10 Nov 2022 23:38:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 181
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Nov 2023 23:38:02 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ Frame FEA8 46 KB
16 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a07207b11d5f6eff08c00e44b624eef20b4f870f76dbbd45ed6a9a1844adaef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16491
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 09:18:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 72ms
28ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1914964074&t=pageview&_s=1&dl=https%3A%2F%2Fsites.google.com%2Fsite%2Ftyroneunblockedgame%2Ffireboy-and-watergirl-in-the-light-temple&ul=en-us&de=UTF-8&dt=Tyrone%27s%20Unblocked%20Games%20-%20Fireboy%20and%20Watergirl%3A%20In%20the%20Light%20Temple&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1105741124&gjid=1650842019&cid=1512805462.1668527173&tid=UA-130251524-7&_gid=497596260.1668527173&_r=1&gtm=2oub90&did=dZWRiYj&gdid=dZWRiYj&z=1083800286

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://sites.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sites.google.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/ Frame FEA8 2 KB
947 B 57ms
55ms Document
text/html 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&r=907339296

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 922
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="apps-sites"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:13 GMT
expires: Wed, 15 Nov 2023 15:46:13 GMT
last-modified: Mon, 14 Nov 2022 18:04:53 GMT
report-to: {"group":"apps-sites","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-sites"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET /
advanced-channeler.02.gz-associates.com/ Frame FD30 0
0

GET
H3 200 api.js Show response
apis.google.com/js/ Frame FEA8 17 KB
7 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/7925c5f8e01bacb9b4b0a3783ae0b867/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.xUkR-bAKkoQ.O%2Fd%3D1%2Frs%3DAHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg%2Fm%3D__features__&r=907339296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 15:46:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6890
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "de7c76c1ab2f4ad3"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/ Frame FEA8 46 KB
16 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.xUkR-bAKkoQ.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8Rxvb1fXQLSdj_m04EtSSnZCh7fg/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a07207b11d5f6eff08c00e44b624eef20b4f870f76dbbd45ed6a9a1844adaef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Fri, 11 Nov 2022 09:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16491
x-xss-protection: 0
last-modified: Tue, 04 Oct 2022 15:24:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Nov 2023 09:18:10 GMT

GET
H2 200 / Show response
advanced-channeler.02.gz-associates.com/ Frame 8EFF 255 B
756 B 1024ms
76ms Document
text/html 2606:4700:310c::ac42:2cdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2cdd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ed88f03f6695c18d64c91f426e843d3d621b78e6ca79d16ebc2ada5bc506674

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gstatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 76a91e56de8a9290-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:14 GMT
etag: W/"a02738376bcb6589e94b2dc36f42de7f"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T53L5ODeRp%2BVscep%2FswIy1uRf2qIdD17z86rTxDtSXUXDGBONqT1YpZfP5nkYCBA%2BXMc6Ib%2FC66N78H299FW4d4Skum%2FimmAvHMz91HAuiee2kCk5YEBI3ZlGdPX%2FafxTIUBrdDbbph0ylZlymkNTBsFkx4p%2F51yLplX5uIdTD56xhNsWDY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 icon
fonts.googleapis.com/ Frame 495B 569 B
367 B 148ms
103ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://script.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 15:46:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 1503957528-mae_html_css_ltr.css
script.google.com/static/macros/client/css/ Frame 495B 298 KB
43 KB 146ms
102ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/static/macros/client/css/1503957528-mae_html_css_ltr.css

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45405007a3ad2edadaff43f8817dbbdbb41e6b50e91b90c3a006ef73dc0f274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43603
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 07:26:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/css
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 939463806-warden_bin_i18n_warden__de.js Show response
script.google.com/static/macros/client/js/ Frame 495B 176 KB
64 KB 170ms
125ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/static/macros/client/js/939463806-warden_bin_i18n_warden__de.js

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3a3cec8493984f163eba7dfc0fee3b3d5fadef04f7c78b1d9a323ab15db692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65553
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 07:26:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H2 200 userCodeAppPanel Show response
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/ Frame 2F42 899 B
934 B 227ms
139ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fe4eb4decb5d59d183892a5771a5e0bb40514090bff4af5a3feed0e89eb3ec6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://script.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 icon
fonts.googleapis.com/ Frame 5414 569 B
367 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://script.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 15:46:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 1503957528-mae_html_css_ltr.css
script.google.com/static/macros/client/css/ Frame 5414 298 KB
43 KB 30ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/static/macros/client/css/1503957528-mae_html_css_ltr.css

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f45405007a3ad2edadaff43f8817dbbdbb41e6b50e91b90c3a006ef73dc0f274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43603
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 07:26:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/css
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 939463806-warden_bin_i18n_warden__de.js Show response
script.google.com/static/macros/client/js/ Frame 5414 176 KB
64 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/static/macros/client/js/939463806-warden_bin_i18n_warden__de.js

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e3a3cec8493984f163eba7dfc0fee3b3d5fadef04f7c78b1d9a323ab15db692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65553
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 07:26:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H2 200 userCodeAppPanel Show response
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/ Frame 5DAF 899 B
628 B 138ms
137ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Requested by

Host: script.google.com
URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

86a2980fad101ce91ec522fa4b087674e4daa4009efb66880fb9df162e1823be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://script.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:13 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 2515706220-mae_html_user_bin_i18n_mae_html_user__de.js Show response
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/static/macros/client/js/ Frame 2F42 66 KB
25 KB 75ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/static/macros/client/js/2515706220-mae_html_user_bin_i18n_mae_html_user__de.js

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c3f54f1622c75ca79a313b300ef4bd593dac0bca5edf428eebf56e6f573a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25723
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 07:26:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 blank Show response
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/ Frame 1615 107 B
139 B 139ms
138ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/blank

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e96a0764601b88a69e05cd4e457e4fd48ec506820f4984c88ac97a57f11a4e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:13 GMT
expires: Wed, 15 Nov 2023 15:46:13 GMT
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-ua-compatible: chrome=IE9
x-xss-protection: 1; mode=block

GET
H3 200 2515706220-mae_html_user_bin_i18n_mae_html_user__de.js Show response
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/static/macros/client/js/ Frame 5DAF 66 KB
25 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/static/macros/client/js/2515706220-mae_html_user_bin_i18n_mae_html_user__de.js

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1c3f54f1622c75ca79a313b300ef4bd593dac0bca5edf428eebf56e6f573a26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25723
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 07:26:02 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type: text/javascript
cache-control: public, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="docs"
expires: Tue, 15 Nov 2022 15:46:13 GMT

GET
H3 200 blank Show response
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/ Frame 0ED4 107 B
139 B 133ms
132ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/blank

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e96a0764601b88a69e05cd4e457e4fd48ec506820f4984c88ac97a57f11a4e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Nov 2022 15:46:14 GMT
expires: Wed, 15 Nov 2023 15:46:14 GMT
referrer-policy: strict-origin-when-cross-origin
server: GSE
x-content-type-options: nosniff
x-ua-compatible: chrome=IE9
x-xss-protection: 1; mode=block

POST
H3 200 wardeninit Show response
script.google.com/ Frame 495B 94 B
101 B 131ms
131ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/wardeninit?_reqid=56775&rt=j

Requested by

Host: script.google.com
URL: https://script.google.com/static/macros/client/js/939463806-warden_bin_i18n_warden__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0872fc7088ef08ea648b4b34fa9b57e7c742322f8c1c3e4fe56bbf48f69538b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Same-Domain: 1
Referer: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

loader.js Show response
www.gstatic.com/charts/ Frame 1615
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
19 KB

22ms
22ms

Script
text/javascript

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Tue, 15 Nov 2022 16:41:42 GMT

Redirect headers

date: Tue, 15 Nov 2022 15:44:46 GMT
x-content-type-options: nosniff
server: sffe
age: 88
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Tue, 15 Nov 2022 16:14:46 GMT

POST
H3 200 wardeninit Show response
script.google.com/ Frame 5414 94 B
101 B 134ms
134ms XHR
application/json 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://script.google.com/wardeninit?_reqid=56775&rt=j

Requested by

Host: script.google.com
URL: https://script.google.com/static/macros/client/js/939463806-warden_bin_i18n_warden__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2c59dd854a9a02c84e39984d161142ed47c7f9682bb60fff1a03b44ab297532

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

X-Same-Domain: 1
Referer: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3

200

loader.js Show response
www.gstatic.com/charts/ Frame 0ED4
Redirect Chain

https://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

65 KB
19 KB

21ms
21ms

Script
text/javascript

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19937
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Tue, 15 Nov 2022 16:41:42 GMT

Redirect headers

date: Tue, 15 Nov 2022 15:44:46 GMT
x-content-type-options: nosniff
server: sffe
age: 88
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/charts/loader.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Tue, 15 Nov 2022 16:14:46 GMT

GET
H2 200 970x250.html Show response
vivanews.asia/ Frame 7C53 2 KB
1 KB 749ms
168ms Document
text/html 64.156.14.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/970x250.html

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.156.14.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

64.156.14.61.vultrusercontent.com

Software

nginx /

Resource Hash

39d12e48738bfc25cc394332a5bb0e5c2970a112b8ba714903ac996cde90a70e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 15 Nov 2022 15:46:14 GMT
etag: W/"636b48d7-942"
last-modified: Wed, 09 Nov 2022 06:29:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: ALLOWALL

GET
H2 200 970x250.html Show response
vivanews.asia/ Frame ED8D 2 KB
1 KB 848ms
335ms Document
text/html 64.156.14.61
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://vivanews.asia/970x250.html

Requested by

Host: n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
URL: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/userCodeAppPanel

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.156.14.61 Los Angeles, United States, ASN20473 (AS-CHOOPA, US),

Reverse DNS

64.156.14.61.vultrusercontent.com

Software

nginx /

Resource Hash

39d12e48738bfc25cc394332a5bb0e5c2970a112b8ba714903ac996cde90a70e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

Referer: https://n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Tue, 15 Nov 2022 15:46:14 GMT
etag: W/"636b48d7-942"
last-modified: Wed, 09 Nov 2022 06:29:43 GMT
server: nginx
vary: Accept-Encoding
x-frame-options: ALLOWALL

GET
H3 200 channeler.min.js Show response
advanced-channeler.02.gz-associates.com/ Frame 8EFF 4 KB
2 KB 88ms
58ms Script
application/javascript 2606:4700:310c::ac42:2cdd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://advanced-channeler.02.gz-associates.com/channeler.min.js

Requested by

Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2cdd , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fe0e52fcb1250ac582d4d84576531e10725e906c3feb23ac010f37ea312881

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:14 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"e57e0b75a1899bce9656ba7156c259b1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQtozcQaq%2FdIMixMfiZV6xw9Xl7OwC8Cnmm1lUj8FK1uqgP7Ln2cfmOCm9KEjHL8m%2BK7pasIKxk1%2Bg%2F0vaeEHMtJ%2FaCPE0PjMxzZLAxbubprwPRbZsaJ8K4mAPuPu7n9VT5c%2FpQZUBiOuxRYBOlqiRPhWRfH3WKHHTackNGT1RBaYJp%2F0l0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 76a91e578ecd90a8-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET cc
rudolph-the-red-nosed-reindeer.ga/ Frame 8EFF 0
0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7C53 79 KB
27 KB 91ms
34ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/970x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50d628fefe710703ccb804c6e52281e408dad6347f258d1d9e676ff3bcb9b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27324
x-xss-protection: 0
server: sffe
etag: "1392 / 540 of 1000 / last-modified: 1668514192"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Nov 2022 15:46:14 GMT

GET
H2 200 cc Show response
too-advanced-for-society.gq/ Frame 8EFF 2 B
535 B 159ms
49ms Fetch
application/octet-stream 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/cc
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3315f44da4a7aaaf8d84382c7583233f697787f5871294ed49cd41207f7375a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advanced-channeler.02.gz-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Nov 2022 15:19:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1590
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bUw0Hko8oShvmTXcRp%2Fr7F0enuz75595RmXAW9DPa8i2CJGuIpXSSgZ684U8CsQJ8RhHK49ICrOiWWeXfbm7EAuf8uGvNQHEViD3ZC9KDYJjV%2FkDM879zWirGcqzxDR%2F1Cp%2FoJcwpSUa7EaF9hq58g%2BN%2F1qNfH03mkE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 76a91e5c29ba8741-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H3 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7C53 382 KB
129 KB 62ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 13:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 13:22:59 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame ED8D 79 KB
27 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: vivanews.asia
URL: https://vivanews.asia/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a50d628fefe710703ccb804c6e52281e408dad6347f258d1d9e676ff3bcb9b9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27324
x-xss-protection: 0
server: sffe
etag: "1392 / 809 of 1000 / last-modified: 1668514192"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H3 200 pubads_impl_2022111001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ED8D 382 KB
129 KB 23ms
18ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 13:22:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132474
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 09:36:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 15 Nov 2023 13:22:59 GMT

GET
H2 200 increment Show response
thegreatbanana.ripservers.com/counter/ Frame 8EFF 2 B
151 B 874ms
123ms Fetch
application/json 64.190.90.88
SKYSILK-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thegreatbanana.ripservers.com/counter/increment?tag=too-advanced-for-society.gq
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.90.88 , United States, ASN399334 (SKYSILK-02, US),
Reverse DNS
Software: Caddy, nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advanced-channeler.02.gz-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 15:46:15 GMT
server: Caddy, nginx/1.14.0 (Ubuntu)
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

GET
H3 200 / Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 3 KB
2 KB 80ms
42ms Document
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0837d6d5c28e593c753f6efd5ec842f1737332184b67e2d07d1e1684304dd75f

Request headers

Referer: https://advanced-channeler.02.gz-associates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=172800
cf-cache-status: HIT
cf-ray: 76a91e5cdb5b697f-FRA
content-encoding: br
content-type: text/html
date: Tue, 15 Nov 2022 15:46:15 GMT
expires: Thu, 17 Nov 2022 11:26:15 GMT
last-modified: Tue, 15 Nov 2022 11:26:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yJ4zpJQEP8ZEGhtj%2FLsEIhuCT90ALRqNwXrvQHhORLOyg6CXtPerI%2BWdRrsp%2FJErjezxnASGqXiWUZTed53DZhr%2FsaGcV8bSGD9QwJrpy8O2GUH1mBV%2FRFXjTy%2B6Ynwp%2FiYGFoyIMikc4SNa3OWLBcYFDCUYErY%2BNH8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 7C53 107 B
792 B 88ms
31ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 7C53 107 B
549 B 112ms
30ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 7C53 20 KB
9 KB 62ms
62ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2037983924223643&correlator=34124381651459&eid=31070116%2C21065725&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=22844651693%2Cads_a&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1665673251&sfv=1-0-40&sc=1&cdm=vivanews.asia&abxe=1&dt=1668527175170&lmt=1667975383&dlt=1668527174873&idt=265&adxs=8&adys=8&biw=-12245933&bih=-12245933&isw=975&ish=255&scr_x=-12245933&scr_y=-12245933&ucis=cj5tqid555tn&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Fvivanews.asia%2F970x250.html&ref=https%3A%2F%2Fn-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com%2F&top=https%3A%2F%2Fn-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com%2F&frm=8&vis=1&psz=959x250&msz=970x250&fws=256&ohw=0&ea=0&ga_vid=1693659015.1668527175&ga_sid=1668527175&ga_hid=212735843&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

585efd550ad1e8cb860fb9ab5afc92dd5cc369c57b54ad85e29084840b18a115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
google-lineitem-id: 6152990858
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412446901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vivanews.asia
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET container.html
c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4535 0
0

GET
H3 200 require.js Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/bower_components/requirejs/ Frame CBE0 84 KB
22 KB 53ms
52ms Script
application/javascript 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/bower_components/requirejs/require.js
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e00385d65866a4e682284fcf3adca1fc357f06edbac63f41ffa25dd07c672bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15600
etag: W/"61d860e6-150f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i443Bg1cBvVtfKykIQgWg713rLmsxbzfcsGlINkVOo9%2BXPPkLRlnR69IsU3SxiHkQa9WIFqObVHLCYUcUrK7Ntw7vDu49%2FYUPKLUYqMiWtwewE9BpVYmvGrxvxsRY%2FUS%2BpxYdqjcHvi9ZHeZPnkYVoYLgXaPmLzUpIw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e5d2c01697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 11:26:15 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame ED8D 107 B
165 B 33ms
32ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame ED8D 107 B
165 B 48ms
42ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=vivanews.asia

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame ED8D 20 KB
9 KB 67ms
67ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1445239714889351&correlator=4097917877467040&eid=31070747%2C31069925&output=ldjh&gdfp_req=1&vrg=2022111001&ptt=17&impl=fifs&iu_parts=22844651693%2Cads_a&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=1&adks=1665673251&sfv=1-0-40&sc=1&cdm=vivanews.asia&abxe=1&dt=1668527175239&lmt=1667975383&dlt=1668527175039&idt=186&adxs=8&adys=8&biw=-12245933&bih=-12245933&isw=975&ish=255&scr_x=-12245933&scr_y=-12245933&ucis=wcd87j8ixnrk&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=4&url=https%3A%2F%2Fvivanews.asia%2F970x250.html&ref=https%3A%2F%2Fn-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com%2F&top=https%3A%2F%2Fn-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com%2F&frm=8&vis=1&psz=959x250&msz=970x250&fws=256&ohw=0&ea=0&ga_vid=927195120.1668527175&ga_sid=1668527175&ga_hid=2100281155&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33cdf29643259acd7c75da173d655022632b4b49df0bf2a3b9a04c1edda2cb92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
google-lineitem-id: 6152990858
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412446901
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://vivanews.asia
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 395E 6 KB
0 50ms
35ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:15 GMT
expires: Wed, 15 Nov 2023 15:46:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 855C 6 KB
3 KB 28ms
27ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:15 GMT
expires: Wed, 15 Nov 2023 15:46:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 855C 24 KB
7 KB 78ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
URL: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 555379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 05:29:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 855C 166 KB
54 KB 199ms
134ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Requested by

Host: c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
URL: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb19e0de58076b54e4f259d0adaab137eb2b3482a9a6ca17b18a62f2b964a70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
Origin: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54990
x-xss-protection: 0
server: cafe
etag: 809641073932261127
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 855C 154 KB
48 KB 111ms
47ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
URL: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H3 200 version.js Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 439 B
672 B 57ms
57ms Script
application/javascript 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/version.js?v=1
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d16a332a866ec578b45bc81cefbbc735326ca910f076323283b46afb9231850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15599
etag: W/"61d860e6-1b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5kIedwWgjp9IA4miSKp%2F0Mj%2FdCIg8SiwxhBHt42FKcXyrJzmB7DtHCiZ2eWkaGD0D%2FPyWEiul%2BqLD%2BsKeOCu5H1CHOxfnGzUYD77JeZLzt8c1K%2BfrpUMrk%2BI7GzGayIe2dX6nx5oQclCeqiPpS2S4BgW6JfYSq1zjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e5dcd5c697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 11:26:15 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED8D 14 KB
11 KB 122ms
73ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd69062b6e7d67ea26d03636a38c211a94dda02033bf88e2789e39dd351fde06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11172
x-xss-protection: 0

GET
H3 200 container.html Show response
8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CFDF 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:15 GMT
expires: Wed, 15 Nov 2023 15:46:15 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CFDF 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com
URL: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 05:29:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 555379
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 09 Nov 2023 05:29:56 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame CFDF 166 KB
54 KB 117ms
110ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Requested by

Host: 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com
URL: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bba28c5d995efe029050f74789fc180394304271c07176e16eaa93b7299daacc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
Origin: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54991
x-xss-protection: 0
server: cafe
etag: 4231274192043083148
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFDF 154 KB
47 KB 84ms
77ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com
URL: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H3 200 fireboy-and-watergirl-forest-temple.min.js Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 2 MB
447 KB 77ms
77ms Script
application/javascript 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/bower_components/requirejs/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c11026bdee1e69bcbbf5ae18a54f7ee15d97d0d49093294a1e5822511330832

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 15599
etag: W/"61d860e6-223b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQP8Sl5qqWid4ncx%2FZveWnB2bANuAjeCjmF6tJv2B5P209YrVgQQdamSlrtzdeOEabGZc9e8zkp2vuqMyY1%2BR%2FSk5Z23lkz1hMs393TWYFOQb%2F5rmF7LHMozO0%2FSQ1GGHnfxQzDmV3bpot%2F1f3VzuuJmSvpUuqYwBQo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e5e2e1d697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 11:26:16 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 855C 0
0 84ms
84ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwPEUkIIaCqT-fOjWQQGAy-Ts8dVU5eAwGCU2XkbzTnjJTSbsh4x_z_FjKtGC0NIaQmAo298QRTvojmfa7GLPQRltwrpL8g911XkemQc27o_wuL_mipJ87nulbgMrcGE5S1IpI9gi8obmqgY0LjYPHvpus0_D5JyQapMX1JJQPfCx62mSzLoj1bk39M5b07CKotGyRu157PRJPfShRNvYYkXRgW5zC7XTKTRYIQ1J1WFe_LdS3nzL2DNVLtjQvO88YVXZLiB4wNZRNeogxVrlSP0z14DiSNAke7r-8GRfVFVx9V2NtIDcxdw&sai=AMfl-YQ0FoiY3x8CwK0H7Bz4CGqiW8FVNAFDobaBcCvVOuAJPi523dp-PV9LVfzQB4kSGLpx7vj3i1rABzofmmqR9Q&sig=Cg0ArKJSzNH005yLZvA5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
URL: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFDF 0
0 78ms
78ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjv07rOEbHcdzoq2duSlqIWKyXk-_5wrhm_6fLvJ5tT5Q99OKY0Al7tT6K5SgO0iKQduIhDRH0RJjCg1lfQ__KoFSTUIcwi9Gpss_PHzki4Nf6x6v7r7bVbhFQKuJzoALA7p5ZW2B9VQfSVT5h3mysxzJOhLvx3nMRipy7zwV59dnmP8EkqOZoSGhXbUoFF_zdy3yXkzYV169sQV1w1oIfswFGgVEgQBiMCduzvUbWdNy_XDZ3TQ7iExf58ooYC1JbBtfabroBkOUhDxoMFjDD_ohc-odkhOISu5Dc_498tOffdGV1oNA2Eg&sai=AMfl-YSVvL7A3lj02FDMv9S3LvJrfRJ3Tz4KL5itnd9d-2HL_LgMKIgEB0V8bAEXtpLopYzs_Dc38t5KfAcKPercQg&sig=Cg0ArKJSzH4o3BLdmy79EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com
URL: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame ED8D 17 KB
6 KB 119ms
64ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
DATA 200
OK truncated
/ Frame 855C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99bf48876983008fea17166c1d1d92dbe49e845b108a7aaf38995ddd364cce30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame CFDF 355 KB
117 KB 135ms
91ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aead9e7fa3c7aafc40d641ddf77f2398689da4579ff2569ebb16d6e7ba43c4a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119607
x-xss-protection: 0
server: cafe
etag: 14711636192095985952
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
DATA 200
OK truncated
/ Frame CFDF 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a997ac4510910b83ebce7e5771ad7de0cd33ab051f2265e01f260e9f0aba754

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 1C97 10 KB
5 KB 75ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5033
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:22:22 GMT
etag: 10353107486223812946
expires: Tue, 29 Nov 2022 14:22:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 855C 355 KB
117 KB 99ms
95ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3308065306784993

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f60df2923d74cf2ade9aebc340a4fd1241d941705c285cf5c413a2b9a81f9798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119618
x-xss-protection: 0
server: cafe
etag: 473135325041159454
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Nov 2022 15:46:15 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4B7 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 321
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:40:54 GMT
expires: Wed, 15 Nov 2023 15:40:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0B91 783 B
535 B 32ms
31ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee3f0eed4d21a383f5c836fbe4234c9c5a341b08556ddb6c0a6bab55194c2588

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YjfzsE2P9RI8q3MyNUyEEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vivanews.asia/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-YjfzsE2P9RI8q3MyNUyEEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:15 GMT
expires: Tue, 15 Nov 2022 15:46:15 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame C4B7 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2302
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 15:07:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0B91 0
0 63ms
62ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111001&jk=1445239714889351&rc=
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C4B7 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-p9gDQ
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame CFDF 107 B
122 B 80ms
34ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame CFDF 107 B
122 B 84ms
35ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 129A 0
16 B 163ms
120ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=376782693&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175536&bpp=4&bdt=186&idt=259&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=8297827612656&frm=8&ife=1&pv=2&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.azw9xzc9rhvp&fsb=1&dtd=279

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 855C 107 B
122 B 46ms
33ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 855C 107 B
122 B 53ms
36ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BD65 0
16 B 125ms
117ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&adk=1812271804&adf=376782691&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A33288%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175576&bpp=4&bdt=284&idt=253&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&nras=1&correlator=4663328646530&frm=8&ife=1&pv=2&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=1.z8tyjx8ttj08&fsb=1&dtd=273

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ED2E 77 KB
32 KB 1419ms
1418ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fdc7ce2494f1d81fc3770820f9610d0b5ce3d76784d8b32761f3bd2752aa36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 32301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 71C9 112 KB
42 KB 1672ms
1671ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de8181aa648045da4c8077dd0109787ef817a0d38e9d1531698d9a1b54ab063f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGR_IzEsPsCFUFuwQodYhoOMw&gqi=R7RzY_bXNtTmxgPI_7-ABA&layout=/sadbundle/%24csp%253Der3%24/2121645768295023690/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 43170
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGR_IzEsPsCFUFuwQodYhoOMw&gqi=R7RzY_bXNtTmxgPI_7-ABA&layout=/sadbundle/%24csp%253Der3%24/2121645768295023690/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CBE0 82 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f006c556c753a58b408277de14a33ffdc8a921625cd682042960de78c6df2552

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CBE0 82 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b86ca7249e6f28cc9af909dcc5501e67101273ff2a2a19c408779a0fbf27e733

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame CBE0 49 KB
20 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 15 Nov 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 1821
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 15 Nov 2022 17:15:54 GMT

GET
H2 200 raygun.min.js Show response
cdn.raygun.io/raygun4js/ Frame CBE0 68 KB
21 KB 125ms
25ms Script
application/javascript 2600:9000:223d:4000:17:62f0:2dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:4000:17:62f0:2dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 672c06ecc22211e9e8b8e20f83271a52d81945d1eb9f5b8d2886eb59bbdc7d49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Mon, 14 Nov 2022 21:13:20 GMT
content-encoding: gzip
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 21:15:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P3
age: 66777
etag: W/"677413d0a23da339064232023ede5601"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: b52YN0u6t8o5NW4pvDgiMryrNGmeUO9MTC_tP9rrbdZyV_lt85MOcA==

GET
DATA 200
OK truncated
/ Frame CBE0 106 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88e6382d15edbda0254ba0ad7f224f41b358a21ebfad6e1eed439f5ddf0ea245

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CBE0 253 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42deb9219fc21f52ec47f6de9f2cd7bbd2b6eff02e03fb2e77b935f3f2a849db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 logImpressions Show response
sites.google.com/_/view/ 16 B
64 B 143ms
143ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sites.google.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.de.LixBncWslB4.O/d=1/rs=AGEqA5nVmKPP-6bSWHLhjovRQfK16UXkVg/m=view

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 game.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 123 B
617 B 57ms
56ms XHR
application/json 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/game.json
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0368ef4a326c14b25083d34a8cece4ceb6cf23cf5682ced2d61afd95b73f663

Request headers

Accept: application/json
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9152
etag: W/"61d860e6-7b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Whs5YDPqdkd611YCkqba8ii55RoZNXe%2F%2B%2FSG4P4UtzXUXXMvhjWUb3bIRLCsYUelFT2TwomZkxZzIssj%2FU6Ie7qs29CQqdNr1D3fiFtfJL9WPqG8FUO8eksr2VcRsX6rUyHtXSWfdARnmkPL%2B3dOok%2FhNFFnyzbWw6M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=172800
cf-ray: 76a91e626f72697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:13:44 GMT

GET
H3 200 PreloaderAssets.png
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/assets/atlasses/ Frame CBE0 33 KB
33 KB 66ms
66ms Image
image/png 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/assets/atlasses/PreloaderAssets.png
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62772211f0d9a2d22df9e98dce17c313f4197def23f46ffe4336f9c08ed5d659

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33756
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
server: cloudflare
etag: "61d860e6-83dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWicMTrN2hecynTrxht%2F1a7FxuuDz6X%2FpMiIxxy0SuOGA72ul3Kr6OhtkXD5wc6WwtEzIM36Wexfy9vhy1RHdncJC3rdsvkrv5DWsoxZXHoGQvG36OGZ8pvn6cbZF%2FYR%2FeLEklyRZA2sCcN8omSk4aSx5Xidg20hO0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 76a91e626f75697f-FRA
expires: Thu, 17 Nov 2022 13:13:44 GMT

GET
H3 200 branding_logo_kizi.png
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/assets/images/branding/ Frame CBE0 60 KB
61 KB 36ms
35ms Image
image/png 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/assets/images/branding/branding_logo_kizi.png
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a8bcc5e4756648598b2d944b04b7b77319eeaf457b4803166f50b232bdfc47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9152
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61532
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
server: cloudflare
etag: "61d860e6-f05c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zuX4MjuFcdtzyQ7%2BYoaBhgc8R09TCqM8zbhw1%2Fn2DxoE0HF2eI7qPgJyekPiiPE82lhf0Lv6lgbC2YH0NnXHEhz956dFgaSTXmKJkSXww%2BuvaGUtuvma%2Bx3FS9Q3ZkliWTHyVpEZhgwzWIKKaEMnlDMeioNypgVHmUs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 76a91e626f78697f-FRA
expires: Thu, 17 Nov 2022 13:13:44 GMT

GET
H3 200 PreloaderAssets.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/assets/atlasses/ Frame CBE0 776 B
816 B 34ms
33ms XHR
application/json 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/assets/atlasses/PreloaderAssets.json
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8a41039a69c0b230c47d34fec0b8fbfbaf6adfce4babc73afc384e9d75b5df4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9151
etag: W/"61d860e6-308"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yNZfNrsdaztkXLk2zb5yqt%2B3Ktt1bDVlUR%2FNC2qhrB5k9jSMoOAqfe2CJj%2B6mw3YD8wbQuXpM1pmkLtoIhmfEOjQhO%2FhqNbn5GWzr71rRqMjBbIxAadNlJe9dV5Qohc4DfO1qdOB9vgqvYBEvIu7ICcN9fE9tmkD3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cache-control: max-age=172800
cf-ray: 76a91e6318f0697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:13:45 GMT

GET
H3 404 domains.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/ Frame CBE0 1 KB
923 B 426ms
426ms XHR
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/domains.json?v=1668527176228
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb

Request headers

Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o10RJJgB0pAjYRcLQp%2Bl2Z%2F6voIihEZIqkR3HdW%2FCRzPa4yrlvshVGJBPHJZgdnjQ9Vpg6RT78H4qWU9IMnfAciaPUaCfI3Geu7KVJU2G5pLrojDQCKwrqJtbvjRxijb%2B8dZX0jctDFTnWeo0IL8RYCnVtA86%2FKfM7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 76a91e6379d5697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 sitelock.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/ Frame CBE0 1 KB
919 B 429ms
428ms XHR
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/sitelock.json?v=1668527176228
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb

Request headers

Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jRL%2BoQ9QWfFJSgu8SLNsKu2zRqkfrll02Ur06dAfoDU1gMf9Dx0MxwAtsZkM4kylbnrQjGWND259YE54W0V%2BRsTne6hXALkfapJPZ4ykOovdAaMhbpMfozmRnp5Q2%2FPOqf4hI9UBRwZvMoK6S1KRM7t29AegMTg5EhE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 76a91e6379d9697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 internal.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/ Frame CBE0 1 KB
921 B 455ms
454ms XHR
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/internal.json?v=1668527176228
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb

Request headers

Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCXl5Li%2BHrIbmD5SPOqT5XicJiDj4myVYBmYn3SaOgEaufaH9DFSwUWOKxl4WQ6uU6TTQDCdAShtVDjq7LMsrGOVsOhSoeFV5Y1tJMHkxZs9xzi7kpBtt%2FgXkfZFJJeKtI1vQbuZf4lyQyVinDkA%2FEuQuY5OLadYc4E%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 76a91e6379da697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 contracted.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/ Frame CBE0 1 KB
921 B 426ms
425ms XHR
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/contracted.json?v=1668527176228
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb

Request headers

Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x2BmLMGNaPXZ7wLhpU5Oibb58Lb50Z%2Ba2mRF9HIVm0pU0Dot0izJVC63%2BJVYg2AxuTGp5Dno4%2BLcagW9ORlcSqssdMrDlEGfllMGwS3Anx4LmDCKpwmvoBv8E8GIQ3%2FbBC6%2F1tQ2fdCD4XRs3guKlfdeTz0LC3IiH0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 76a91e6379dc697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 special.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/ Frame CBE0 1 KB
924 B 910ms
909ms XHR
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/special.json?v=1668527176228
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb

Request headers

Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCERLNmaeEcdWxnq0DjVRej8ffvKZoQy5%2FpfiJsaH%2FxEOdKTNUlMowzYvo%2F6JdAFku4Q7HpF9kGIhUvtRzBkBr7Tqh7etzsDqJxGjoO684TMimhOw5%2FZFM0Xh4E7cmxTX4mr%2FK9GYOtmqoYYzSp4q2U6KxYBjAWIL3Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 76a91e6379de697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 404 games.json Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/ Frame CBE0 1 KB
923 B 424ms
424ms XHR
text/html 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/games.json?v=1668527176228
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb

Request headers

Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1XtsVWorxA%2BiLVXtmMdtTKraEjcVv1G%2FAlOa%2BGAvFdbtzL61%2FnSGebP9E%2BstCQOwYPzDX1FLtWi5DlIt7qPP0FRyakHDvnMuXGf7xZeocAFioChRPIXsO3yUgCnlkKPIRPpfqj0KhhOGXOLeoGgxtfsjDwIFiOSJpBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 76a91e6379df697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main.min.js Show response
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 455 KB
96 KB 65ms
65ms Script
application/javascript 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/main.min.js
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 377373c21a8e7fbf892453f74fffe79f1232fd920a820f4ad7b2b3ef253f1023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 9151
etag: W/"61d860e6-71df5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhHpeg1ooqmNUhPXrWEvXbuzhU5FbHtoCo4%2FzVxPXRsJb0l%2BKL0jwJYrn1m5cZaO0juDJ5oL2DbgwO4UqulA6u2DHU7AjI%2B3JbvXM1z%2F1nGU%2B6edBplI6RXDyUdCmtI9oVXfDA%2F5nQ%2BGDD1kKwwSncaIrUnI0FhIxxM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e6389e6697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 13:13:45 GMT

GET
H3 200 gamedistributionid-512x512.jpeg
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/img.gamedistribution.com/ Frame CBE0 204 KB
205 KB 44ms
43ms Image
image/jpeg 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/img.gamedistribution.com/gamedistributionid-512x512.jpeg
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dff45da116cba5a70bae2e9efcdec4ef5e8f4d3035ce332f6eebd27fafd3d137

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208986
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
server: cloudflare
etag: "61d860e6-3305a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZJx%2BvNbDdRomh%2FGanUj9LemE2bGi%2B%2BGvygTv1b%2BGnaze0cvaX%2BOT6gFXojzy5t6BM5rliJU4lyHvPEahnpj8fFXhpvhlECyqwXO1rBmbSX4ilf1OLdS7fuRCLrxtphfS7ySIEMgC54MINWLMhw%2Fb3bdXWfccYZMznZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 76a91e6389e8697f-FRA
expires: Thu, 17 Nov 2022 13:13:45 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/13998/ Frame CBE0 38 KB
11 KB 87ms
28ms Script
application/json 18.66.248.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/13998/cc.js?ns=_cc13998
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1e4096f717f81bae3ab882067d551b060a465345db9920f6b8fbb707c0a7578

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 07:55:29 GMT
content-encoding: gzip
via: 1.1 63d9e08bce2adee06986125b699b4cec.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 01:15:10 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 28248
x-amz-server-side-encryption: AES256
etag: W/"e74652ec9d8d66342625790502de8707"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age: 86400
x-amz-cf-id: HJuWcoib8_z0Jx79jBSzfN-j56EVCGi51mLVgcXNMi9FBO9PlumvqQ==

GET
H2 200 / Show response
game.api.gamedistribution.com/game/v3/get/a55c9cc9c21e4fc683c8c6857f3d0c75/ Frame CBE0 3 KB
3 KB 164ms
41ms Fetch
application/json 34.242.92.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v3/get/a55c9cc9c21e4fc683c8c6857f3d0c75/?domain=advanced-channeler.02.gz-associates.com&v=1.5.59&localTime=15
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.92.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-92-110.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: a7c6ca1dda7fcf8afd22914d396dc40db3ab286b5054e96f33f9e47d02c1c712

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 15:46:16 GMT
cache-control: private, max-age 3600
x-powered-by: Express
content-length: 3091
etag: W/"c13-v9c8ATKBfdsMniluNJBr4qAmyGQ"
content-type: application/json; charset=utf-8

GET
H2 200 increment Show response
thegreatbanana.ripservers.com/counter/ Frame 8EFF 2 B
52 B 126ms
125ms Fetch
application/json 64.190.90.88
SKYSILK-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thegreatbanana.ripservers.com/counter/increment?tag=ff.too-advanced-for-society.gq
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.90.88 , United States, ASN399334 (SKYSILK-02, US),
Reverse DNS
Software: Caddy, nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advanced-channeler.02.gz-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 15:46:16 GMT
server: Caddy, nginx/1.14.0 (Ubuntu)
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

GET
H2 200 cc Show response
look-at-those.penguins-and-magic.gq/ Frame 8EFF 2 B
486 B 521ms
433ms Fetch
application/octet-stream 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://look-at-those.penguins-and-magic.gq/cc
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3315f44da4a7aaaf8d84382c7583233f697787f5871294ed49cd41207f7375a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advanced-channeler.02.gz-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ThnsE5PA2P9XoGbSux1lGqXhrx0Lw65LfIw1H23CTGMZM2V5RvMjXIuXyZX7585QgUkDKYLrG7668ICXH4%2Bib2Buzc%2FU00SNdJ0kOP2PSgcTSsjx0stWGPjhMQ2XnLuFEsP78OwyObMdXEuxceNMo25yaBEMwI6bzHO58j%2BeHnhh4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cf-ray: 76a91e6549689034-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ED8D 0
0 60ms
59ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111001&jk=1445239714889351&bg=!enmleT3NAAbvMpMzzzI7ACkAdvg8WmH1KvT0V27kGGDkgojqt7UGLpul9wMkrPsJ8t8rZXYDpsCfrwIAAADGUgAAAANoAQcKABdWzwzSK4JE4J7C9c-XN-ycoQ5DTJUCbZkDenFIUlhjWOxErnB3Sin_Npn3TRfmd1p1yHqnFlspOwqqp3RG1LRtTcrAikQ0zbSAimM6BTbzMO2noylBwMMiGdVRv32fUxlvC4SViWhnpuS67coXlyYQ0LioD7yDNxuY0C5C-dnqdoEPEujHkTnSk3O3D-xK6IFAQUSsOtpMgtizXgw90me9jI-NTwACczNvVXb-c8W2LvysGBqVauorpzt6Yq2Tw_K6vTaegKU5_7QMEYC1UNInBk08LviNmynTNTGTKfA_GIwYtMubbUyjDDdxiRPBinLl7viYY39jUtKKDtfkTUmJUsCHUB68Q9_KHYOgRqMvdAo1rEdr2I8K7TzOwLwDOkKQsqU--Dbq411h0HUyQz2dTdRO1GvaYZAZ7j7xzgo7w2sDnfuWlTpXzRa77_ZRXL-mYT7yAmvTIN1C0Dh1YmIdo5ARJYNFV0Gm0Os0XLGBbFa38VqQQLhy2VMgOsr_jRhI2tR5J-874WIMQWAp_c-mEybv0XX6JZKNF4mDtWQ7ZwoAFg_QqjFjaolyKdSqEbli3HIkbc7opHliMM3wORi5AqsZZUI04oMlZySneDGYxZC-2Y2yXxfCsABvosEoe6LN73QidDZYuP7CXnt5Du6ModfcyW6NbjU9Tjz6dEG5-fS5_Y1a7YvZtYx5cndW_Zzi7llYhhqdiFwn1LnTVlOwOr9Ni07uCS4FuGv4jEqW5IYMtcNYokpn9h3rgZ0n_IsEyUezINlwQcIIEQ1IKc5N-RSEMeW3e4N7b5FqX8qH9gcyiU2wgu5vIKLriAv5jYtFYp-FOjXlqRlMx8lZF3CAiKEd_eLe1uw_94jKaIX0kMOGT69ZOGJMOPBavFHCYn_xWiry0S-dIm0y3OXkrK8EKkEX6Xbl4SP07ytfmK0Zs-X53msyn1IN_YzlKBXf_Y9bKOu8m4bFJwAh6jXhKLp3W5oge3BU5ImsjdOifQIGMXMJbtCtuSh2bAhC2Pn7Idz35KOxvPJxhW9AKcfIdbsTLeQabCKyQUhgtu8iB-P4JSuKEqjaAYQt86R9AMWtDEXl3HH927tskHb8EfKsxNpuoma86-SYFPwvi7LwH54pczzylbK9AlctKztc_ZTDaZl4uHeGlLyYvxBvE4BlWvT4bubg1KJ-ujas38PsYk_LKuxqBM-SLenAyL7a04cdOECOIAqR
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H2 404 rt=ifr Show response
bcp.crwdcntrl.net/5/c=13998/rand=256190941/pv=y/act=play/med=game/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20too-advanced-for-society.gq/int=%23OpR%2386566%23too-advanced-for-society.gq%20... Frame A981 181 B
409 B 152ms
43ms Document
text/html 52.49.181.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=13998/rand=256190941/pv=y/act=play/med=game/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20too-advanced-for-society.gq/int=%23OpR%2386566%23too-advanced-for-society.gq%20%3A%20Site%20Section%20%3A%20tmm-fireboy-watergirl-in-the-forest-temple/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/13998/cc.js?ns=_cc13998
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678

Request headers

Referer: https://too-advanced-for-society.gq/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 181
content-type: text/html;charset=utf-8
date: Tue, 15 Nov 2022 15:46:16 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.28.146

GET
H2 403 gameDistributionV1.1.min.js
hb.improvedigital.com/pbw/ Frame CBE0 0
0 187ms
66ms Script
application/xml 2600:9000:20eb:5800:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/gameDistributionV1.1.min.js
Requested by: Host: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5800:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 branding_logo_kizi.png
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/images/ Frame CBE0 19 KB
20 KB 36ms
36ms Image
image/png 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/images/branding_logo_kizi.png
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98ac6bf46e464c6b8451f938484522540c95dafa41ec133b1e6ceaeffdbe5d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9150
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19667
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
server: cloudflare
etag: "61d860e6-4cd3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zr6Qp6E631BmZHXtE4CevFpU4xapo6o3fwY8ZFnsQjkV2oFPG%2FqY6GayZUJao2U5QPpyUlusLTKrXYV%2FMQKCVgpijkMVOv6Wnb1l%2FJOZFbiXZqkZdZwXo80N0HYbkEyQvI3ymYxSPX9IdYzLeR76W1369XAOkXJeiso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 76a91e662fa3697f-FRA
expires: Thu, 17 Nov 2022 13:13:46 GMT

GET
H3 200 gamedistributionid-512x512.jpeg
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/img.gamedistribution.com/ Frame CBE0 204 KB
205 KB 50ms
49ms Image
image/jpeg 2606:4700:3032::6815:351f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/img.gamedistribution.com/gamedistributionid-512x512.jpeg
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:351f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dff45da116cba5a70bae2e9efcdec4ef5e8f4d3035ce332f6eebd27fafd3d137

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:16 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9151
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 208986
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
server: cloudflare
etag: "61d860e6-3305a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BnnEF8cDecmXjVzFxxkoxGGHfQYXqMJNsGBhuQHg63qJxt9Nm%2FB%2BUCIp7pPD4mvlOfyJeHyG%2F%2FaG%2FEkLJU29f%2FO2T%2BNVGgdSj1T8uxPLUqPuvi0QsJRt1rDlqQHMwrBmQhOWgJXFjmVVFxEg1kxe3l2eg8YduVjBWR8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 76a91e663fbb697f-FRA
expires: Thu, 17 Nov 2022 13:13:45 GMT

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame CBE0 2 B
152 B 81ms
40ms Fetch
text/plain 34.242.92.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.error&ar=W3siZ21pZCI6ImE1NWM5Y2M5YzIxZTRmYzY4M2M4YzY4NTdmM2QwYzc1IiwidGRtbiI6InNpdGVzLmdvb2dsZS5jb20iLCJkb21uIjoiYWR2YW5jZWQtY2hhbm5lbGVyLjAyLmd6LWFzc29jaWF0ZXMuY29tIiwicmZyciI6Imh0dHBzOi8vYWR2YW5jZWQtY2hhbm5lbGVyLjAyLmd6LWFzc29jaWF0ZXMuY29tLyIsImx0aHIiOjE1LCJjdHJ5IjoiREUiLCJkcHRoIjozLCJ2ZXJzIjoiMS41LjU5IiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoiQmxvY2tlZDogaHR0cHM6Ly9oYi5pbXByb3ZlZGlnaXRhbC5jb20vcGJ3L2dhbWVEaXN0cmlidXRpb25WMS4xLm1pbi5qcyJ9LCJ0dGxlIjoiRmlyZWJveSAmIFdhdGVyZ2lybCAxIEZvcmVzdCBUZW1wbGUiLCJzaXplIjoiMTE1MiB4IDY0MCIsImJybm0iOiJDaHJvbWUiLCJicm1qIjoiMTA3Iiwib3NubSI6IldpbmRvd3MiLCJvc3ZyIjoiMTAiLCJieWxkIjpmYWxzZSwiaW1ndSI6ZmFsc2UsImllZ3UiOmZhbHNlLCJpdGd1IjpmYWxzZX1d&ts=1668527176781
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.92.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-92-110.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 15:46:16 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET event
ana.tunnl.com/ Frame CBE0 0
0

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame CBE0 2 B
152 B 82ms
43ms Fetch
text/plain 34.242.92.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.loaded&ar=W3siZ21pZCI6ImE1NWM5Y2M5YzIxZTRmYzY4M2M4YzY4NTdmM2QwYzc1IiwidGRtbiI6InNpdGVzLmdvb2dsZS5jb20iLCJkb21uIjoiYWR2YW5jZWQtY2hhbm5lbGVyLjAyLmd6LWFzc29jaWF0ZXMuY29tIiwicmZyciI6Imh0dHBzOi8vYWR2YW5jZWQtY2hhbm5lbGVyLjAyLmd6LWFzc29jaWF0ZXMuY29tLyIsImx0aHIiOjE1LCJjdHJ5IjoiREUiLCJkcHRoIjozLCJ2ZXJzIjoiMS41LjU5IiwidHJhYyI6ZmFsc2UsIndobGIiOmZhbHNlLCJwbGF0IjoiIiwidHBjdCI6MSwiYXJncyI6eyJtZXNzYWdlIjoiSGFzIEJsb2NrZXIifSwidHRsZSI6IkZpcmVib3kgJiBXYXRlcmdpcmwgMSBGb3Jlc3QgVGVtcGxlIiwic2l6ZSI6IjExNTIgeCA2NDAiLCJicm5tIjoiQ2hyb21lIiwiYnJtaiI6IjEwNyIsIm9zbm0iOiJXaW5kb3dzIiwib3N2ciI6IjEwIiwiYnlsZCI6ZmFsc2UsImltZ3UiOmZhbHNlLCJpZWd1IjpmYWxzZSwiaXRndSI6ZmFsc2V9XQ%3D%3D&ts=1668527176782
Requested by: Host: cdn.raygun.io
URL: https://cdn.raygun.io/raygun4js/raygun.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.242.92.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-242-92-110.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://too-advanced-for-society.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 15:46:16 GMT
x-powered-by: Express
content-length: 2
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type: text/plain; charset=utf-8

GET
H2 200 increment Show response
thegreatbanana.ripservers.com/counter/ Frame 8EFF 2 B
52 B 126ms
124ms Fetch
application/json 64.190.90.88
SKYSILK-02

General

Check archive.org

Show headers Download Go to

Full URL: https://thegreatbanana.ripservers.com/counter/increment?tag=look-at-those.penguins-and-magic.gq
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.190.90.88 , United States, ASN399334 (SKYSILK-02, US),
Reverse DNS
Software: Caddy, nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://advanced-channeler.02.gz-associates.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 15 Nov 2022 15:46:17 GMT
server: Caddy, nginx/1.14.0 (Ubuntu)
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express
content-length: 2
content-type: application/json; charset=utf-8

GET
H3 200 / Show response
look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 3 KB
2 KB 469ms
422ms Document
text/html 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Requested by: Host: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/channeler.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 0837d6d5c28e593c753f6efd5ec842f1737332184b67e2d07d1e1684304dd75f

Request headers

Referer: https://advanced-channeler.02.gz-associates.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=172800
cf-cache-status: DYNAMIC
cf-ray: 76a91e684f6c717e-DUS
content-encoding: br
content-type: text/html
date: Tue, 15 Nov 2022 15:46:17 GMT
expires: Thu, 17 Nov 2022 15:46:17 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PbMZZyn0yPY88PQtRwF%2FPWVuFEqpmTL64gQ99QZzCbOhYsvswyqrwM6Xy3N4O7H%2BgFr0Q92sX0dUlYD7DIZpdtgTEmUyFtGAy4LQbhIM0a7ly%2F2bzouqkNRD3m%2F%2BFfJP8mXi8APsCL%2FNsHFIWNZK4kyP462pk70QeVfEGtxTHRCjqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET temple.json
too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/data/forest/ Frame CBE0 0
0

GET
H3 200 17556833525010338772
tpc.googlesyndication.com/simgad/ Frame ED2E 109 KB
109 KB 26ms
26ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17556833525010338772?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnQZtqeuxy0U3kkkWcpoY2V149BFw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e4c95bbcdf75e28e81fae6710f1fd58a2f4b7b120c9dcb4041d45ba95aad07d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 09 Nov 2022 00:49:51 GMT
x-content-type-options: nosniff
age: 572186
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111886
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 20:21:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 00:49:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame ED2E 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED2E 3 KB
1 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:17:31 GMT

GET
H3

200

B10474315.350139965;dc_pre=COCY0o3EsPsCFZpt4AodhysHoQ;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/ Frame ED2E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.350139965;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.350139965;dc_pre=COCY0o3EsPsCFZpt4AodhysHoQ;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rd...

42 B
63 B

87ms
44ms

Fetch
image/gif

142.250.186.70

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.350139965;dc_pre=COCY0o3EsPsCFZpt4AodhysHoQ;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.250.186.70 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N349404.134426GOOGLEDISPLAYNETWO/B10474315.350139965;dc_pre=COCY0o3EsPsCFZpt4AodhysHoQ;dc_trk_aid=541750582;dc_trk_cid=180854423;ord=2987096071;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED2E 0
0 68ms
66ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CklpVSLRzY7OOApiVigbGo6aQD9equbFtyb3W3asQvKDs1L4XEAEg-4mmUGCVAqAB8PCV-gPIAQKoAwHIA8kEqgTIAU_QM9s8z_LRWYMVG1giFWwwAEIkJBZDdQFB54DSu50a3iBZmGdlfvrmDhzJvcFGpcWi70EIoZRaTGVkK5NnOEa85PLrKUVLMvEZ1avd_RflFhubbMIdg4kiJD9o18dIqe0F8NtaYpSClR3j9FFnDxcYpb2BslDFDmw85qqIG5QWXWpaPyT9Ok-7H5TBW004fQX9FfiVnRDy6x2BKX7FT2ossMcNx1VR4NUhozmDSYEdBLjYBMFnX40W_BZKXYjF33d-ooNs5_hUwATKmomwmgSSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHk8OjbqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMTTAtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTMzMDgwNjUzMDY3ODQ5OTMYAA&sigh=hc5KGWjpD8A&uach_m=[UACH]&cid=CAQSKQDq26N9r1KVSoxXemp2btJXXQxJ4l8v7d7UnxRsmgWpAEORTu3y_c_oGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED2E 18 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame ED2E 0
0 41ms
39ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT1_TCS6Gr7Vnd8bNhL3iG8vhiLTOm4jMX4rLjq_YK1jC3-pKGr7JmD64NkJj1yRnW2KnpxZu-5hor2ogzwHaPfGTLVxA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED2E 154 KB
47 KB 78ms
34ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 15:46:17 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame ED2E 34 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 04:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41162
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: cafe
etag: 7011066814545187240
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 04:20:15 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0F28 143 B
166 B 21ms
20ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9082 1 KB
643 B 21ms
21ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:17:40 GMT
etag: 48472445140208031
expires: Wed, 16 Nov 2022 14:17:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame ED2E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba85df0fb85ff901912910a29f2aad2966f4f514afc7149c09cfd55636320b74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9082 35 B
465 B 76ms
22ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMjpiNARE1QjO_LAFaPpPKI&google_cver=1&google_push=ASkJ3FYa1C5X9LMLtrKzhWhKZ8fR1GChS3xw1scszPl_Nk2fQ-gAxGCIhOlYIB16tvRYohmM4ACh7Tr9Ize7ZFQtejNEOiwOiYrTlBlZBH7ecv_lKzCOykvBVB1E2EvRz-KFik8356WxeJfrM2_yeD_UQlI

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 -, , ASN (),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 9082 0
98 B 83ms
30ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FaYUuQtLFvhHGqIWiw-G6NcKAYaWZ_i9FnNpKR5y2B6LmBHSNRGWc1t_XCX4_m3pDTAtqMzePS1rFkdAs2V2oT20Vp4BP3PvPSNwJIzLPeKrsvYoUmRLkgKFCmW-Q0ATF_HHt61KOwoPeelqRIZioI&google_gid=CAESEHl1QtDiKfiq30YtCLpkre4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame 9082 43 B
351 B 146ms
32ms Image
image/gif 35.186.253.211

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEIsr9ivgIjISaPZ-ccipyY&google_cver=1&google_push=ASkJ3FYedRnmWqhcEYgL1345CvWPZq9Cg-RpdBQ3jLUXLPN6qe2nmRsosmFZPvtLEvOwwJw-jjy3AzF0DJXm6-L9mk5Bi3jTcf9ngBd-6qNM_3wwZxP29jbjj-Yu7ca4WcMWQHy3gZmefhL8IQvFPr6cBmU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087035&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175540&bpp=2&bdt=189&idt=322&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8297827612656&frm=8&ife=1&pv=1&ga_vid=817203117.1668527176&ga_sid=1668527176&ga_hid=335972270&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=3102868221&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531705&oid=2&pvsid=850294236372846&tmod=799538220&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.bv5xs02vqawn&fsb=1&dtd=327
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 -, , ASN (),
Reverse DNS
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: l2u3jmr8mg2p5jl3fj7oinq6klk3c0td

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9082
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQWHcTY3Sh6pwMHkXkl3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

33ms
33ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQWHcTY3Sh6pwMHkXkl3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYY4NX8e_feXQUX7l_8W5Slogrw4MI5EEN2Ak1YfaQVxwT5M6UKRs5WhEAGPAztRSAWFLWpM4CydomPVNoOln4anm9-RgU0ZqkSHSjVxwiktHjr_8PuRddVZgKH7JgpxJ5QDmP0hJ2Y5OzMsO6U8V0

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tQWHcTY3Sh6pwMHkXkl3qQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYY4NX8e_feXQUX7l_8W5Slogrw4MI5EEN2Ak1YfaQVxwT5M6UKRs5WhEAGPAztRSAWFLWpM4CydomPVNoOln4anm9-RgU0ZqkSHSjVxwiktHjr_8PuRddVZgKH7JgpxJ5QDmP0hJ2Y5OzMsO6U8V0
date: Tue, 15 Nov 2022 15:46:17 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9082
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENdVXOj63gjzYkVd7doMhCc&google_cver=1&google_push=ASkJ3FZC_A8onuxy0iUgf0sfAmTaVEfRi0_laEXNNFMY0QZllmMPG44V6XVOS8mdEu0KG1i14HG...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRTAxUzQtMjEtNDlDQg==&google_push=ASkJ3FZC_A8onuxy0iUgf0sfAmTaVEfRi0_laEXNNFMY0QZllmMPG44V6XVOS8mdEu0KG1i14HGMIm8ci_U-tBypLgsojzacvSOnw...

170 B
188 B

83ms
35ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRTAxUzQtMjEtNDlDQg==&google_push=ASkJ3FZC_A8onuxy0iUgf0sfAmTaVEfRi0_laEXNNFMY0QZllmMPG44V6XVOS8mdEu0KG1i14HGMIm8ci_U-tBypLgsojzacvSOnwafIE3Yil1Z24tmUOts7pQcs5VULgkf0vtI8oeNIwp_SynzX8j7TQqY

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFJRTAxUzQtMjEtNDlDQg==&google_push=ASkJ3FZC_A8onuxy0iUgf0sfAmTaVEfRi0_laEXNNFMY0QZllmMPG44V6XVOS8mdEu0KG1i14HGMIm8ci_U-tBypLgsojzacvSOnwafIE3Yil1Z24tmUOts7pQcs5VULgkf0vtI8oeNIwp_SynzX8j7TQqY
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9082
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_hm=Y3O0SeOg2pzR5bR6Fgrn-wAABKMAAAAB&google_nid=index&google_push=ASkJ3FZQJh4pyWg9m5VxNWASqJkf5obpNfyjD...

170 B
188 B

32ms
31ms

Image
image/png

172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_hm=Y3O0SeOg2pzR5bR6Fgrn-wAABKMAAAAB&google_nid=index&google_push=ASkJ3FZQJh4pyWg9m5VxNWASqJkf5obpNfyjDfPMO1qZ4uEGm6YVM2zBka1LYye8iewIGUs5OKg1tRpMzFQDGIKcvkj7hNDkxOKn_Z0jbt-hF7Wg9Pwnay-TTDhsRazLWCga4_xXGWjoxFBpdjiHgZtymBw

Requested by

Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple

Protocol

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQf13NhDmwNfdN3Qh1WNbdvnnvEMl%2FCdeeVwmqKmj%2B7QiPXKQyDMXBwoAfA%2BFSEoN4njIaE1lg%2BvEzCcTuihDMFWs7QlQHSNAQ3NWreqEUNnmMoR1X6nfsveLBhipWmkyBRlejYLZaTQ2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJzYSwl2SueVIJ1ufR56QfM&google_hm=Y3O0SeOg2pzR5bR6Fgrn-wAABKMAAAAB&google_nid=index&google_push=ASkJ3FZQJh4pyWg9m5VxNWASqJkf5obpNfyjDfPMO1qZ4uEGm6YVM2zBka1LYye8iewIGUs5OKg1tRpMzFQDGIKcvkj7hNDkxOKn_Z0jbt-hF7Wg9Pwnay-TTDhsRazLWCga4_xXGWjoxFBpdjiHgZtymBw
cache-control: no-cache
cf-ray: 76a91e6c4a819b7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 9082 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9082 0
223 B 94ms
30ms Image
text/html 172.217.18.2

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KTUEE-GE_9nybCgPdrQlWvUvx2hPErHoePK-SIieg4nghnutW99-pCg8gZy67YjnGZeWdbBg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 -, , ASN (),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0F28
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

36ms
34ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
expires: Tue, 15 Nov 2022 15:46:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 require.js Show response
look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/bower_components/requirejs/ Frame CBE0 84 KB
22 KB 51ms
51ms Script
application/javascript 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/bower_components/requirejs/require.js
Requested by: Host: look-at-those.penguins-and-magic.gq
URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e00385d65866a4e682284fcf3adca1fc357f06edbac63f41ffa25dd07c672bf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33029
etag: W/"61d860e6-150f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXpYTaWLHGpl5wZxOvEwqCgmld%2F3w8JznilyayK3B5epmTBYeMhoMQcfKnG8zO6QI1Ygi8Ntx1qD2yfDE8QjKhglX2uV50I88Gh5fPzmxFmqGgAdfxGNbfGhHNd4HDRGtHoWNrz51KE51L6q7p663NUQabSZGO7jUzkXL8ePbZRN4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e6b1ccf717e-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 06:35:48 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame CFDF 0
0 116ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgk1Rvs8kpCNsVcwQVJVb_OBcIoxQVxxvHj0en8BE6-tKBUrWLuSku1lWLxvvHveJUakEXvUdyLiefcTIZWkAwPWJtYRsy5Stuuf-sNEEsOjVSqYzCZ3a7ZOMrySNPh-X01ZwJEnbGt5q66ISnZekwKbOiBIM9n8jdRCtPivssYGYqTxYQVRare8LEhnyWzIPozbRpAFUtN0lA_GyCQbmVQMwQUeT7TS52gU87Y26A2HUwkVYbGHAevIzMWTa2xHtZwzx8EJ8iViNP6xLb4zWppBedNzvhT6AHKy_FYKCe2sJiT4nX77yG8R3O&sai=AMfl-YR45yu_aT_WHAc84pvhDVKdYMRGm28nQs5zjYk6lpmK81HAyc6a_8e066IoJG5mLg_IsYUw2waz8oZNcVatZQ&sig=Cg0ArKJSzNV7BroyD4wCEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 15:46:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame CFDF 15 KB
11 KB 116ms
75ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3968a873cc2df165f85204343d75f9bd375eb0593b94d0cd44036262e13a855f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11356
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7171 36 KB
16 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 15:07:53 GMT

GET
H3 200 version.js Show response
look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 439 B
680 B 51ms
49ms Script
application/javascript 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/version.js?v=1
Requested by: Host: look-at-those.penguins-and-magic.gq
URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d16a332a866ec578b45bc81cefbbc735326ca910f076323283b46afb9231850

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33029
etag: W/"61d860e6-1b7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAMgJbk8QxnZOr6scltoFUaIalC8rTInFabMDnBktLIjXjA1A9bDXkOc%2F9jtqH6gN4QDWB6zNRgNvl17IDiofI4xBtHG9Ju4gdftHdlBVXLsg8HP9Zqn%2F6IP80PrCPrGpqw52Qs5uXtFqTxNXnrNvh0tTkrAtvKYf%2F4NKWvP89hBww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e6c1e95717e-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 06:35:48 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/ Frame FC17 3 KB
1 KB 28ms
26ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1ef6b829f09f24ba7ecd00bc827728da9d2ff6cecff9d5879fef77be28edda3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 510842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1296
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 17:52:15 GMT
expires: Thu, 09 Nov 2023 17:52:15 GMT
last-modified: Fri, 10 Dec 2021 12:35:54 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 71C9 23 KB
9 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame CFDF 17 KB
6 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 15:46:17 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 71C9 0
0 112ms
112ms Fetch
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXWEgR7RzY7HSOsHchQbitLiYA6rouNtq-6aN0s0Q0cfK4fk2EAEg-4mmUGCVAqAB8K2e_gPIAQmoAwHIA0iqBMsBT9AjDK8wzwr5wO9Ao-qySFb4bjl_ilellQm0P-lfH_Jci3qAkuObQEK2cEuLe-1-EfDAy2yY_HVyf-YIZCiv-XYnlfepHp0t00bjlBrSIcARCqhHRtKZisf5CZz4P-anc3DDouRlsnB14fIeVu2G5kHDNK6Lw-cK3CJIwWcZB6K69_NgrkYKK2B4bd9fxew3pUISBM5S10CfsgVS52KKLvop4P6PGvKMXt57_bF5AuOtuCSWgWwYQscH8KnEoZo0LEMTD7Iefy-dVTrABLTd_pWWBJIFBAgEGAGSBQQIBRgEoAYugAf40eEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_K0K0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMzMwODA2NTMwNjc4NDk5MxgA&sigh=w3narqg1kLc&uach_m=[UACH]&cid=CAQSKQDq26N9y0cOz_DPjQy-Ysy17rez71P-JQACD-GPvt4X1Cv08unvl7QxGAEgEw&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FC17 6 KB
3 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 16 Nov 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FC17 34 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 16 Nov 2022 09:40:58 GMT

GET
H2 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FC17 236 KB
63 KB 98ms
30ms Script
text/javascript 2a00:1450:4001:812::2006

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 15 Nov 2022 15:46:17 GMT

GET
H3 200 index.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/ Frame FC17 63 KB
12 KB 24ms
23ms Script
application/x-javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16376c1de7eab28183a2bcbe8d37d9b12f1ec390622817ade7140cf19adeb0d2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 11 Nov 2022 08:06:37 GMT
age: 373180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12214
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:35:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Nov 2023 08:06:37 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 798B 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 14:55:47 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 71C9 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:17:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1726
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 15:17:31 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 71C9 18 KB
7 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 14:22:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Nov 2022 14:22:25 GMT

POST
H3 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame 71C9 0
20 B 57ms
56ms Other
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGR_IzEsPsCFUFuwQodYhoOMw&gqi=R7RzY_bXNtTmxgPI_7-ABA&layout=/sadbundle/%24csp%253Der3%24/2121645768295023690/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fireboy-and-watergirl-forest-temple.min.js
look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/ Frame CBE0 2 MB
447 KB 68ms
68ms Script
application/javascript 2a06:98c1:3121::3

General

Check archive.org

Show headers Download Go to

Full URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3
Requested by: Host: look-at-those.penguins-and-magic.gq
URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/bower_components/requirejs/require.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 07 Jan 2022 15:48:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 33015
etag: W/"61d860e6-223b89"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sLn2oXmXgNGNojmrHcmcA%2FL8Q6s1pvDOIr9eGPcO8V5gRbl6oHtogkXtMDE0afOOeXZbMAyZPR4ieSldqEEU048gDNX%2BU019sxxTALjG5BjW2im%2BdrhmuQkrbSg0gAYUoHiLXgZvr8qp51UgMvJW5Ij3tvEucZrzGy3Y6L%2BlXmCS%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800
cf-ray: 76a91e6c9f7e717e-DUS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 17 Nov 2022 06:36:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC0A 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:40:54 GMT
expires: Wed, 15 Nov 2023 15:40:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF72 783 B
535 B 32ms
31ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ffc47b21682e590f6fef586e418f6dcb01d86e45d8111f731434d192a7d4580a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LjeQ1sdId9_PAjSe6s_H5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-LjeQ1sdId9_PAjSe6s_H5A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
expires: Tue, 15 Nov 2022 15:46:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 798B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

33ms
32ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
expires: Tue, 15 Nov 2022 15:46:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 15:46:17 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 l
www.google.com/ads/measurement/ Frame 71C9 0
0 29ms
29ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYtKg975Wjnxq8qpYFsF6ZBK_wBpqKDEfPkPwUiV8QzXHI3P6H98R98DWAdAZl_l1fHjz2qXQlJHlhN4wCa_EEbqXWpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 71C9 154 KB
47 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48265
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Nov 2022 15:46:17 GMT

GET
DATA 200
OK truncated
/ Frame 71C9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d5718b0811702e583ddb1e97a20bfe1f51414849ff0533a5a4052dec9a0499e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js Show response
pagead2.googlesyndication.com/bg/ Frame FC0A 36 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 15:07:53 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF72 0
0 57ms
56ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=850294236372846&rc=
Requested by: Host: sites.google.com
URL: https://sites.google.com/site/tyroneunblockedgame/fireboy-and-watergirl-in-the-light-temple
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

GET
H3 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/images/ Frame FC17 6 KB
6 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/images/bg.jpg?1637854978265

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 11 Nov 2022 21:17:46 GMT
x-content-type-options: nosniff
age: 325711
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6493
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:35:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 Nov 2023 21:17:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 855C 0
0 68ms
67ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvHSjtR6g3U5dQYxnQdgnFn7JOEopezKBJskKfQS-7ONAnaeSkq139L7PEkv8FHErIxZb9oulHZqq8j1aRCC1m-mVIuT5VJboJwcAb9er2Bso5x1YKQOnUWiIWSvbb_F_Il8EJKgXufYoqckDQL7lcZrG79P-oKxuFpSZJg2VRr6W8_ei4o6v2N5Q9nj8aIh9EKN2zNp-Wpr6TSXTibZJMplhodrXU00JTDxRD05KF_x3oWd94LYM8E3cMEtl4nYMymayK-u9HmSjtny13j8U4Xu002SZD0aJsmzWsoXcdmv1zwGSu9Plj9wPeZ&sai=AMfl-YR8fUhiwWmXlUH026Un3tz2oJcC49UMVy9_y01aWgjdEehkq4cerObtRvoLnnWMKsBuPRn0-EQY-6TV055Q6Q&sig=Cg0ArKJSzHF91ojQnyW-EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Nov 2022 15:46:17 GMT

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 855C 14 KB
11 KB 77ms
77ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3308065306784993&plah=c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11153
x-xss-protection: 0

GET
H3 200 sodar
pagead2.googlesyndication.com/getconfig/ Frame 7C53 15 KB
11 KB 76ms
76ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://vivanews.asia/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11317
x-xss-protection: 0

GET
H3 200 rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js
pagead2.googlesyndication.com/bg/ Frame FC17 36 KB
16 KB 34ms
31ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/rVlqs_C6MEoymNIgrpYBY2eJfhVJuMjEUeWab4z9yRM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:07:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15986
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Nov 2023 15:07:53 GMT

GET
H3 200 btn1_n.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/images/ Frame FC17 5 KB
5 KB 34ms
32ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/images/btn1_n.png?1637854978265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 09 Nov 2022 17:52:15 GMT
x-content-type-options: nosniff
age: 510842
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5194
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:35:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 09 Nov 2023 17:52:15 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FC0A 0
10 B 25ms
25ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GPHpOA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Tue, 15 Nov 2022 15:46:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 btn2_n.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/images/ Frame FC17 5 KB
5 KB 22ms
21ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2121645768295023690/images/btn2_n.png?1637854978265

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 12 Nov 2022 19:50:09 GMT
x-content-type-options: nosniff
age: 244568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5394
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 12:35:54 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Nov 2023 19:50:09 GMT

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7C53 0
0

GET sodar2.js
tpc.googlesyndication.com/sodar/ Frame 855C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: advanced-channeler.02.gz-associates.com
URL: https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple

Domain: rudolph-the-red-nosed-reindeer.ga
URL: https://rudolph-the-red-nosed-reindeer.ga/cc

Domain: c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
URL: https://c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=4

Domain: ana.tunnl.com
URL: https://ana.tunnl.com/event?page_url=https%3A%2F%2Fadvanced-channeler.02.gz-associates.com%2F&game_id=a55c9cc9c21e4fc683c8c6857f3d0c75&eventtype=3

Domain: ana.tunnl.com
URL: https://ana.tunnl.com/event?page_url=https%3A%2F%2Fadvanced-channeler.02.gz-associates.com%2F&game_id=a55c9cc9c21e4fc683c8c6857f3d0c75&eventtype=1

Domain: too-advanced-for-society.gq
URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/data/forest/temple.json?v=3

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOjTVLAvudEhYVZDNl6a9KQ&google_cver=1&google_push=ASkJ3FYqRIN4PDPkUKB4ujopYmO2159lyRcFyhMr5JkfPpzFaS4PPXjRxF-2zCoJgCMSONZOZtT4B7PzcNnxsWqwcipr_x62MiI7mXfSKq-uRaaBqwfnx2f9bLBfRBk_Pg2QbCmEDWniMa3F3_YbPJ7V8Pw

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-20 11:52:18	Name: NID Value: 511=nblk2AFl528gVLn6FEZvvwlq-wIknZn5Uk9KxQljHzWIYBAWl5nFx5ml1TJ-cHNPm6VFXWy1EHUA-vs0lC-ODS4WkCsmXkUAvM8FbQmQVzSGKL-vQnlv39aL9YmRiSAFL6WC8GleBIMxLYEFIczZ4A__xNJbVHUx9QgMIaaSrFs
.sites.google.com/	1970-01-20 17:04:47	Name: _ga Value: GA1.3.1512805462.1668527173
.sites.google.com/	1970-01-20 07:30:13	Name: _gid Value: GA1.3.497596260.1668527173
.sites.google.com/	1970-01-20 07:28:47	Name: _gat_gtag_UA_130251524_7 Value: 1
.doubleclick.net/	1970-01-20 16:50:23	Name: IDE Value: AHWqTUnN2iQy1lpphi_RnfO4h9gjxLgpevR2k37u0N3zc4aglNscM6qMbuqLEYy4x1E

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec(Line 8) Message: Unrecognized feature: 'ambient-light-sensor'.
other	warning	URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec(Line 8) Message: Unrecognized feature: 'speaker'.
other	warning	URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec(Line 8) Message: Unrecognized feature: 'web-share'.
other	warning	URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec(Line 8) Message: Unrecognized feature: 'vibrate'.
other	warning	URL: https://script.google.com/macros/s/AKfycbw6skmzuzV7hBorq54SQuZEfsRYc42Zmuyk750Ci5Lvf2IpcPe_E6k814Y_7vraMamN/exec(Line 8) Message: Unrecognized feature: 'vr'.
javascript	error	URL: https://advanced-channeler.02.gz-associates.com/?t=tmm-fireboy-watergirl-in-the-forest-temple Message: Access to fetch at 'https://rudolph-the-red-nosed-reindeer.ga/cc' from origin 'https://advanced-channeler.02.gz-associates.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://rudolph-the-red-nosed-reindeer.ga/cc Message: Failed to load resource: net::ERR_FAILED
rendering	warning	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3(Line 1612) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3(Line 1454) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
other	warning	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3(Line 3114) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
network	error	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/games.json?v=1668527176228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/domains.json?v=1668527176228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/contracted.json?v=1668527176228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/sitelock.json?v=1668527176228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bcp.crwdcntrl.net/5/c=13998/rand=256190941/pv=y/act=play/med=game/int=%23OpR%2386565%23Total%20Site%20Traffic%20%3A%20too-advanced-for-society.gq/int=%23OpR%2386566%23too-advanced-for-society.gq%20%3A%20Site%20Section%20%3A%20tmm-fireboy-watergirl-in-the-forest-temple/rt=ifr Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/internal.json?v=1668527176228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://hb.improvedigital.com/pbw/gameDistributionV1.1.min.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ana.tunnl.com/event?page_url=https%3A%2F%2Fadvanced-channeler.02.gz-associates.com%2F&game_id=a55c9cc9c21e4fc683c8c6857f3d0c75&eventtype=3 Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://ana.tunnl.com/event?page_url=https%3A%2F%2Fadvanced-channeler.02.gz-associates.com%2F&game_id=a55c9cc9c21e4fc683c8c6857f3d0c75&eventtype=1 Message: Failed to load resource: net::ERR_CONNECTION_CLOSED
network	error	URL: https://too-advanced-for-society.gq/tmm-fireboy-watergirl-in-the-forest-temple/cdn.fbrq/@azerion/splash/assets/json/special.json?v=1668527176228 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEOjTVLAvudEhYVZDNl6a9KQ&google_cver=1&google_push=ASkJ3FYqRIN4PDPkUKB4ujopYmO2159lyRcFyhMr5JkfPpzFaS4PPXjRxF-2zCoJgCMSONZOZtT4B7PzcNnxsWqwcipr_x62MiI7mXfSKq-uRaaBqwfnx2f9bLBfRBk_Pg2QbCmEDWniMa3F3_YbPJ7V8Pw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DASkJ3FaYUuQtLFvhHGqIWiw-G6NcKAYaWZ_i9FnNpKR5y2B6LmBHSNRGWc1t_XCX4_m3pDTAtqMzePS1rFkdAs2V2oT20Vp4BP3PvPSNwJIzLPeKrsvYoUmRLkgKFCmW-Q0ATF_HHt61KOwoPeelqRIZioI&google_gid=CAESEHl1QtDiKfiq30YtCLpkre4&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/2121645768295023690/index.html".
security	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3308065306784993&output=html&h=250&slotname=2160528470&adk=1207888702&adf=3138087033&pi=t.ma~as.2160528470&w=970&format=970x250&url=https%3A%2F%2Fvivanews.asia%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668527175580&bpp=1&bdt=287&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=4663328646530&frm=8&ife=1&pv=1&ga_vid=1838775611.1668527176&ga_sid=1668527176&ga_hid=994660156&ga_fc=0&nhd=5&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=970&ish=250&ifk=2196734807&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759837%2C42531706%2C44777508%2C44770881&oid=2&pvsid=949153173983065&tmod=927928418&uas=0&nvt=1&top=https%3A%2F%2Fsites.google.com&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=2.r8jx18t2s76t&fsb=1&dtd=294 Message: Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/2121645768295023690/index.html".
rendering	warning	URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3(Line 1612) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://look-at-those.penguins-and-magic.gq/tmm-fireboy-watergirl-in-the-forest-temple/fireboy-and-watergirl-forest-temple.min.js?v=3(Line 1454) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-rXRu49aQoLdcoge2SW8D3w' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8c18d4d0f5da3fc9767a31c76018fe6b.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
advanced-channeler.02.gz-associates.com
ana.tunnl.com
apis.google.com
bcp.crwdcntrl.net
c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
cdn.raygun.io
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
game.api.gamedistribution.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hb.improvedigital.com
id.rlcdn.com
image6.pubmatic.com
look-at-those.penguins-and-magic.gq
msgrt.gamedistribution.com
n-mn4sd3z2quxoi7hrropb6fhpyblouh7nrdbv5ia-0lu-script.googleusercontent.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
rtb.openx.net
rudolph-the-red-nosed-reindeer.ga
s0.2mdn.net
script.google.com
securepubads.g.doubleclick.net
sites.google.com
ssum-sec.casalemedia.com
tags.crwdcntrl.net
thegreatbanana.ripservers.com
too-advanced-for-society.gq
tpc.googlesyndication.com
vivanews.asia
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
advanced-channeler.02.gz-associates.com
ana.tunnl.com
c1550bcc935d120d0fe0fd377637914e.safeframe.googlesyndication.com
googlecm.hit.gemius.pl
rudolph-the-red-nosed-reindeer.ga
too-advanced-for-society.gq
tpc.googlesyndication.com
142.250.186.70
172.217.18.2
172.64.154.237
18.66.248.90
185.64.190.78
2600:9000:20eb:5800:4:cd76:8580:93a1
2600:9000:223d:4000:17:62f0:2dc0:93a1
2606:4700:3032::6815:351f
2606:4700:310c::ac42:2cdd
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:808::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2001
2a06:98c1:3121::3
34.242.92.110
35.186.253.211
35.244.174.68
52.49.181.242
64.156.14.61
64.190.90.88
69.173.144.138
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0837d6d5c28e593c753f6efd5ec842f1737332184b67e2d07d1e1684304dd75f
0872fc7088ef08ea648b4b34fa9b57e7c742322f8c1c3e4fe56bbf48f69538b9
0a07207b11d5f6eff08c00e44b624eef20b4f870f76dbbd45ed6a9a1844adaef
0a8bcc5e4756648598b2d944b04b7b77319eeaf457b4803166f50b232bdfc47a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1238660c3026a481762d99eb5f3514e640cb0a925a2b272ef6d418b7122851aa
16376c1de7eab28183a2bcbe8d37d9b12f1ec390622817ade7140cf19adeb0d2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
205200acf73f653da1b5f5b306246d80720b4170128314423575d36c35f63bec
2769b236db007e768e8c7270e9fdd11912c617f4c0aff871b3e923fc4d3967f0
297577d52fce5df45a53b1d2e06469f65ee1dcf2e9bfbc8e2f45dbd06a0de8b4
29cf63b3a3f220aa82357afebcfda1a2499327ce2429680ab58af2a87ed19f23
2b545e8dbb9533f8475d1447b87dd73e62d1d193131c313cb954cb9e41202b90
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3315f44da4a7aaaf8d84382c7583233f697787f5871294ed49cd41207f7375a0
33cdf29643259acd7c75da173d655022632b4b49df0bf2a3b9a04c1edda2cb92
3698531ebf8607955693573df0c8106f47ed01adbca6d81e048dab7af146e2e0
3704afefd25c94315efcbcb4513deedbd292002ec51691e6cffe69d2262d7927
377373c21a8e7fbf892453f74fffe79f1232fd920a820f4ad7b2b3ef253f1023
3968a873cc2df165f85204343d75f9bd375eb0593b94d0cd44036262e13a855f
39d12e48738bfc25cc394332a5bb0e5c2970a112b8ba714903ac996cde90a70e
3e3a3cec8493984f163eba7dfc0fee3b3d5fadef04f7c78b1d9a323ab15db692
42deb9219fc21f52ec47f6de9f2cd7bbd2b6eff02e03fb2e77b935f3f2a849db
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4430fd3ae9ba835127e6e79bc2f1e8a0d506a5a082a285bc8097fdfbb79a1592
4680a735991395644275ccb0c3d3614975e5c528a51edf3433cff28d9a7de1db
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d16a332a866ec578b45bc81cefbbc735326ca910f076323283b46afb9231850
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
585efd550ad1e8cb860fb9ab5afc92dd5cc369c57b54ad85e29084840b18a115
5ab873716a815d2b3cdd1cb6635c9028a4a8a6b607a058bfb986e25729ea55b3
5e4c95bbcdf75e28e81fae6710f1fd58a2f4b7b120c9dcb4041d45ba95aad07d
5ed88f03f6695c18d64c91f426e843d3d621b78e6ca79d16ebc2ada5bc506674
5fb19e0de58076b54e4f259d0adaab137eb2b3482a9a6ca17b18a62f2b964a70
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62772211f0d9a2d22df9e98dce17c313f4197def23f46ffe4336f9c08ed5d659
672c06ecc22211e9e8b8e20f83271a52d81945d1eb9f5b8d2886eb59bbdc7d49
6a997ac4510910b83ebce7e5771ad7de0cd33ab051f2265e01f260e9f0aba754
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
73537bc32f59176164bf424ddee4e2c9c8792a1199283b99f3edfd152fddf6fb
770de255552a7557975420998849f18950da44c03bc70087acbb177467021bc4
7777e71c0bf1e9beeb9fb8c7ee5c9a81897bf05f02d6118f617f442b9462f3fe
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7c11026bdee1e69bcbbf5ae18a54f7ee15d97d0d49093294a1e5822511330832
7d5718b0811702e583ddb1e97a20bfe1f51414849ff0533a5a4052dec9a0499e
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
86a2980fad101ce91ec522fa4b087674e4daa4009efb66880fb9df162e1823be
88e6382d15edbda0254ba0ad7f224f41b358a21ebfad6e1eed439f5ddf0ea245
8b378678c970d59b708eb6200b3bb325bfc89d1b400e0f59b9ae76b96cf80438
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
99bf48876983008fea17166c1d1d92dbe49e845b108a7aaf38995ddd364cce30
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9fdc7ce2494f1d81fc3770820f9610d0b5ce3d76784d8b32761f3bd2752aa36a
a0368ef4a326c14b25083d34a8cece4ceb6cf23cf5682ced2d61afd95b73f663
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1e4096f717f81bae3ab882067d551b060a465345db9920f6b8fbb707c0a7578
a2c59dd854a9a02c84e39984d161142ed47c7f9682bb60fff1a03b44ab297532
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50d628fefe710703ccb804c6e52281e408dad6347f258d1d9e676ff3bcb9b9f
a66b254edfcabcbaf0626a5ff8769babb01a81b2a1ee59671dce713a58106e80
a7c6ca1dda7fcf8afd22914d396dc40db3ab286b5054e96f33f9e47d02c1c712
a8a41039a69c0b230c47d34fec0b8fbfbaf6adfce4babc73afc384e9d75b5df4
ac67eba217cc24846f0d650dbf24e7e1f96928839f20a70ddeba99bfa284ca23
ad596ab3f0ba304a3298d220ae96016367897e1549b8c8c451e59a6f8cfdc913
aead9e7fa3c7aafc40d641ddf77f2398689da4579ff2569ebb16d6e7ba43c4a8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3d79df35222dcf8b4438d92d31d2361edfb3b398b89a9ed377482a144a299d1
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b86ca7249e6f28cc9af909dcc5501e67101273ff2a2a19c408779a0fbf27e733
ba85df0fb85ff901912910a29f2aad2966f4f514afc7149c09cfd55636320b74
bba28c5d995efe029050f74789fc180394304271c07176e16eaa93b7299daacc
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c20c562e8e0e40ee6cff2d4bedff7af51e42ddffef70c87f60d814a8bbeb6552
c98ac6bf46e464c6b8451f938484522540c95dafa41ec133b1e6ceaeffdbe5d6
d3fe0e52fcb1250ac582d4d84576531e10725e906c3feb23ac010f37ea312881
de8181aa648045da4c8077dd0109787ef817a0d38e9d1531698d9a1b54ab063f
dff45da116cba5a70bae2e9efcdec4ef5e8f4d3035ce332f6eebd27fafd3d137
e00385d65866a4e682284fcf3adca1fc357f06edbac63f41ffa25dd07c672bf6
e1c3f54f1622c75ca79a313b300ef4bd593dac0bca5edf428eebf56e6f573a26
e1ef6b829f09f24ba7ecd00bc827728da9d2ff6cecff9d5879fef77be28edda3
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e88865ecfd1f00b5ac0f3f75bfe77308fe40a536b8a046cc6b84e552362170eb
e96a0764601b88a69e05cd4e457e4fd48ec506820f4984c88ac97a57f11a4e6a
eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678
ee3f0eed4d21a383f5c836fbe4234c9c5a341b08556ddb6c0a6bab55194c2588
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f006c556c753a58b408277de14a33ffdc8a921625cd682042960de78c6df2552
f41c19767f2eafb06083042af4b6384e6b8794acf181e8140c5b58ada68f5771
f45405007a3ad2edadaff43f8817dbbdbb41e6b50e91b90c3a006ef73dc0f274
f60df2923d74cf2ade9aebc340a4fd1241d941705c285cf5c413a2b9a81f9798
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fd69062b6e7d67ea26d03636a38c211a94dda02033bf88e2789e39dd351fde06
fe00e8df8c80e1905cabfa7f1a656a352552cc904c039418b7fb656e6821f11b
fe4eb4decb5d59d183892a5771a5e0bb40514090bff4af5a3feed0e89eb3ec6f
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffc47b21682e590f6fef586e418f6dcb01d86e45d8111f731434d192a7d4580a

sites.google.com Open in urlscan Pro 2a00:1450:4001:82a::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

184 Requests

91 %HTTPS

67 %IPv6

29 Domains

42 Subdomains

34 IPs

3 Countries

4355 kBTransfer

14647 kBSize

5 Cookies

1 Outgoing links

Page URL History

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

sites.google.com Open in urlscan Pro
2a00:1450:4001:82a::200e Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

91 %
HTTPS

67 %
IPv6

29
Domains

42
Subdomains

34
IPs

3
Countries

4355 kB
Transfer

14647 kB
Size

5
Cookies

184 HTTP transactions
6 data transactions