friv2.racing Open in urlscan Pro
2606:4700:3036::ac43:9ece Public Scan

Go To Rescan
Add Verdict Report

URL:
https://friv2.racing/squid-game-2.html
Submission: On January 28 via manual (January 28th 2022, 11:02:50 pm UTC) from UA — Scanned from DE

Summary HTTP 176 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 35 IPs in 5 countries across 21 domains to perform 176 HTTP transactions. The main IP is 2606:4700:3036::ac43:9ece, located in United States and belongs to CLOUDFLARENET, US. The main domain is friv2.racing.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time friv2.racing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:303... 2606:4700:3036::ac43:9ece	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	78.109.31.4 78.109.31.4	41665 (HOSTING-A...) (HOSTING-AS hosting.ua)
2	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.112.80 18.66.112.80	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.82 18.66.122.82	16509 (AMAZON-02) (AMAZON-02)
1	35.190.9.86 35.190.9.86	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
14	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	35.233.56.88 35.233.56.88	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2250:5e00:4:cd76:8580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.119 52.222.236.119	16509 (AMAZON-02) (AMAZON-02)
2 6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700:303... 2606:4700:3035::ac43:bdfd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.214.125 52.222.214.125	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:3... 2600:1901:0:398::	15169 (GOOGLE) (GOOGLE)
1	34.120.152.60 34.120.152.60	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	216.58.212.163 216.58.212.163	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
176	35

40 2606:4700:3036::ac43:9ece (United States)

ASN13335 (CLOUDFLARENET, US)

friv2.racing	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.109.31.4 (Ukraine)

ASN41665 (HOSTING-AS hosting.ua, UA)
PTR: 4.31.109.78.hosting.ua

neueaffenspiele.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-80.fra56.r.cloudfront.net

html5.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-82.fra60.r.cloudfront.net

html5.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.9.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.9.190.35.bc.googleusercontent.com

game.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.gamedock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.233.56.88 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 88.56.233.35.bc.googleusercontent.com

tag.atom.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:5e00:4:cd76:8580:93a1 (United States)

ASN16509 (AMAZON-02, US)

hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-119.fra56.r.cloudfront.net

pm.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:bdfd (United States)

ASN13335 (CLOUDFLARENET, US)

pub.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-125.fra56.r.cloudfront.net

img.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:398:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

tracker.gamedock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.152.60 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 60.152.120.34.bc.googleusercontent.com

tracker-v4.gamedock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.163 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f3.1e100.net

p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	615 KB
40	friv2.racing friv2.racing	361 KB
17	google.com 2 redirects fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2438 adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	86 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	149 KB
8	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 639	752 KB
7	gstatic.com p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com www.gstatic.com	18 KB
6	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 98	46 KB
6	gamedistribution.com html5.gamedistribution.com — Cisco Umbrella Rank: 23564 html5.api.gamedistribution.com — Cisco Umbrella Rank: 19863 game.api.gamedistribution.com — Cisco Umbrella Rank: 22302 tag.atom.gamedistribution.com — Cisco Umbrella Rank: 22583 pm.gamedistribution.com — Cisco Umbrella Rank: 30487 img.gamedistribution.com — Cisco Umbrella Rank: 28983	247 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	188 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 418 fonts.googleapis.com — Cisco Umbrella Rank: 47	322 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	43 KB
3	gamedock.io cdn.gamedock.io — Cisco Umbrella Rank: 29652 tracker.gamedock.io — Cisco Umbrella Rank: 23770 tracker-v4.gamedock.io — Cisco Umbrella Rank: 25073	10 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	40 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
2	improvedigital.com hb.improvedigital.com — Cisco Umbrella Rank: 19755	171 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8294	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	84 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	98 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	644 B
1	headerlift.com pub.headerlift.com — Cisco Umbrella Rank: 20209	2 KB
1	neueaffenspiele.de neueaffenspiele.de	990 B
176	21

	Domain	Requested by
40	friv2.racing	friv2.racing
30	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net friv2.racing
20	pagead2.googlesyndication.com	friv2.racing pagead2.googlesyndication.com srcdoc tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
8	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
6	www.facebook.com	2 redirects connect.facebook.net www.facebook.com
5	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	s0.2mdn.net	imasdk.googleapis.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com html5.api.gamedistribution.com www.google-analytics.com
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net friv2.racing
2	p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	imasdk.googleapis.com	html5.api.gamedistribution.com imasdk.googleapis.com
2	hb.improvedigital.com	html5.api.gamedistribution.com hb.improvedigital.com
2	counter.yadro.ru	1 redirects
2	connect.facebook.net	friv2.racing connect.facebook.net
2	www.googletagmanager.com	friv2.racing neueaffenspiele.de
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	tracker-v4.gamedock.io	html5.api.gamedistribution.com
1	tracker.gamedock.io	cdn.gamedock.io
1	img.gamedistribution.com
1	pub.headerlift.com	hb.improvedigital.com
1	pm.gamedistribution.com	html5.api.gamedistribution.com
1	tag.atom.gamedistribution.com	html5.api.gamedistribution.com
1	cdn.gamedock.io	html5.api.gamedistribution.com
1	game.api.gamedistribution.com	html5.api.gamedistribution.com
1	html5.api.gamedistribution.com	html5.gamedistribution.com
1	html5.gamedistribution.com	neueaffenspiele.de
1	neueaffenspiele.de	friv2.racing
176	36

This site contains links to these domains. Also see Links.

Domain
kizigamesxl.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
neueaffenspiele.de R3	`2021-12-11` - `2022-03-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-07` - `2022-02-05`	3 months	crt.sh
gamedistribution.com Amazon	`2021-03-23` - `2022-04-21`	a year	crt.sh
catalog-acc.api.gamedistribution.com GTS CA 1D4	`2021-12-20` - `2022-03-20`	3 months	crt.sh
*.gamedock.io Sectigo RSA Domain Validation Secure Server CA	`2021-07-27` - `2022-07-27`	a year	crt.sh
tag.atom.gamedistribution.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
improvedigital.com Amazon	`2021-05-05` - `2022-06-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 26 frames:

Primary Page: https://friv2.racing/squid-game-2.html
Frame ID: 5E53AEF7FFF7D4878555F7AB856DBD71
Requests: 73 HTTP requests in this frame

Frame: https://neueaffenspiele.de/spiele/seite/spielen-squid-game-2.html
Frame ID: 81D8012FE0EB7F96CF6ADF0685FE2107
Requests: 2 HTTP requests in this frame

Frame: https://html5.gamedistribution.com/66f24a03669f4ead87178ef4a893a16d/
Frame ID: D995C3FCD03683DA8B5957FC6C16C250
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: 703219BFFF89705CBF53040A87BA1DFE
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4bf2b5a79229c%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
Frame ID: E7275EEFC844B448C8E7564C834D532F
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912
Frame ID: C40F0BE456F8DFF7378E1DF0955B3543
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html
Frame ID: 6D788824EB633DD6785645D83E7F9C17
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 62F4C587177E26AE35120191AD637831
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=1506460680&pi=t.ma~as.1329740506&w=970&lmt=1643410964&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=3&bdt=592&idt=195&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&correlator=5276077380681&frm=20&pv=2&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ksK1BT8Mom&p=https%3A//friv2.racing&dtd=530
Frame ID: 4510678F61923DD7E2A6AF47B56DD2AB
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534
Frame ID: B620AF172EB2FDE6521348889895DE1B
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535
Frame ID: F541233A19F1E69A50D13CEF306B9CF3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1643410964&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=239&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=537
Frame ID: 5975EA4D3455DB39D49628771B863D5C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 17002F4970F9DB9992BA4BBB376F5FF9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1F50E32E9D4DDD51CE3406708A22AE16
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 202A3105544A6376C6782A9EAC10F8EC
Requests: 2 HTTP requests in this frame

Frame: https://p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 9DECE3E5FF5E4ACD358B2246163A0512
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4654815A89742781F89DC8381906B373
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 999A4A9E2FA9F46387AE08EF9EF9025F
Requests: 2 HTTP requests in this frame

Frame: https://p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: E36338C0DB9A62E45448CBFDC268FBF1
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Frame ID: EABD5A1815141D4F7696E5EEFBAC306B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6EAD59BB12F4BF16AE5130482B77BBDD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1
Frame ID: 6CE01D03740CD9D2F3D16294EE04E3CD
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Frame ID: 8E50E31434BC0830A61CAB06C27AA7E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A9886BC2765970CFC5BBFA5844FC26A0
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E8615BD5CF6FCD9896E30AC0BEE9DA40
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Frame ID: C346369DD018960B78042061EBAE4975
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Squid Game 2 - Play Online at Friv2.Racing

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

176
Requests

99 %
HTTPS

59 %
IPv6

21
Domains

36
Subdomains

35
IPs

5
Countries

3233 kB
Transfer

8529 kB
Size

9
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://kizigamesxl.org/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://counter.yadro.ru/hit?t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-2.html;hSquid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing;0.13676945029426535 HTTP 302
https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-2.html;hSquid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing;0.13676945029426535

Request Chain 60

https://www.facebook.com/v12.0/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912

Request Chain 125

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

176 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request squid-game-2.html Show response
friv2.racing/ 16 KB
4 KB 588ms
553ms Document
text/html 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: ea97e0f591b16fd7c4906f982ce8700e3700d89f6ae4a51c53d0f56e1898dd02

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.3.29
link: <https://friv2.racing/?p=2960>; rel=shortlink
expires: Sat, 29 Jan 2022 11:02:43 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4XYUDMJLLmyJev0fVqAcGgJzOiumFW0a%2BInaTn0OJ75upsWpLMW00ANrmNzQc7vvJfVZssVgJ507kNlulyPqbQrMsygyu16HcwhaUh7ZANDVMv3WiQtB293j1dJ7t%2FmEFBQ9d7GtLn9vgDA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d4dd9976ef99013-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
friv2.racing/wp-content/themes/friv/ 16 KB
4 KB 33ms
33ms Stylesheet
text/css 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6046c23b85986b7cf6d8a28b653bb0b0a73bab416795df69f476e14d1271a1db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142759
cf-polished: origSize=16302
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 30 Aug 2019 19:33:49 GMT
server: cloudflare
etag: W/"5d697a1d-3fae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmN%2F7wdxQaUX3P%2FOMgb2b8U610TGUrn%2FxTfsGUWvWpi%2FSP7ZMPZfe5VhidhsrfBTMiAwx5OsxB3XJEe9ndkHGoMzu6zNKAseRR3iPERqqPLoFRPE%2BJtkhrQCy06rMFOjDUO1xskUSwDfLko%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6d4dd99afd0e9013-FRA
expires: Sat, 29 Jan 2022 23:04:40 GMT

GET
H2 200 logo.png
friv2.racing/wp-content/themes/friv/images/ 6 KB
6 KB 24ms
24ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/logo.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea44783ce24f6df8ba9bf53fd8c77c7ce430e9564050582fa28e91ba35cbb5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5726
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-165e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdeLsk%2FwmM0dPMiP4PsH86qEwUbCht33v6JLUXlht7Zwfxg9nOFfvzMllXcPO3sUtjx6TkBzDk778T6mIrfb1DqEb7IOJap2Sc3vay56YY7gjAKgQqW4IJ8NItYeORIhI1pbDa%2BqPTezuww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99afd119013-FRA
expires: Sun, 20 Feb 2022 02:01:48 GMT

GET
H2 200 back.png
friv2.racing/wp-content/themes/friv/images/ 10 KB
11 KB 20ms
19ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/back.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2f3843c4e6e8239cc209544ece9f653a6af137c16654ace78b2b08c6a00b92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142722
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10349
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-286d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeaqLRFX8pBs666Wezt5PE0SqHmKmp8sVwQ1j%2FW%2F%2FVouR6cJqqL%2BI8efbzVkBX5yYEc5ucLy%2F07VgYCmUuvC5NtpQ5rgB18gdPY3wPmvXZGA7dJUZ7bPsCVbhjJc62vbOMLCI%2B%2FIXTQ3vJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99afd1a9013-FRA
expires: Fri, 18 Feb 2022 19:54:50 GMT

GET
H2 200 kizigamesxl.png
friv2.racing/games/icones/ 6 KB
7 KB 21ms
17ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/kizigamesxl.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae07b44365d1b861f5b0c93eb844b2a7533198aa62f16e2db1d62fdc848c08cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142722
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6496
last-modified: Sun, 19 Mar 2017 20:57:50 GMT
server: cloudflare
etag: "58cef0ce-1960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Wf0h6mLKlGGgSAkdZvJs%2B%2BxhIe8bPLoHHG0C6M9rdILv2HfAz2s9Nh9hdOPFZoaXSxEodrAEFrNeQc4rBMTXzukiwrWpzhDEPxS4b3FyiqW9tMoVHpDs6ZnDZ7lpr9Y6gwl4kk7KfcNOag%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99afd209013-FRA
expires: Sun, 20 Feb 2022 02:45:00 GMT

GET
H2 200 om-nom-connect-christmas.jpg
friv2.racing/games/icones/ 10 KB
10 KB 55ms
51ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/om-nom-connect-christmas.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f161c171f9e2343980ec98271c9ee9e73ca694cab4977e34f8fd4357684728

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10085
last-modified: Wed, 22 Dec 2021 14:01:14 GMT
server: cloudflare
etag: "61c32faa-2765"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLuWUkADlw%2BYPEwRkrqtMb%2FfZ%2FI%2BFyndLa4ic8dWVeEINjtHUVNxbownW34Ocgm35OhQdEzUoH1JRE6l2%2F1tCq1XETI%2Bg%2FG%2FYQ3TCNX2nrDtXDiEBWU4dFLGxz9TT1eITSuCx6DpnNrbGck%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99afd229013-FRA
expires: Fri, 18 Feb 2022 14:19:35 GMT

GET
H2 200 the-smurfs-ocean-cleanup.jpg
friv2.racing/games/icones/ 7 KB
7 KB 61ms
56ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/the-smurfs-ocean-cleanup.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e97ff16899cc1ae490c855c626f820a438a2d3eafec41101ddb6e63bae5770c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7205
last-modified: Thu, 11 Nov 2021 00:27:14 GMT
server: cloudflare
etag: "618c6362-1c25"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0svWdXrK6FxY%2Bl1TLKrYT1NzDDwwHfUoj9yaQg9oQeuTt%2BcQwYDIXXOxgLCx4DjdO0Yu0iyeSR6%2BFSbhJsP5lx7%2FVHX1GocVUXBGMr4Sy3IsoNLaLyJmvdhl14wEqwMQCq4SKMJIfwDrmAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d299013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 super-fashion-stylist-dress-up.jpg
friv2.racing/games/icones/ 12 KB
12 KB 59ms
55ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/super-fashion-stylist-dress-up.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b322bff530ae94e37edbb216b6adb44aa64fe4d63d3daa95381fc7587fbf826a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11944
last-modified: Thu, 11 Nov 2021 00:08:34 GMT
server: cloudflare
etag: "618c5f02-2ea8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=42mv8dHD9FptQf5PZEEBFca3KBogMz0t6SpBJEOed1czglBv%2Bxk5VqYOu%2F8MnBEAcoqnm6SCjNMkVQOL78%2F6h6GtAKGd%2FOrI6vTkeTs8%2BfJ7CvWXV8wOy0Fio67qTyu%2BnpT70SEVkyFT280%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d2d9013-FRA
expires: Wed, 16 Feb 2022 20:06:50 GMT

GET
H2 200 subway-surfers-barcelona.jpg
friv2.racing/games/icones/ 13 KB
13 KB 56ms
51ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/subway-surfers-barcelona.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e67103d2d0085f2b85dec20a8a1834dc218a645ff553d7018052a8deab8dad1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13439
last-modified: Sun, 24 Oct 2021 18:23:48 GMT
server: cloudflare
etag: "6175a4b4-347f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0POLJsiW9Yokd2Hq4Dv3twt5tGiWc7LLmH0A0DwhKXZ4TQnEZT2yDzcPoGK9d89whg2OGT4WvgMwAoR9ol%2Bd%2FCRb33l6kWm4wjj14V5iQwhJHS9CJbFcSBDaQEjuOA5ow1Hj1turbLLNhjw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d309013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 friday-night-funkin-music-notes.jpg
friv2.racing/games/icones/ 13 KB
13 KB 28ms
22ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/friday-night-funkin-music-notes.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7081316c21b4024074fc6d21ceb2928af679ee880b97fcf132863e4f6400da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13325
last-modified: Sun, 24 Oct 2021 18:03:38 GMT
server: cloudflare
etag: "61759ffa-340d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQNilx9iS5tiU6zwjLj1ffjI5TjVgIepvcJ2uI9XNMqig198iAEekXvLG6ZLkvh7ZgOIoYrX1VmH4t4DIMfQWcQ6awHZ43VpoeUzDtJCK2FQZrBdG6aFLUqQ%2FTjte0buPMNpOP88J2GnXos%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d349013-FRA
expires: Wed, 16 Feb 2022 20:06:50 GMT

GET
H2 200 vex-6.jpg
friv2.racing/games/icones/ 10 KB
11 KB 22ms
17ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/vex-6.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb61d7ca61e7a23e23f95136244410a278b923ce9fad3061617c6af3e9770f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10448
last-modified: Fri, 22 Oct 2021 20:03:58 GMT
server: cloudflare
etag: "6173192e-28d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FiDu33V1dajUnDSEsCwo2AI9pqyKwzSFbZxRsUGMJo4XDWifbaJkI1Hcok3rUq5sxz6bNxIoFnBKEFBX8lR9s1KAxfklLZfjUiBM9mRWCVE0FKzE%2BoLUvjUfKidsE5kaptFH2WefJX98d%2FQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d379013-FRA
expires: Wed, 16 Feb 2022 20:18:03 GMT

GET
H2 200 teen-titans-go-adventures.jpg
friv2.racing/games/icones/ 10 KB
11 KB 73ms
68ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/teen-titans-go-adventures.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 319905f01279f4560f186bb44de35909b6a991ddcbc2cdfbc7311856d0fbe0e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10478
last-modified: Fri, 22 Oct 2021 19:41:27 GMT
server: cloudflare
etag: "617313e7-28ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wYkYxBz%2BgADb4EKZVOwAsYJrbzDJqvVrpLvhWiLStWwF%2FiGzsm9JZm0RCk3I7%2BqmO4ksuE97yMjMNQ2LNW27tpLp5FLRGZ4kaO7vonld0cWfYx375FHP41ZWGUeOplILJs743O%2B8BQsMesc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d3a9013-FRA
expires: Fri, 18 Feb 2022 02:49:38 GMT

GET
H2 200 love-tester.jpg
friv2.racing/games/icones/ 11 KB
12 KB 63ms
58ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/love-tester.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43a5d1be8caa69c7488d5215de569e319b0ee4cceb1926d85511b11b107e0c03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11501
last-modified: Fri, 22 Oct 2021 19:26:30 GMT
server: cloudflare
etag: "61731066-2ced"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UUQcl1nR7Wke3tRGr3h77e6eavUIkCo0V058GEt9EqBc99F5Rse8ubnldB8dHwHnpLiYrwDuYlV2JTtz2jF7Zz5YfIm6tV96kL3B6Nbti4b6Kb2fpsjS7g4yeca0jxuPiQC68O2%2FKOLYm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d3d9013-FRA
expires: Wed, 16 Feb 2022 20:06:50 GMT

GET
H2 200 fireboy-watergirl-6.jpg
friv2.racing/games/icones/ 10 KB
10 KB 26ms
21ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/fireboy-watergirl-6.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 340be27a3b725774c93a8cfec52dbdc5e7cb212772d969195adcd42410b298d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10251
last-modified: Wed, 13 Oct 2021 11:50:04 GMT
server: cloudflare
etag: "6166c7ec-280b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=06LnxE4CtT%2BniS2pLBIxmiYOPwY0fMke1jXdqXdlAG2kuvdXcUwDMWi9gfNv0jTdcbsoqabXFKHaEbi5o3Ue6UFPwupKWeEA%2FKrOd8lPujijd9eH3Ms7n7ruN51QMohRL1eG65VEsxvLHDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d439013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 squid-game.jpg
friv2.racing/games/icones/ 5 KB
6 KB 65ms
61ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/squid-game.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 705980d04d5fcc271ae323bf089f3eaaaad4133b8ad8719899058714d31aa40f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5607
last-modified: Wed, 13 Oct 2021 11:37:10 GMT
server: cloudflare
etag: "6166c4e6-15e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OIevVb%2BMX8vrzhEckxInQtcJhm5B%2Bf9s51vfmW7XuWYXFZIiwoINEwdbwHvGCxpyTNb803NQ5YYYiqJhMTpXcY%2BC%2FH5cMvlY7VuR0IxC%2FHSEVQOw%2Bb5RhdDxo8z47tXZR8Pi4Qpy%2B8X%2FORM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d489013-FRA
expires: Fri, 18 Feb 2022 07:35:26 GMT

GET
H2 200 subway-surfers-san-francisco.jpg
friv2.racing/games/icones/ 14 KB
15 KB 69ms
65ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/subway-surfers-san-francisco.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575eb787320617105cd5dbd56464c98f17f993c82fc40980e81fa880f0d4a141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14683
last-modified: Mon, 20 Sep 2021 21:09:01 GMT
server: cloudflare
etag: "6148f86d-395b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qM3%2FgtkwzVrrccqzBPFwuYmxOvkdo%2BTLb6L6eegZj6LR6NlakI0ZaCVxi%2BayPMWF%2BtPv%2FT%2B3YDSCw2Z7PP3C4WCCGRvrs7NNk57p2VpAbC%2BM4M%2B0TainNQgWbaqJkyrT53xtPa5U7CC0GH0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d4b9013-FRA
expires: Wed, 16 Feb 2022 20:06:51 GMT

GET
H2 200 save-the-girl.jpg
friv2.racing/games/icones/ 9 KB
9 KB 61ms
56ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/save-the-girl.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad1f59229d3b4c19ec76ba06e0a33ca00c6a092afb95c222dfa1fcef162735c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8864
last-modified: Mon, 20 Sep 2021 20:46:23 GMT
server: cloudflare
etag: "6148f31f-22a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WU43hYYXIdXkrla66MZbtcZjHq12O7oMez4XOmjFiv4wxgbNttUIRaHSvIJClxIK58TGvvuHbPWhNTDCYjK0zSV3SOhjYIHj2MgvfOdCJzdJSx644G%2FMtUGJOoJR4LZlTrZJ6TGCm0VRWRQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d4d9013-FRA
expires: Wed, 16 Feb 2022 20:06:50 GMT

GET
H2 200 stickman-hook-rescue.jpg
friv2.racing/games/icones/ 9 KB
10 KB 25ms
20ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/stickman-hook-rescue.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f92cfa93bfa5afb9f2859e7c5a5f76872807dec30e4cdf7c8af76dcde7e0b6a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142759
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9331
last-modified: Sat, 18 Sep 2021 23:50:54 GMT
server: cloudflare
etag: "61467b5e-2473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJxaaGtc8e1gZaUFpKLgSF1GYygi2waXDB%2BZXZ1XLaVv%2B1px9tliM3GrLgFbQnunCJ14nTLl%2BzIZXnF91YaIKXbjN9WE31ZmEWNvU6ZznZPGixlPbXABb7qYMaIICa2VEQTfuIx%2B5RtYE3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d4f9013-FRA
expires: Wed, 16 Feb 2022 20:06:50 GMT

GET
H2 200 happy-shapes.jpg
friv2.racing/games/icones/ 9 KB
10 KB 61ms
57ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/happy-shapes.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c35ff6c27c50a68d993f43404a00ecf6591fc86f66fd0c00ded254fcff70c48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9406
last-modified: Sat, 18 Sep 2021 23:34:11 GMT
server: cloudflare
etag: "61467773-24be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dw8wQPXrOqkj6eC7A8Zr1a1tF1gVI31XfK8cfO20zh8so18SavAjQ%2FFOxxsYPPulMRZfz2C2vFusgAzSb12s1hz%2BG38yvjdS163w2EvORMdYNceQHDroH7Dwy858EXDLVOUfGgE0%2FB%2FHwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d529013-FRA
expires: Wed, 16 Feb 2022 20:06:50 GMT

GET
H2 200 jetpack-joyride.jpg
friv2.racing/games/icones/ 10 KB
10 KB 71ms
67ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/jetpack-joyride.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14d20ac3a6fad39a8c19300225b82b935a0843d261ad80c0c771b6909b4017a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10034
last-modified: Thu, 26 Aug 2021 22:46:17 GMT
server: cloudflare
etag: "612819b9-2732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1islbAwibPBunxjmSwv8C%2BTZa%2FDbrhyy27hEmZYnB6zOKt4e48d4uLKVx8e7%2FaNjCEdk%2BgY9%2B5ZbdCKV2V25ZH6zeFvJBjbSygXLEHjH%2FDTdyGCy3XitzWn1Uh2VZV5u21%2BAPPQrlECW4k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d549013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 hello-kitty-and-friends-jumper.jpg
friv2.racing/games/icones/ 7 KB
7 KB 66ms
62ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/hello-kitty-and-friends-jumper.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3030d060903c587fa12517f8aea1dee90a991276c8358f19ee20aaa2435da425

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7124
last-modified: Thu, 19 Aug 2021 20:13:25 GMT
server: cloudflare
etag: "611ebb65-1bd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw%2BcFxuS%2BtA%2FHhe6I0mvcXLbBtrLGJaPwRTZ7zz3JTAkvaBImzgZIWVHYoWJwt0tJwHmI47BCDngl2m1diKpnixR%2Fpl4XNGS%2B%2F4USg9hD5QTvmOtq8Gx8WLNcv9L%2FYKjwUPMPfUn00oHBwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d569013-FRA
expires: Wed, 16 Feb 2022 20:06:51 GMT

GET
H2 200 friday-night-funkin.jpg
friv2.racing/games/icones/ 11 KB
11 KB 59ms
55ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/friday-night-funkin.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7118dab66877bebfafdd02c111dfccc3df668fa622d25c443f4822db37f0c027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11151
last-modified: Mon, 12 Jul 2021 23:07:14 GMT
server: cloudflare
etag: "60eccb22-2b8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rirpkbJNyiEQYaE3oF89XS17veVV84TI3DMKDZKb1rK40P%2Fl2nb0xxhW%2FXfwcN%2BvMGmamHj3%2BrT4FJTEOa3cGtEw14x088CcWCl0JOraB1LKSvxMFcbw00TwJOsqxMEOUxi7yqaVNXMQUtI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d579013-FRA
expires: Wed, 16 Feb 2022 20:06:51 GMT

GET
H2 200 angry-birds-2.jpg
friv2.racing/games/icones/ 6 KB
6 KB 31ms
27ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/angry-birds-2.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d80bdc9da46e8118e9380fd7f7a558ffc6cff5ba909882925b0c3087468602

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6184
last-modified: Mon, 12 Jul 2021 22:42:41 GMT
server: cloudflare
etag: "60ecc561-1828"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=evmD5hoC1y1WQITEhChqS0tX82MDLSP2UkSwCuMayxdCLyXRPtbs8CFbNPma11o5flSOI4U5KtuHirnDC6sWe%2FClN9%2BoBAYQoTQvAp9qfuTkPSaAuB9AXqT7BlWA6BvqeQGBNEONLXTNDd0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d599013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 who-is-imposter.jpg
friv2.racing/games/icones/ 4 KB
4 KB 69ms
65ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/who-is-imposter.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29a6238dac6868a23482b0d3b4707c08e17895e92fc5d487012766be02fea712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4199
last-modified: Tue, 13 Apr 2021 08:54:53 GMT
server: cloudflare
etag: "60755c5d-1067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9lZz2XDznzYdn7ae%2B5zaDAypIczydZqF5HyVac61CmVhZHxdWFpLvDkClFzneHqg6h8e3cNbAYRtMSRV55zhQ8puS8oVVGwrGlgxxMa5%2F2%2FLQmt%2B4ktR05OwurXTbKXH5tvsmcvaeNGo3Ng%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d5a9013-FRA
expires: Wed, 16 Feb 2022 20:06:51 GMT

GET
H2 200 genie-quest.jpg
friv2.racing/games/icones/ 5 KB
5 KB 28ms
24ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/genie-quest.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32115ecb0a3904d0833e04719228424a2d8db612d204f4e69507a582aa603c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4733
last-modified: Tue, 13 Apr 2021 08:37:41 GMT
server: cloudflare
etag: "60755855-127d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eP2xB9tNSN72dpu89BT8Q4bfaJ9M2inrfQcv5uTtZJL5pBsWOhTeBwlCdnBN0ChwFIELbmBg92%2Fk2Uw7q5hN96BvVHC7wNiMfsP7s0CIf8WiteZJA6DJpVtVXeRinSHf41OpkD3jD3cekPQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d5c9013-FRA
expires: Wed, 16 Feb 2022 20:06:51 GMT

GET
H2 200 shaun-the-sheep-sheep-stack.jpg
friv2.racing/games/icones/ 4 KB
4 KB 38ms
35ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/shaun-the-sheep-sheep-stack.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71707349929d0aee76de6cf37907137b2c9605208e85d8800bc0d729db7b18ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4116
last-modified: Sun, 14 Mar 2021 01:00:00 GMT
server: cloudflare
etag: "604d6010-1014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyB4YtI6444nr77lEH6fN3yZgnobjOqM0uL8NUTKs8Ept5xXBUMVDxo5ZQVLis2ApCiOPP9PsBeuyYEei8wPP1ySlu9Lq3DxIvsHcrIbm6vuy37srFmhJeSYXvAJacOgrUxw1i7tal6N4Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d5d9013-FRA
expires: Wed, 16 Feb 2022 20:06:51 GMT

GET
H2 200 penguin-diner-2.jpg
friv2.racing/games/icones/ 4 KB
4 KB 70ms
66ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/penguin-diner-2.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b61206ca8f2dee029bdf11949a8953aee7479479feabdfa8a80742dfa9a0bf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3870
last-modified: Thu, 25 Feb 2021 16:47:16 GMT
server: cloudflare
etag: "6037d494-f1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7TOCX2qU3ynyMA328Gtd1UmfJajW%2BJvOO7V72Tme2wmpA8Vq%2FgX5Yf%2BHFCOr2MGVBt2BlFD13vClOwmufvxXm6qwvoo5CVqG55KHDoVm31go6n6kv4RssRGYzyaH9S4TUPfNH4n%2BrfP5zk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d609013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 talking-tom-run-gold.jpg
friv2.racing/games/icones/ 7 KB
7 KB 28ms
25ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/talking-tom-run-gold.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1143d0629c77a82e51860e70498614633f233467d2b3f8d9aab155866df0570a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6686
last-modified: Mon, 22 Feb 2021 18:43:15 GMT
server: cloudflare
etag: "6033fb43-1a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SAi5NV%2Bfs7UesJ0nfuyK9mg9vy7AbbAHgtN5Db8%2F8M%2BSH27ia2Bbf667Am4NdvPDgQu7encsbvErLKlLzzkFxpbSvyL6B%2Fb5Io7xu92juSSGl2G2hXbLM0d9%2B3dHFl5DTk%2B9cazFFCzyNp0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d629013-FRA
expires: Wed, 16 Feb 2022 20:07:50 GMT

GET
H2 200 learn-english-word-connect.jpg
friv2.racing/games/icones/ 6 KB
7 KB 30ms
27ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/learn-english-word-connect.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16653dc16da2f67ccbb7f71933b290736c7efc35e2d08327489ec09295ffd007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6423
last-modified: Mon, 22 Feb 2021 18:22:29 GMT
server: cloudflare
etag: "6033f665-1917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wosn99cst68%2Fz0ODA%2BYAjCwU%2BOQEpqPi4slZvkTH5lakHeM72cC1%2BEe8PwCf1CBeQaBC2Wcj8bspQYQCf8eBNjkQktSQ5Pr1SLCKUzwbJKSuSTM5S0T12OKI3tq8x%2Fwq3itxpxXmQHDIeT4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d649013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 tom-and-jerry-run.jpg
friv2.racing/games/icones/ 7 KB
7 KB 26ms
23ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/tom-and-jerry-run.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df149d844178b4a4b3ed660e03ef092e3bdfe30ceb564ad7dd571006b7f6995c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142755
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6887
last-modified: Tue, 16 Feb 2021 06:49:01 GMT
server: cloudflare
etag: "602b6add-1ae7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vP9aDMNDOAUUUv2%2FX8Jhm532i5IN6ZX7RWp7QB5bH%2BXC7IefuoKnfpP1IGHdGz7XDfQUxNB%2Bk%2FnaRlLhpMwGHLdoBbFAmm5HrUk5vo2LtxRlVrFTk%2BhrxEh8%2FSzYYnJWTcXjaxSbSU%2BLYsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d669013-FRA
expires: Fri, 18 Feb 2022 02:07:12 GMT

GET
H2 200 among-us-space-run.jpg
friv2.racing/games/icones/ 4 KB
5 KB 72ms
69ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/among-us-space-run.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd50facc16180a7b7bd4b56e592dec310229a103a616fee0a1377854ef566b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4599
last-modified: Sat, 13 Feb 2021 23:49:59 GMT
server: cloudflare
etag: "602865a7-11f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrzefosryECuGdcz1JtsbJ%2FECbyFXTtuqWzf7F8dWNN4rKIiCPxQjrBv6LnZmI2jhsxLlkP5AzaOJZvVO0mAzxM%2BXC23%2BjyrFvFOVo26GOmn3GvQiOl5b5tDsEcFUdWijI5KVZQ7w%2FOF8p8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d679013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 fireboy-and-watergirl-island-survival-4.jpg
friv2.racing/games/icones/ 6 KB
7 KB 68ms
66ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/fireboy-and-watergirl-island-survival-4.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607a593cfd8d289c92d8ebd35b04c61ac9c80ed29ce4654b27c133267f46d07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6363
last-modified: Sat, 13 Feb 2021 23:36:18 GMT
server: cloudflare
etag: "60286272-18db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TE6TcWY92VJJuhk8WhJRJp572B7%2FfqZ7Ygs0Rqe%2FZslZLKwMv%2B1Ygqkqg2mJ5w9ikZgQfkH114Ua%2FXS2iaJarURfgheYgHVmRaReascuV9VECHzx0RMyvlj4NwHYRUzQDkl92LE8ijXLnBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d699013-FRA
expires: Wed, 16 Feb 2022 20:07:49 GMT

GET
H2 200 kumus-adventure.jpg
friv2.racing/games/icones/ 8 KB
8 KB 62ms
60ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/kumus-adventure.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc8ac413e2b44518ef01b79bd43fe699150dbb434875bf72387de84d218c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7695
last-modified: Sun, 31 Jan 2021 18:15:13 GMT
server: cloudflare
etag: "6016f3b1-1e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGmxeTyUl7eD%2FZkpTSorgmiMSxTNBPhYVO0ZVlNpwebSkO2eh%2B08xnZwSAS9weZbTb36CfCdrjDawS3s%2BUiFfuSwcVPXMRB1CZkxqoo0OiD6s8CtXjAE1r1MJVK1sX5Wywvv0%2Bdl4XtwMJo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b0d6b9013-FRA
expires: Fri, 18 Feb 2022 07:22:05 GMT

GET
H2 200 rocket-loader.min.js Show response
friv2.racing/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 22ms
20ms Script
application/javascript 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://friv2.racing/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-2.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 27 Jan 2022 10:01:18 GMT
server: cloudflare
etag: W/"61f26d6e-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzDTRheHpt09psu0M25Vk0rpGcjhtqBMsCW36o0Rz3UJ1JYGtx5gL%2BgdnT9ej7WW9zLn%2BsCnK3xvsVdQHl17nvIr3IuxVr5YbC3az6VBGrhrXPeB9GxcHBRtahZazQ5myJaphGOsU%2Fn6qb0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d4dd99b0d6c9013-FRA
vary: Accept-Encoding
expires: Sun, 30 Jan 2022 23:02:43 GMT

GET
H/1.1 200
OK spielen-squid-game-2.html Show response
neueaffenspiele.de/spiele/seite/ Frame 81D8 966 B
990 B 283ms
57ms Document
text/html 78.109.31.4
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://neueaffenspiele.de/spiele/seite/spielen-squid-game-2.html
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: 829c46873202109f27565f1fd69b73cc9c465c8714832b4a6d98d80d8bafcc95

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

Server: nginx
Date: Fri, 28 Jan 2022 23:02:43 GMT
Content-Type: text/html
Content-Length: 598
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 22 Dec 2021 08:59:29 GMT
ETag: "3c6-5d3b856e84134-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=43200
Expires: Sat, 29 Jan 2022 11:02:43 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 156ms
62ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Requested by

Host: friv2.racing
URL: https://friv2.racing/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0e09e7e29615ae8b3b52d674e0b0cb325eb0dba5bb73df2fed9e2fb80b071fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36066
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 22:38:19 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jan 2022 23:02:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
52 KB 153ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1eed120ba57562e1faca3ae9f002262bd064d149c4ab99e0aec46ae79b1c07c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53021
x-xss-protection: 0
server: cafe
etag: 7483591133493781413
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 23:02:43 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

707cab5e5a6cc435fc2bd6049050df32e0869fa6e6fa986740b8c6d078cc0fbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://friv2.racing/
Origin: https://friv2.racing
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 9l7BCff7toh52is0pwPO7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: u0MS4v5WRv3avExAlA1ZkUn3XPIJPH/CB7LFE+rWsteTQo8ctN4qtJbkazyJxrnCc8YoWPK4xRUn6aC9qZ65FA==
x-fb-trip-id: 917726464
x-fb-content-md5: 3ca9d2636dc2caab157dcd0d156e15d4
x-frame-options: DENY
date: Fri, 28 Jan 2022 23:02:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6d62ecaf1cb0e0c0f210638c9f57d374"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 28 Jan 2022 23:21:44 GMT

GET
H3 200 cursor.png
friv2.racing/wp-content/themes/friv/images/ 2 KB
2 KB 23ms
23ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/cursor.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b7c0bc7f6953d9a85719f68a6cc410bae7859d4e90696d7bc0586d5f014575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1668
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2Bnm3%2F%2BUOl5UMdtRpD2YKjB6097N6qC159UVbMuFTHTaKAcKiZzSynQ6p%2FO0rJ9W1mAYirqHTpcqqCqdlIFNDyugHIB6%2BGTg5YSVjmUD3daLiCQjDOvqufItat6LQga76Yh4halHywzNPuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b390c917a-FRA
expires: Fri, 18 Feb 2022 19:59:18 GMT

GET
H3 200 gameback.png
friv2.racing/wp-content/themes/friv/images/ 15 KB
16 KB 16ms
16ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/gameback.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a176a0442b25e0a0bf4687552431aa639c95088c510f4bd012c0b6065237c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15309
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-3bcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mpFTwK%2FMpYUcTRD5LQ3QPYnrNndb5uMNgdF6rw5GS3ANze5cUzZziWAzqREClhs00knJejSqcTgvI4GUEe3JLyCKEN7ykaVKFAyVOWb173HFvVpux3JwR%2FCsJ3gpOsKrkOLuvtxOvzl6Ms%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b390d917a-FRA
expires: Fri, 18 Feb 2022 19:59:18 GMT

GET
H3 200 menu-bg1.gif
friv2.racing/wp-content/themes/friv/images/ 93 B
675 B 24ms
24ms Image
image/gif 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/menu-bg1.gif
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27bbce805c2c61aab7e90d5a59180cda702e1b002bd739abdbe56aa9473aeb71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "5d-559d691e72c0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LatU5utr48DmDKAPa5GCRokEmJv5ea7gMuxfrVe%2F0Gom2vs19h6xPZk4%2FllHcoJhnOsSl3BVe6KaGOK91etXduS0nR%2FK2Dc2svHGr61Qw62H94U%2F1cLsnqAr3y%2Frcod6vVhBgxEtJTQRN2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b390f917a-FRA
expires: Sat, 19 Feb 2022 06:28:18 GMT

GET
H3 200 search.gif
friv2.racing/wp-content/themes/friv/images/ 165 B
753 B 24ms
24ms Image
image/gif 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/search.gif
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 165
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "a5-559d691e98d6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VmxWR8DevNZD6p5%2BRtVsLLDZe9I3MJiufOTzSRs50l%2FP01FrlN%2FxDTLNjoR73xicZrHgsqQj7SdK5Hi2aD6T54%2B8I%2BbU8GA4shuKwST6KWgBVj0NgZT36NrK03KMO6UitTRbAhU%2BaJhDWnc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b3911917a-FRA
expires: Sat, 19 Feb 2022 06:28:18 GMT

GET
H3 200 searchpart.gif
friv2.racing/wp-content/themes/friv/images/ 240 B
856 B 15ms
14ms Image
image/gif 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/searchpart.gif
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 230804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 240
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "f0-559d691eb94f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6GEflv0gyh5tEd0Opz2Tv28SWfoFFYma051AEiPN7P6MPr%2FcEuwoJxgxYbnyPU6koyKGnhuOkFmFpmeCV71cljaY6EhjYBGeTDf0t6NrNatx2OzDDlrwyyj6pJ8W83q1V5YcOQpIoN86yM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b3912917a-FRA
expires: Sat, 19 Feb 2022 06:28:18 GMT

GET
H3 200 logo_big.png
friv2.racing/wp-content/themes/friv/images/ 63 KB
64 KB 23ms
22ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/logo_big.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f420911e15e0dcade2d82029717124f6f8263456f3d2686576c5cb364c7d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53123
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64752
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-fcf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZUKi2v2ldENMz7g4G7ysCDIwcZNy5FY1SeRghzTU%2FU9X9ZYW4a4JzWgaBSgO3TSfAf3eS5HoGLmffi4k4deC1fpJDUgpJDH87PyKsFKYR5RmtUxNi62GYPmkXZP9aGMtpgkgZb6EIti6S2E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6d4dd99b3914917a-FRA
expires: Fri, 18 Feb 2022 19:59:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 81D8 169 KB
62 KB 113ms
68ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8DH33QQECN

Requested by

Host: neueaffenspiele.de
URL: https://neueaffenspiele.de/spiele/seite/spielen-squid-game-2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

faf00670b9f644252a3e797641cc4e5186a8b862264f087fd5c521c304b56bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://neueaffenspiele.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63730
x-xss-protection: 0
expires: Fri, 28 Jan 2022 23:02:44 GMT

GET
H2 200 / Show response
html5.gamedistribution.com/66f24a03669f4ead87178ef4a893a16d/ Frame D995 6 KB
2 KB 116ms
59ms Document
text/html 18.66.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://html5.gamedistribution.com/66f24a03669f4ead87178ef4a893a16d/

Requested by

Host: neueaffenspiele.de
URL: https://neueaffenspiele.de/spiele/seite/spielen-squid-game-2.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-80.fra56.r.cloudfront.net

Software

openresty/1.15.8.2 / Express

Resource Hash

969e50a669275fed180ed53f20f4bbab60f56dc4c8076aad7d0abc0f1599bff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://neueaffenspiele.de/

Response headers

content-type: text/html; charset=utf-8
server: openresty/1.15.8.2
date: Fri, 28 Jan 2022 23:02:44 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-powered-by: Express
access-control-allow-origin: *
cache-control: private, max-age 3600
etag: W/"1644-pXaL4ldixh+s7ApcKnb/KUJsmpU"
content-encoding: gzip
via: 1.1 google, 1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: pA1txYmqHBvAAIu2l8ir1uJGyrjQkmjL39Oal0Og5Si6v88V6LI72w==

GET
H2 200 main.min.js Show response
html5.api.gamedistribution.com/ Frame D995 389 KB
124 KB 57ms
8ms Script
application/javascript 18.66.122.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.api.gamedistribution.com/main.min.js
Requested by: Host: html5.gamedistribution.com
URL: https://html5.gamedistribution.com/66f24a03669f4ead87178ef4a893a16d/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-82.fra60.r.cloudfront.net
Software: UploadServer /
Resource Hash: 75bfadb9ac37e28e80e2c3171ff2251e3954bb3dbe0b24dfae0598c1652ad876

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:13:42 GMT
content-encoding: gzip
age: 2942
x-guploader-uploadid: ADPycds73-FQMyVSg1P_Otlnk8_KUTmcuJm-fQbqE4whpsFkDS1ENQlW57zCWr6PynEQUiXwxUFnNSGESmfsh55Jq2ev--FNPA
x-cache: Hit from cloudfront
x-goog-storage-class: MULTI_REGIONAL
x-goog-meta-surrogate-key: gcs
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 125950
access-control-allow-origin: *
last-modified: Thu, 27 Jan 2022 13:06:40 GMT
server: UploadServer
etag: "f96ab8967c50afef248ef1bc374b0269"
vary: accept-encoding
x-goog-hash: crc32c=iFmX0w==, md5=+Wq4lnxQr+8kjvG8N0sCaQ==
x-goog-generation: 1643288800515033
via: 1.1 615f944336054ae07b8e7c415ddbad44.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 125950
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: 4CGY_HJ-wPw_9e_tLj20sh9d-kq-_yqgHyTW3C4USSUSoKnWX_ydGg==
expires: Fri, 28 Jan 2022 23:13:42 GMT

GET
H2 200 / Show response
game.api.gamedistribution.com/game/v4/get/66f24a03669f4ead87178ef4a893a16d/ Frame D995 2 KB
2 KB 65ms
25ms Fetch
application/json 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v4/get/66f24a03669f4ead87178ef4a893a16d/?domain=friv2.racing&v=1.25.1&localTime=23
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: a8f1333cac843f4640303c36a333e25a25b369a31ebb54049b69fad34e3e0fce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
via: 1.1 google
etag: W/"932-EbtRKwM/Tl85HwzV5WyFpsdOqfU"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age 3600
alt-svc: clear
content-length: 2354

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-2.html;hSquid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing;0.13676945029426535
https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-2.html;hSquid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing;0.13676945029426535

104 B
590 B

49ms
48ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-2.html;hSquid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing;0.13676945029426535

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a221343db26c43bb8ec3b2dda04ec6017ba57321fb34076aeb0e276feebe8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 23:02:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 104
Expires: Thu, 28 Jan 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 Jan 2022 23:02:44 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-2.html;hSquid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing;0.13676945029426535
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Thu, 28 Jan 2021 21:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/ 287 KB
103 KB 109ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=friv2.racing&bust=31064587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1b89e0ec4cc0133b0b90550c8fa9181f070907610f0aabb4e7058e471943fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 105925
x-xss-protection: 0
server: cafe
etag: 8876039562203150564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 23:02:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame 7032 10 KB
5 KB 131ms
44ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Fri, 28 Jan 2022 15:52:32 GMT
expires: Fri, 11 Feb 2022 15:52:32 GMT
cache-control: public, max-age=1209600
age: 25812
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 16ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=3424d9fdc46c022d62363d0f8ccf21f5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b7eb700c4b66a78d7ddce44c218bc07d9ed1679ed97328edbcae59fae9945e20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://friv2.racing/
Origin: https://friv2.racing
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: jT13Chz3wFpgEFId1U4X8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83491
x-fb-rlafr: 0
x-fb-debug: r4ihCA6rKrqq3nSB7tXZK+LcWUooWk2UVyGQ9M/S7tRz7DWXzdqUvR6b52rQs3LSkjl1GP/4isbyu9jgnfIDGQ==
x-fb-content-md5: 00bdf1dff56596ad52d605e31c2129fd
x-frame-options: DENY
date: Fri, 28 Jan 2022 23:02:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "7086ef05b582fdb6d77f314837db23a0"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Jan 2023 20:36:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5270
date: Fri, 28 Jan 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 23:34:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame D995 49 KB
20 KB 107ms
50ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5270
date: Fri, 28 Jan 2022 21:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 28 Jan 2022 23:34:54 GMT

GET
H2 200 gamedock-sdk.min.js Show response
cdn.gamedock.io/gamedock-web-tracker/4.4.0/script/ Frame D995 10 KB
10 KB 85ms
23ms Script
application/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gamedock.io/gamedock-web-tracker/4.4.0/script/gamedock-sdk.min.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 8210b1f883e01f520917b36e11d7b67c2410cb403ea7981bb9c6a2bc4e9ae9cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
last-modified: Thu, 18 Nov 2021 15:34:48 GMT
etag: "1637249688"
x-hw: 1643410964.dop250.am5.t,1643410964.cds276.am5.hn,1643410964.cds214.am5.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1164046
accept-ranges: bytes
content-length: 9785

GET
H2 200 dmp
tag.atom.gamedistribution.com/v1/ Frame D995 0
0 76ms
27ms Fetch 35.233.56.88
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.atom.gamedistribution.com/v1/dmp?ar=eyJ0cCI6ImdkLmxvY2F0aW9uIiwiY3QiOjAsInZycyI6IjEuMjUuMSIsInVybCI6Imh0dHBzOi8vbmV1ZWFmZmVuc3BpZWxlLmRlLyIsInJmciI6Imh0dHBzOi8vbmV1ZWFmZmVuc3BpZWxlLmRlLyIsInRkbW4iOiJmcml2Mi5yYWNpbmciLCJkcHRoIjowLCJhcmdzIjp7ImRlcHRoIjp7InZhbHVlIjoyfSwidG9wIjp7ImRvbWFpbiI6eyJmcm9tIjoib3JpZ2lucyIsInZhbHVlIjoiZnJpdjIucmFjaW5nIn19LCJwYXJ0bmVyIjp7ImRvbWFpbiI6eyJ2YWx1ZSI6ImZyaXYyLnJhY2luZyIsImZyb20iOiJmYWxsYmFjayJ9LCJ1cmwiOnsidmFsdWUiOiJodHRwczovL25ldWVhZmZlbnNwaWVsZS5kZS8iLCJmcm9tIjoiZmFsbGJhY2sifX19LCJ1YSI6eyJicm5tIjoiQ2hyb21lIiwiYnJ2cyI6Ijk3LjAuNDY5Mi43MSIsIm9zbm0iOiJXaW5kb3dzIiwib3N2cyI6IjEwIiwidyI6ODk2LCJoIjo2NDB9fQ%3D%3D

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.233.56.88 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

88.56.233.35.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
referrer-policy: no-referrer
x-permitted-cross-domain-policies: none
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 0
cache-control: no-store, no-cache, private
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security: max-age=15724800; includeSubDomains
x-dns-prefetch-control: off
content-length: 0
x-content-type-options: nosniff

GET
H2 200 headerlift.min.js Show response
hb.improvedigital.com/pbw/ Frame D995 107 KB
34 KB 45ms
8ms Script
application/javascript 2600:9000:2250:5e00:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5e00:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 9be6f2589c241a4e8eaee7f98e2c6130039a0955e415361349a65ad758643fc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:45:12 GMT
content-encoding: gzip
age: 1052
x-guploader-uploadid: ADPycduKEhDpt1p9jjsuPqbLanRZoMqDGsz52MwKRxaYGYCp7VPOx_AOKvjUYkTri1XSxlCMZ6CdYBJAFxYHB2LTR7BhoHBK-A
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 34116
last-modified: Thu, 06 Jan 2022 13:28:37 GMT
server: UploadServer
etag: "24bebca0fd81618442388b996c6a14da"
vary: Accept-Encoding
x-goog-hash: crc32c=u0Kgsg==, md5=JL68oP2BYYRCOIuZbGoU2g==
x-goog-generation: 1641475717364484
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-goog-stored-content-length: 34116
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: _io9Gty0uXcbwwAfxnBXDQ2m3dQroSZuYeYIoOBG8q69IJy7MxGsbA==
expires: Fri, 28 Jan 2022 22:45:19 GMT

GET
H2 200 index.js Show response
pm.gamedistribution.com/@bygd/gd-sdk-air-dynamic/1.3.6/dist/pluto/iife/ Frame D995 155 KB
51 KB 47ms
8ms Script
application/javascript 52.222.236.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.gamedistribution.com/@bygd/gd-sdk-air-dynamic/1.3.6/dist/pluto/iife/index.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-119.fra56.r.cloudfront.net
Software: UploadServer /
Resource Hash: 6f4df1d79600b896a2e01a8ac951e9003a40d40fe25d28bad5633dbc54e74863

Request headers

Referer: https://html5.gamedistribution.com/
Origin: https://html5.gamedistribution.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 15:55:00 GMT
content-encoding: gzip
age: 10307264
x-guploader-uploadid: ADPycdvJ1Tccx_vxyNeoLJ3FQAv6aIcqY7WHHWgVOIPvPobVL9Q1K9ujOgiu6Cz_T6ckGskMIylhXt9tgFjQzgWr47ELpI9Sfw
x-cache: Hit from cloudfront
x-goog-storage-class: STANDARD
x-goog-meta-surrogate-key: gcs
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 50815
access-control-allow-origin: *
last-modified: Fri, 01 Oct 2021 15:46:25 GMT
server: UploadServer
etag: "fc20660db77b0e44372ddef26392b0f5"
vary: Accept-Encoding
x-goog-hash: crc32c=ISny9g==, md5=/CBmDbd7DkQ3Ld7yY5Kw9Q==
x-goog-generation: 1633103185059009
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 50815
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-cf-id: Yxh2J5Q8Jmt2924drcDJa7boSRBXuz3Ncwv0GAL28WkXsdCqrcz5kA==
expires: Sat, 01 Oct 2022 15:55:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 23ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=192074324531989&ev=fb_page_view&dl=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&rl=&if=false&ts=1643410964309&sw=1600&sh=1200&at=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 28 Jan 2022 23:02:44 GMT

GET
H2 200 like.php Show response
www.facebook.com/v12.0/plugins/ Frame E727 19 KB
11 KB 75ms
70ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4bf2b5a79229c%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3424d9fdc46c022d62363d0f8ccf21f5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ed1e4fa8e4044bb9fedef29c3e3562b1377a24279f6c6178ab1d23415f59976

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: WPYaZD8H/V9vQF6Y6oyjvK831BoTcIl//4sKYd9Ya1AiifnKDzuYoQ98iC3LOrGN2CyC7Q1IrdQS4p+8zRbcHA==
date: Fri, 28 Jan 2022 23:02:44 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3

200

feedback.php Show response
www.facebook.com/plugins/ Frame C40F
Redirect Chain

https://www.facebook.com/v12.0/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3...
https://www.facebook.com/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2...
https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2...

135 KB
31 KB

95ms
95ms

Document
text/html

2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3424d9fdc46c022d62363d0f8ccf21f5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a7b0706a49d49ab82dfbb92ef82417c84eede9b0ee82b2c1b2524c4b135f70b

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: lU9a3TVqwTdQxAvOYY42CkCM0OzDX4T14uxtZOCaiyQWGZDwrMn3cj6Eg7rs1Xp37JujF+nORVS0xfOsnIIOaQ==
date: Fri, 28 Jan 2022 23:02:44 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: KDJq/W8M0vWaYK7EFM3Hij4EaXgcg0eJLW+AWmKLxJACDojlVUz0DWkt6Q+p0Ir86+iECiwFEscg7SvjcTwZJQ==
content-length: 0
date: Fri, 28 Jan 2022 23:02:44 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

GET
H2 200 opphb Show response
pub.headerlift.com/ Frame D995 5 KB
2 KB 204ms
165ms Fetch
application/json 2606:4700:3035::ac43:bdfd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=https%3A%2F%2Ffriv2.racing&page_type=gd&page_width=900&aid=66f24a03669f4ead87178ef4a893a16d
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:bdfd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57460c68a82fb49a2fa332fb69a2d7a6783a4d3a88ce158e2aa3bbc3e4019523

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-methods: *
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t4kh%2BOgessIrbqvFFrX4dId0Q07%2F024n7J5x45Sxhd1P8VQ6ERDcgaNCTfeIAdYdrNQhz0dvXOkbEOlGx054SyFG01Q1s5hn8TLjnjA2Mh%2BkVjDwjU2ozuPNAPHDP32QXdxnuEIHHFTr17Arq0HDYzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6d4dd99f7cab9013-FRA
access-control-allow-headers: *

GET
H2 200 prebid-idhb-v6.6.min.js Show response
hb.improvedigital.com/pbw/prebid/ Frame D995 447 KB
137 KB 10ms
10ms Script
application/javascript 2600:9000:2250:5e00:4:cd76:8580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/prebid/prebid-idhb-v6.6.min.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/headerlift.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:5e00:4:cd76:8580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 57337e75ff82c6d41616336f54033125179e35f649a440b60ff3f62ac75d0660

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 24 Jan 2022 07:05:45 GMT
content-encoding: gzip
age: 403019
x-guploader-uploadid: ADPycdu0VTXIOGwrNHV3w_un8qLNHc6H2oqS2bULQaEjEwx8r4RBisnd20oCcpWHfe_2PbvkGXWdr9-EA2Bgx5KqpwA
x-cache: Hit from cloudfront
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 139105
last-modified: Thu, 06 Jan 2022 10:51:49 GMT
server: UploadServer
etag: "9a5d534f99369fa43370405257e64c20"
x-goog-hash: crc32c=xOTeFA==, md5=ml1TT5k2n6QzcEBSV+ZMIA==
content-language: en
via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
x-goog-generation: 1641466309983129
cache-control: public, max-age=604800,no-transform
x-goog-stored-content-length: 139105
x-amz-cf-pop: FRA60-P2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: c0Pl8Nh0iBiAihCW-Mp7sP6tdMyY4Z5oFkpA-RT5O6wHiXLun5Ox1w==
expires: Mon, 31 Jan 2022 07:05:45 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D995 376 KB
125 KB 131ms
44ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127061
x-xss-protection: 0
expires: Fri, 28 Jan 2022 23:02:44 GMT

GET
H2 200 66f24a03669f4ead87178ef4a893a16d-512x512.jpeg
img.gamedistribution.com/ Frame D995 67 KB
68 KB 67ms
9ms Image
image/jpeg 52.222.214.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/66f24a03669f4ead87178ef4a893a16d-512x512.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-125.fra56.r.cloudfront.net
Software: UploadServer /
Resource Hash: e31ac1a479f6d3f83a0861061e4d7490c0fed462fb3256a4137fa5bc24ae924a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 05:57:19 GMT
via: 1.1 bafea69ec4368ee11760779ffcfbd4fc.cloudfront.net (CloudFront)
age: 61525
x-guploader-uploadid: ADPycdv5MG0FYbL4Fq6jrpdhMCIgz4DzVm46iLLkHUwRC0Si1Mxz2RPHjzDywpAjiplsuQlezaR34dI5Jn5qtYLrwPc
x-cache: Hit from cloudfront
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 68728
last-modified: Mon, 22 Nov 2021 08:17:52 GMT
server: UploadServer
etag: "414628d34cb737d3d9a117c723cd3bb6"
x-goog-hash: crc32c=ziowFA==, md5=QUYo00y3N9PZoRfHI807tg==
x-goog-generation: 1637569072541598
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 68728
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
x-amz-cf-id: D1cBxEyM4ogJ5oyivpbW1NWZqXYwdxL-l0h5OLcGcIeaDTnzG3HVkQ==
expires: Fri, 28 Jan 2022 06:57:19 GMT

POST
H2 204 pageview Show response
tracker.gamedock.io/v1/events-tracker/track/gd/event/ Frame D995 0
172 B 115ms
73ms XHR
application/json 2600:1901:0:398::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.gamedock.io/v1/events-tracker/track/gd/event/pageview
Requested by: Host: cdn.gamedock.io
URL: https://cdn.gamedock.io/gamedock-web-tracker/4.4.0/script/gamedock-sdk.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:398:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://html5.gamedistribution.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://html5.gamedistribution.com
date: Fri, 28 Jan 2022 23:02:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cid: service-events-tracker-6b4dc854c5-k9rjh
vary: Origin
content-type: application/json

POST
H2 204 5b12e76d-3134-40e1-b8c8-bd17fce189c7
tracker-v4.gamedock.io/v1/events-tracker/track/product/Game%20Distribution/user_id/ Frame D995 0
0 62ms
22ms Fetch
application/json 34.120.152.60
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker-v4.gamedock.io/v1/events-tracker/track/product/Game%20Distribution/user_id/5b12e76d-3134-40e1-b8c8-bd17fce189c7
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.152.60 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 60.152.120.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://html5.gamedistribution.com
date: Fri, 28 Jan 2022 23:02:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-cid: service-events-tracker-6b4dc854c5-k27kb
vary: Origin
content-type: application/json

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 88ms
43ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=94557379&t=pageview&_s=1&dl=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&ul=en-us&de=UTF-8&dt=Squid%20Game%202%20-%20Play%20Online%20at%20Friv2.Racing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=788765340&gjid=72769630&cid=169143452.1643410964&tid=UA-97003001-1&_gid=1845921735.1643410964&_r=1&gtm=2ou1q0&z=1800401978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 v-lir_2B5l_.css
www.facebook.com/rsrc.php/v3/yQ/l/0,cross/ Frame E727 16 KB
4 KB 8ms
8ms Stylesheet
text/css 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yQ/l/0,cross/v-lir_2B5l_.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4bf2b5a79229c%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9fd167ac9b9a8be810ff24aaf55e663171b8e3d170c6fdde92f316391b704123

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v12.0/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df4bf2b5a79229c%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 16:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: bMBVW4Bu0/97kxmVpq7iNQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
content-length: 4262
x-fb-rlafr: 0
x-fb-debug: zOVrqYpfv4/GQlpkvKYv2HorHxC29WjGL6BfOFNKIgLPRTU+/aUlpiAnwyryZwaDGGf9Ljh+SLOXFpfQSVfUcg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Jan 2023 16:15:56 GMT

GET
H2 200 ca-pub-7652110621730409 Show response
fundingchoicesmessages.google.com/i/ 89 KB
31 KB 155ms
68ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7652110621730409?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=friv2.racing&bust=31064587

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c1fa411c9a191949cdc61ad10dacd0fd3425518e0602eb10e142e161618bd06f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PeSS1Rg6uXg3iGW2jj785w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-PeSS1Rg6uXg3iGW2jj785w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-PeSS1Rg6uXg3iGW2jj785w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-PeSS1Rg6uXg3iGW2jj785w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 79ms
37ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97003001-1&cid=169143452.1643410964&jid=788765340&gjid=72769630&_gid=1845921735.1643410964&_u=YEBAAUAAAAAAAC~&z=911148602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 Jan 2022 23:02:44 GMT
content-type: text/plain
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ZcEEO3vVIk7.css
static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ Frame C40F 778 B
597 B 17ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yW/l/0,cross/ZcEEO3vVIk7.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df248a8141d60948%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff3ce1d63a0fa6%26relation%3Dparent.parent&container_width=912&height=100&href=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&locale=en_US&numposts=5&sdk=joey&version=v12.0&width=912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: frqfMJ6oaa+P17vesUCn7g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 404
x-fb-rlafr: 0
x-fb-debug: 2/9MRMGd6A5aLwOBUvxsaLThiEGNR1v1GBJJSGTUKYyposTCG9wgh/j0ZV33IJSZds7WQ2LWMJJCLjGe92J3Jg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 27 Jan 2023 17:09:30 GMT

GET
H2 200 0LIv7hPw_zV.css
static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/ Frame C40F 125 KB
20 KB 17ms
8ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/0LIv7hPw_zV.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dc677c71054c359e674cba23f96a8fecf60d9d2e8fcffce690d0619037a2b897

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: HWfnfI9OobhtSsDB9AWriw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20403
x-fb-rlafr: 0
x-fb-debug: Bdq2SX7j5gi1EaZMCILZgbc4RIE/PD9R502COTpX1BGk92OcGkS7kEeCVzr7jwAkIBzQ2u/qxWwDwjNHB3g/OQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 27 Jan 2023 20:43:01 GMT

GET
H2 200 KN1FoJz1PpP.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yq/r/ Frame C40F 307 KB
83 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yq/r/KN1FoJz1PpP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e7bfece69986376cbc9f073834ae0e1a39e4d3366f46dd84ae6b273be1ad90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: JWyxSI62qWdvqh9LW3cjrw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84316
x-fb-rlafr: 0
x-fb-debug: dVOB9KrliiE1nztFMEVa5Nn6uUxBWxJyibT27fb4cPypPICreftrav9UlnFyot+cpE+RyshwZEHeXUmaEzuaog==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 26 Jan 2023 21:13:32 GMT

GET
H2 200 InPlH9RGJvF.js Show response
static.xx.fbcdn.net/rsrc.php/v3i7M54/yq/l/en_US/ Frame C40F 157 KB
44 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i7M54/yq/l/en_US/InPlH9RGJvF.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

94ab44c6182106339898ebde9cfb9cbdd4ebc82ca2383d45f03245366b9e5ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zQEnHrPiw6npMjVvc/u/Mg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 44851
x-fb-rlafr: 0
x-fb-debug: blHjKXTaTeomPECQbcygXpfJrdRkUgTH8ppPKfM1sHZL+Z4XquyNXdHX6znMq0BsbOUpml8yiAt9L7nQGHQWAQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Fri, 27 Jan 2023 09:11:32 GMT

GET
H2 200 Dn-gGTen_7I.js Show response
static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yl/l/en_US/ Frame C40F 1 MB
333 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iE6Z4/yl/l/en_US/Dn-gGTen_7I.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

195864cb4d00f382085bbfa50c450ad81789cb24794b2155045be994b1ca4976

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: mPbNaFNDLV8k+IPCvIbtTg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 340603
x-fb-rlafr: 0
x-fb-debug: G/H5e6yFKpg3Fa9QqbMDpJzAaXfUrBoHPE4faJVkmiT6kTjfh8cTKkL0DLHPbNAvktxn5FVqn9W/rX9M+di7YQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 28 Jan 2023 01:26:20 GMT

GET
H2 200 RICrecDQjt5.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame C40F 26 KB
8 KB 62ms
54ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/RICrecDQjt5.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2442d64a8a90cf982824a1dca7e8a1fb1d343ee500285b4e7a29c0dc560a486b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Bn3zKyb+/fDiXbzfDYRQZA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 8491
x-fb-rlafr: 0
x-fb-debug: YiQjNqq7CphwBmqfeTq1KwD+FXhi5Xw3/RgwqIpfo0rVexDC1D1rIDsxVGyMP1XhbdDafgP2kxKISWpmZ0uuMQ==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 24 Jan 2023 00:10:51 GMT

GET
H2 200 0mXUH8sNNO_.js Show response
static.xx.fbcdn.net/rsrc.php/v3iPwL4/yZ/l/en_US/ Frame C40F 39 KB
12 KB 17ms
9ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iPwL4/yZ/l/en_US/0mXUH8sNNO_.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

72eef537f638851940d55e9c6a218c69a7bdf1f943d8ce6bd718bb5f2cbcbaa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: N4gpevGWuFeuZYNEfOLpHQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 11754
x-fb-rlafr: 0
x-fb-debug: MfrvDIOxCnqvvhMQrCbrAP0jE0uiCI4ZHjfhxh9qML2wriO3gCcxkE684pF5EGcXbRF2mry/nSo92x+A+dNclg==
x-fb-trip-id: 917726464
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Thu, 26 Jan 2023 15:45:18 GMT

GET
H3 200 bridge3.496.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6D78 601 KB
195 KB 85ms
39ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.496.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 199641
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 22:02:05 GMT
expires: Sat, 28 Jan 2023 22:02:05 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Jan 2022 19:11:17 GMT
content-type: text/html
age: 3639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D995 44 KB
17 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 28 Jan 2022 23:02:44 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 62F4 37 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamedistribution.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:56:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:56:34 GMT

GET
H3 200 VY7VtWIM9fW.png
static.xx.fbcdn.net/rsrc.php/v3/yF/r/ Frame C40F 251 KB
251 KB 17ms
7ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/r/VY7VtWIM9fW.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/0LIv7hPw_zV.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yL/l/0,cross/0LIv7hPw_zV.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
x-content-type-options: nosniff
content-md5: VO922XrIvf6dPbMlbETwCQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 257139
x-fb-rlafr: 0
x-fb-debug: NStnZoS+E2l2tAqe/HRiVguVm6q59Ky4tPSGWojxD1+2Tx/U4lbDe4aLep81Xxxr7/gPj+gN9iq18rLYlXSX1w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 17 Jan 2023 18:04:47 GMT

POST
H3 204 AGSKWxUoFxZBcqTI9m-9-HSQx9rUqocs53nmnzQr0ZiF5HxffCdr-3KGMhcZetnUv-6spvPd7sNlTroGuyI_UYqVGf4= Show response
fundingchoicesmessages.google.com/el/ 0
26 B 99ms
51ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUoFxZBcqTI9m-9-HSQx9rUqocs53nmnzQr0ZiF5HxffCdr-3KGMhcZetnUv-6spvPd7sNlTroGuyI_UYqVGf4=?pvid=9772503E-406D-43CF-AC7A-8DB5E7B54922&anonid=E9664FBC-6F2D-4F66-ACE0-163E54FFD2C4

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.LafblIpCQPU.es5.O/d=1/rs=AJlcJMxRtt97qCr8umF-oBux_5T1hJPIvA/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J473oej+Zp9Ly3Vk3BmWdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-J473oej+Zp9Ly3Vk3BmWdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-J473oej+Zp9Ly3Vk3BmWdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-J473oej+Zp9Ly3Vk3BmWdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxU4t-Oh3PGoQXkNY1VoDnnzDQYk8j8BcA_Pscyms4IIK_ww-HnjwP1iA7Yq4p3TFbWdgznuirzp55zoH0MSjWY= Show response
fundingchoicesmessages.google.com/f/ 42 KB
16 KB 109ms
63ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU4t-Oh3PGoQXkNY1VoDnnzDQYk8j8BcA_Pscyms4IIK_ww-HnjwP1iA7Yq4p3TFbWdgznuirzp55zoH0MSjWY=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNDEwOTY0LDc2NjAwMDAwMF0sIjk3NzI1MDNFLTQwNkQtNDNDRi1BQzdBLThEQjVFN0I1NDkyMiIsIkU5NjY0RkJDLTZGMkQtNEY2Ni1BQ0UwLTE2M0U1NEZGRDJDNCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLHRydWUsdHJ1ZV0sImh0dHBzOi8vZnJpdjIucmFjaW5nL3NxdWlkLWdhbWUtMi5odG1sIixudWxsLFtdXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f784b3ed208878900b4b3c69b3a48fe1426357c31d97985526e23adbcf4801a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IhfjWwHqLDfWWqZlQAqZXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IhfjWwHqLDfWWqZlQAqZXA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-IhfjWwHqLDfWWqZlQAqZXA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IhfjWwHqLDfWWqZlQAqZXA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
644 B 158ms
45ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=friv2.racing&callback=_gfp_s_&client=ca-pub-7652110621730409

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

4e01b379c7596a26049a6d8a32500fdaa3e988baed83cabab6dc8369de7e3027

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 135ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 133ms
45ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4510 67 KB
27 KB 490ms
443ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=1506460680&pi=t.ma~as.1329740506&w=970&lmt=1643410964&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=3&bdt=592&idt=195&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&correlator=5276077380681&frm=20&pv=2&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ksK1BT8Mom&p=https%3A//friv2.racing&dtd=530

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

493ee3a7f1213fdff1153c2f56d3b6d0ffc403b18771272ddd1cb383a036cf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 27257
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B620 48 KB
23 KB 582ms
538ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c56d80842427c23856403696ddb2f8af818d07a3a72d69a4e165a6b98bf168ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 23549
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F541 67 KB
27 KB 619ms
577ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98587d0cb6b42b0a909857f87300aac967920dceeec2fcedf04ec84187ba0d37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 27344
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5975 199 KB
58 KB 737ms
696ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1643410964&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=239&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=537

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eef6d2b2e0e49011a64d4a2a6b9a91e8052eea7f80d0d93f01c9ab3787f879a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 59311
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 99ms
53ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4678a41b69db7bb7b59b0d34520aa05a5de03753ade7cea0e3d1c7f43cf53793

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9020
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 142ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:02:45 GMT

POST
H3 204 AGSKWxXwZbQ_auYtNZASQKOjH6h9yDSSmWREz7gp5erPTuXh1PnR_0rr9SPPqx9cr-jJ5wISjh-ANfGjrIOtKzuaBSPMRTfkcE6KJxJ1ro-X3eY6RjJjjR-C9aOQR0LFwVWCSeCvRCoyrGpC6d5h_UJxNKGv_01QHfbc1Xc43VuMU0QYmcU8pIAMlOuu3uVr Show response
fundingchoicesmessages.google.com/el/ 0
25 B 53ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXwZbQ_auYtNZASQKOjH6h9yDSSmWREz7gp5erPTuXh1PnR_0rr9SPPqx9cr-jJ5wISjh-ANfGjrIOtKzuaBSPMRTfkcE6KJxJ1ro-X3eY6RjJjjR-C9aOQR0LFwVWCSeCvRCoyrGpC6d5h_UJxNKGv_01QHfbc1Xc43VuMU0QYmcU8pIAMlOuu3uVr

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.U5i-7wRlUpw.es5.O/d=1/rs=AJlcJMzgK0GEEODDR_a7BQEQLv7fnF5k2w/m=iabccpawebsignalscript

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BaefkBwnyPZDLjFwFOnzdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-BaefkBwnyPZDLjFwFOnzdw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:44 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-BaefkBwnyPZDLjFwFOnzdw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-BaefkBwnyPZDLjFwFOnzdw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxWBf3lv4Boha92ikDYNUpU8aFtyPUtwwHBAn8Reu6HSlJEo5t4z7V9i8fVlk19fxEYJ1gqhmLd9VZFmWeqB9tQrMmaY8TX_7WqFJGJYdxsz50yloZ7pnU0HyOH4GboHSaLMwUJVwTCqaC9ASgy1jcOHiAxgGY2iWgyxyqCuWfUcKbRZrS42mTP4GglT Show response
fundingchoicesmessages.google.com/f/ 61 KB
23 KB 104ms
103ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWBf3lv4Boha92ikDYNUpU8aFtyPUtwwHBAn8Reu6HSlJEo5t4z7V9i8fVlk19fxEYJ1gqhmLd9VZFmWeqB9tQrMmaY8TX_7WqFJGJYdxsz50yloZ7pnU0HyOH4GboHSaLMwUJVwTCqaC9ASgy1jcOHiAxgGY2iWgyxyqCuWfUcKbRZrS42mTP4GglT?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNDEwOTY0LDkwMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxLDFdLCJodHRwczovL2ZyaXYyLnJhY2luZy9zcXVpZC1nYW1lLTIuaHRtbCIsbnVsbCxbXV0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6a44700deda014a7cb0c26e686dc274315c34aec3fd9bb853ef303399093630f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RwpKK4gtmxdN+z54ZHL/fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-RwpKK4gtmxdN+z54ZHL/fA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-RwpKK4gtmxdN+z54ZHL/fA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-RwpKK4gtmxdN+z54ZHL/fA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1700 13 KB
5 KB 88ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 22:19:45 GMT
expires: Sat, 28 Jan 2023 22:19:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2580
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1F50 783 B
1 KB 137ms
49ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d0e4a2771e3f0e5b7893919ac60e8d9cbfd8a71880f1878162c7af60e200c3f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-P4DhqF7iqLkeGqIBRgWwDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 28 Jan 2022 23:02:45 GMT
date: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-P4DhqF7iqLkeGqIBRgWwDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 1700 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 18:44:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1F50 0
0 89ms
89ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=2437015870284772&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1700 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?11tO7w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 3993534455961139819
tpc.googlesyndication.com/daca_images/simgad/ Frame 4510 39 KB
39 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/3993534455961139819

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=1506460680&pi=t.ma~as.1329740506&w=970&lmt=1643410964&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=3&bdt=592&idt=195&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&correlator=5276077380681&frm=20&pv=2&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ksK1BT8Mom&p=https%3A//friv2.racing&dtd=530

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f05ea546087eaf82a5c33966396e0923c1a7cf3477dcfa336a2f3f6e397bf84d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 12:06:05 GMT
x-content-type-options: nosniff
age: 125800
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39494
x-xss-protection: 0
last-modified: Thu, 09 Dec 2021 08:33:34 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Jan 2023 12:06:05 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 4510 18 KB
7 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:55:23 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4510 2 KB
1 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:59:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4510 123 KB
38 KB 143ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4510 14 KB
6 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:58:33 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 4510 27 KB
11 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11341
x-xss-protection: 0
server: cafe
etag: 617338487876024589
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 15:59:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4510 0
0 95ms
95ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdHkYFHb0YeH9M7-i7_UPyouB8A3VpZD2Z-7as5D8DrHR_d8FEAEg56WhBWCV4pCCoAegAcGuk7kByAECqAMByAPJBKoE0wFP0JVlMBWjOkimj9CLhIUtImZKo0ZmQ1miAMt3WwQa-bLeFbkiwu3P819S16_JvyJyzIGe-JlFzfx5tLXrY2CHFboSX2WeX622H0y_hhR86KTZt_PHDUxpY8dVPlquXhcRpMDbpg_xrmHEXJRsJeG3PesbuolnZ80d6kir4L-uxMaXwcYV0opZkDGuSwbR9MIin_JmYgPLcyLTyco9JSdlyqS2NOqh_cNHxhBv00X2h-KBkK1z2o5u_OXzqQvqyFdgqtV_J_ocIzHZF9JGCjU2IbYWwAT-s6Wq7AOSBQQIBBgBkgUECAUYBKAGAoAHp9HsxgKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCbjg7SCAkIgOGAEBABGB-ACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzY1MjExMDYyMTczMDQwORgA&sigh=yZVyN5Pwv_Q&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=1506460680&pi=t.ma~as.1329740506&w=970&lmt=1643410964&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=3&bdt=592&idt=195&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&correlator=5276077380681&frm=20&pv=2&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ksK1BT8Mom&p=https%3A//friv2.racing&dtd=530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 28 Jan 2022 23:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=2437015870284772&bg=!h4SlhMDNAAY6OBv_Ojg7ACkAdvg8Wlrg_83wN2iTCb5KyVenlXnSXThCIl4LJRPgi5LIfoNFwIEmLAIAAABxUgAAAAJoAQcKAHb15LrloqadQBaBg4BLlw_OmL8GL_uNHu90oBHKqvbBjE5XMN11ftfrv5xGqheoHXPICPPh09gimIrHotFE7WJ6fHx3kCrfuGQhQOBb6ub1HTFXcrPVgTTJfq-sspgsCZAB1LSJAgnN5_PXWKQFc8RoL4oRfX1smQLAdlAODLNhNZK1TYMnF1_9QpHXrzjAkMa0sIed8KG4VzSSBTRXrX1baBfKoMwjhjoOtuq6ojO9746019a49MHv4BFB_c_lprWzm69RnlM9guz4gFxMEtomCUaw-j445vtgBkDR_f-JNAaL8qSWAf3e8JVLAOY7Di551gxHAjhqiSySdd1c_8z2SxBDlOL-VM6xR2sD899r6jbC-dfqYS-b0pkmzTXv8sPIkixpMUdmCO7fIO0GRjin0oBf-8sPekKDjuCXyrc6gS0hvQgCZ0aey5qnLfSJHSZtKLyjVmSby7ZsgzO2J3Tdq2vUMiCVGycYFUc9j5aVvxGBgEaOTckl-1ERr81uf_Fs00-riy4lvURj-LZCQfLt8rdoz7OldwMA518suQQAyDHoNHgCgg9RKodPmRefmGBuwvqwhg_KBiKV2iyr_oT4VpaAW4noHOdCPqt13WBYmKDy2nBegnuutFrqvb9TTtzttg25OO80RGotNNlbKhA6ZL9j9rjDmNwInw06oRT-_fPl8xBIonoMQGFNSL6v0vPnWqwTOdZ-2i5gaXizSqgnri3eutKNPNhiNAWTUYw0guLjFeWI1huRAnbQWorysJ_K5dF_JlRo-oNUYePb99w12Uql719zR0LnYBusywvlo9YEmGEt7A0SP6r9VUki-AE7IJREOVCAxjWi-M63NjwyHUt8bgL_QO8OeJO_8QrpxyEbRlVU2UCIkjMhUWMskOSVmKy8NJw9IpWhYyihw_V6TmyQawnMVhIGpca1zLWjiwlHb3yrhWMebrVwnrAmMpwv2FpmYQ5wJeEzZQ0I7VoyoxY_xr3UVi7fNsWlFi-e-SQ-WnyL_B-MmWbE1kzWTfSi4R6w6sQZghL33MnNcC_r6b2p7TMD7X-UU8LjKMm56HY91_344GnOyzld7vQ5KlGQ6jZhhp6ZHOw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 202A 143 B
163 B 47ms
45ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=1506460680&pi=t.ma~as.1329740506&w=970&lmt=1643410964&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=3&bdt=592&idt=195&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&correlator=5276077380681&frm=20&pv=2&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ksK1BT8Mom&p=https%3A//friv2.racing&dtd=530

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 28 Jan 2022 22:03:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 9DEC 247 B
961 B 144ms
44ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

f6d47ae7cc192e9f3b47d32f0e4a32e3034f944d29bbe5633e243bb32b6f4913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-DAqLEEQ5VQLLU8kssxPs-Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 203
date: Fri, 28 Jan 2022 23:02:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 18156852081126330790
s0.2mdn.net/simgad/ Frame B620 13 KB
13 KB 87ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18156852081126330790

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e374adda52950799fd53164eb030ecd429af493757f48b67ed8cd38cf29dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 08:18:10 GMT
x-content-type-options: nosniff
age: 225875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13415
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:56:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Jan 2023 08:18:10 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B620 31 KB
13 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12848
x-xss-protection: 0
server: cafe
etag: 11198992762603823889
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:38:34 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B620 2 KB
1 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:59:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B620 123 KB
37 KB 133ms
102ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame B620 14 KB
6 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:58:33 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame B620 18 KB
7 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:55:23 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B620 0
0 179ms
79ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuYlCMFKk-Vh84-KrgdLG3lUJMN_wBItehZK91EnvMTy_Snh0zwf0nD2aaYzfh_D0Vt9YH-twfIx7R9j_Lj_0eO5D3rjFvY42nd237KCwKAROrtjbjKqBkRBfRqlN2U_PGu4C0KYiFhUVZDKkMV9j_9vgXqOM3Nq5mELyw_fX5pqDmhFLCEvSPD8_qsK9zb5z2D7OL3D2po5aS6CC-WP1p3qGor5KUbu0LqjaX0_hA0PvRBwOhjm_sm4hz2618DE5aUsL75pHgB73eZyI49J2_kwVvX5C05646A5PTlYROku1cMskfGkeYOzHdpTv2VHOM3Sn637zW27I8KCF3MQ2-WxJUSidh8aX6rxfG7D-B1puRX1sjMLU0-0hitxWuCGkFEgJpK55V4zH9cHifjK7TBYy9CL-bgtl0t8gBBj0krS9yitntxiWI33lXsrZ_7HL66pTTGbRHBh3yAYAdyqKn97VfI7DlWTk3Xjcrryc-SGJxl3PzTYp19Mukedj1AEnQPQZsFnUt9gSY4D6AfvSpTcGNWYeAs7gi4jLsvxozckhriK16RAEGg-kzZNFT2pyAlPoKIo9shJzVhaQUiwzGbDhhzMWYxcw7P626F3KD8iDgWe2jSAoYqBKoW08qjWEPE5TacJDevUbvx4eQmCSRap-Au2DYZsIzY8S8CWPkWyMph__7iDzJ4zDnyA20l748M0TpySZ_BObsu1FBxtF4n1mLqUpSCGP1StkWjSeialqcPY1HyDJjuM-6IGynh7nCgUwXTiG-2xwosfqaO4GAYTA-tYhVuF2yLRK0rFY0NMakEWSNCCpQQs53oeG2rd3rMpwjqnbc5JtUasg9NPw5MCwPk8jj0uk-SKzQVq-lMIvh4m-uzAFh23mPm5jpouJeCHUyn48jdiC874IaZnfgy1FPSl_Y1CdurDZQrkycVPWOPf9UBD12aFwCr2xf0YUyCKHTa1-CyQKCn&sai=AMfl-YRWbB4_jADyj-KzGid1VI6bYnAi7Mrea31uiWVuTm0GUnvoVBm2VRF13w&sig=Cg0ArKJSzKT_P7BS8OhrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 28 Jan 2022 23:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B620 41 KB
15 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=3068986729&pi=t.ma~as.7236673302&w=728&lmt=1643410964&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=225&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=262&ady=1127&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QFHlQiTy7F&p=https%3A//friv2.racing&dtd=534

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 14:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Jan 2023 14:07:25 GMT

GET
H3 200 5874073067233459613
tpc.googlesyndication.com/daca_images/simgad/ Frame F541 78 KB
78 KB 42ms
41ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5874073067233459613

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fd0656a36ea19af3c197bac1479129be9d4bc330581b708b880d1cd9c3adac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 05:14:01 GMT
x-content-type-options: nosniff
age: 150524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79758
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 06:53:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Jan 2023 05:14:01 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame F541 18 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:55:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F541 0
0 81ms
79ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVsUTFHb0YY_1M92Q7_UPhMSCMImdhfhlo7-Chd8O7_mt6JUOEAEg56WhBWCV4pCCoAegAdHVt5MoyAECqAMByAPJBKoEzwFP0A2g9lTfGYb0aRtWqDNifLySB3CAhoy-hAztnvEDv6fnQyVUV9CIC9t3v0MNLE5xZ7omoll42ygUhQoOKyICZyVAy2mmHTZR55xneGTz4dYwYGUC-8W4GghBTF9BkfaZqFhi8ngAyC5IYWivYByGT7dytTrbvghjAmBIGQv5jOmF_Ein4Zl_vi9PV-pnC2_-HyVyTopLorIzE3tuGqNr7f-o5RCwfXd8nlMg6r3ydXULCnfKnDYdb1tLuhrlBhIRQ-y2UjLzHWOy-qa_hq_ABMn02tvoA5IFBAgEGAGSBQQIBRgEoAYCgAfRjYjzAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMGTMtIICQiA4YAQEAEYH4AKAcgLAdgTAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NjUyMTEwNjIxNzMwNDA5GAA&sigh=2ae-x24Ml80&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 28 Jan 2022 23:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F541 2 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:59:12 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F541 123 KB
37 KB 123ms
122ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F541 14 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:58:33 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame F541 27 KB
11 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:59:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25366
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11341
x-xss-protection: 0
server: cafe
etag: 617338487876024589
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 15:59:59 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 202A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

104ms
104ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4654 22 KB
8 KB 39ms
39ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 14:49:50 GMT
expires: Sat, 28 Jan 2023 14:49:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 29575
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 999A 143 B
163 B 41ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 28 Jan 2022 22:03:02 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3583
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 redir.html Show response
p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E363 247 B
961 B 148ms
48ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

988b1ef6abf3c216482aabff8024d52388c90d8a61848e4b24214fe728868f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-vFIcooFirqDDcCmHQ5K3EQ' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 203
date: Fri, 28 Jan 2022 23:02:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 4654 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 18:44:38 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 999A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

121ms
121ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 Jan 2022 23:02:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 Jan 2022 23:02:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 4510 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f35ed594666f6a6593e9a9bf635a5870096ffc5a3fc4cf1f7e00320ee4690b48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B620 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82309ac55033ce96c50fbc67abaeafa09c94789ae0f064a907e4c40417306a5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F541 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 03e2ac5b0177e4bb02be3c722db598a88a114710a04b39c5c6607711ee61ba62

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 iframe.html Show response
p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 9DEC 4 KB
2 KB 113ms
44ms Document
text/html 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

2ad761d9ea92109807b9d98c34f7aa0aba882125488cfe62a68ebfb7000dcaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-vsZaqVs15gsx55tpiWiW-g' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1861
date: Fri, 28 Jan 2022 23:02:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 iframe.html Show response
p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame E363 4 KB
2 KB 96ms
47ms Document
text/html 216.58.212.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f3.1e100.net

Software

sffe /

Resource Hash

50bdf7921b31d4c0940d0f8cbc3e57efbafd61e79e9d56b5731233b2b0811ff8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-security-policy-report-only: script-src 'nonce-VCArbH6nxnluCh8bZiXDow' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1861
date: Fri, 28 Jan 2022 23:02:45 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options: nosniff
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/ 150 KB
54 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201260401/reactive_library_fy2019.js?bust=31064587

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cba6f9d9f0662efd4e460250bc5293950da78a309ed9a6c80659ade743f6e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54757
x-xss-protection: 0
server: cafe
etag: 14223464605515330893
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame EABD 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 18:44:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 96ms
49ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 6EAD 10 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Fri, 28 Jan 2022 16:10:35 GMT
expires: Fri, 11 Feb 2022 16:10:35 GMT
cache-control: public, max-age=1209600
age: 24730
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/ Frame 6CE0 10 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Fri, 28 Jan 2022 16:10:35 GMT
expires: Fri, 11 Feb 2022 16:10:35 GMT
cache-control: public, max-age=1209600
age: 24730
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4654 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5RUGFHb0YbPjM_if7_UP2aWI8AkAAAAAOAHgBAI&bg=!kZKlktbNAAY6OBv_Ojg7ACkAdvg8WsUhoErjO0HqVEkOjzQQecC-rV2AQZ_3Ishrs-3ZeEDNfEmOMwIAAACNUgAAAAJoAQeZAvKpwsrGciOT5ifCU5AEqM1cs2_DpB3BIcdNcNBTwjjNkWVVNjtODWYQNyxm4w1ezy3SSOQi5Q2BgYa1rHJn1OFKPc82gJaeT_j9q-nvbIG4Pn3uy4DlpqKg4dPWHGvECKzhDYRfp2cqQVffb-q4kdIK0Pkk_D3yEmV4RSWDk61RtHgaQUmLgZbi5Yfz3I7JvNo8QIEjnWs7HoI1sK05KAjvtXOyipXj7NTtDswKig38cWD9t8pcuMG5MNO4rlRBVBeJCmpLnpI5rJVM7z-Kcp0kmYgy1bEo17ltFdlTttc_BIyuuNyjUXmn-chIH7VwwZfTGqrSdTKIokvNhre33sJ_crV1yT1x30mlvswUNWrN8Gy89E5XesybDAtWSSCSByOHTC-rTK8MTwDFmwgY6SV0JUUkyjz4Af8y9Bhrx-q8fcXiz01ukf7djEl6lbIVI1CbixjtnhIR71oAc1-GDS7EAFobpJeX8mT4ueCBqP9JjtsQcxxzxLdP66Dw_rFh3OXmU_Q4LapoTnt-bz3ZGRNboqO_-SLyoZRf3QZqJ0pPYbjaXXOOP6NfGKoQSo6HuhnHYyV_GfKaf-ICt29sfTdyn9hdOvdE1VHP1LU0maQqMnfCpIHWhMwFQW5GecOIs7YRRA_aOafZC0sg2LF5uRQfP4ESxZZNswcEQnnNCyF2nhwdPBSE_52qpGjR-GHuz1deE88P2sSdogbbsilcnNuqwhW7Zq8ahetXM-tD2rXyoNgMuucYIrvCHXl-0V8YeCBIAIi8jlSqMR9ek2d5I2pu4UO6-1uqihwt7P3Fb_-bwqxVUvTItp3bM_UXAWbU_BzEqiP63l2bj_WcOE11mFK5hUFGVNmb_tYO8QXxX70W-uGxVXoioBxmcPQfO-XKy_amNpuekcTZRh1SP2EkiSWhMBbD8Xpq5oHBbAGl3wGSEtY5eo87hDqCfdEJkRRR1q5Osu0uTRRN4amhwGroaahKELMAr-m-ApNQfiLC39wSrPpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E50 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=3113234982&pi=t.ma~as.4283206909&w=300&lmt=1643410964&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-2.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643410964248&bpp=1&bdt=593&idt=237&shv=r20220126&mjsv=m202201260401&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=5276077380681&frm=20&pv=1&ga_vid=169143452.1643410964&ga_sid=1643410965&ga_hid=94557379&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064587%2C31063221&oid=2&pvsid=2437015870284772&pem=234&tmod=1318433299&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=PQw5jqEXZs&p=https%3A//friv2.racing&dtd=535

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 18:44:38 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6EAD 4 KB
1 KB 136ms
50ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 22:19:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 23:02:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 23:02:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6EAD 205 B
743 B 124ms
39ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 15:41:06 GMT
x-content-type-options: nosniff
age: 26500
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Jan 2023 15:41:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 6EAD 604 B
695 B 124ms
39ms Image
image/png 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 12:57:50 GMT
x-content-type-options: nosniff
age: 36296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 28 Jan 2023 12:57:50 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 6EAD 18 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:55:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7952
x-xss-protection: 0
server: cafe
etag: 4804491876264876803
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:55:08 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6CE0 0
0 125ms
80ms Fetch
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRxEF0pcO3PhAIo6mAUA9HuMOjMD7DlHdc27U9Q7wUuTqOGF5su-Nemf1PgCAtEP_AyAuLOTEN4g3wMHwRJsbq9LFAxSUQr36-NA8FXB_kvrO3-gBimpjxb3-ob_8ZPivWXYAXdNrVZBZ196zhfTjTJS8YoOAK2Jcqry1yKxg4tRnfxoNPc__Vltbqx9ftjeOXjCbF8dIjBsPE_pzv8sF1ryNPkwFqUfAkjNz2m5GZK-0NqZEnjyYf5OjmDiLl77hfmWLqH86_e1olWcB9yDYPPXY5ZYJji8XxBO7mBuO8Ee1oXSCcaod9O8pGEFF_GNSLe0bPnlyU6K2wisgl7Mhowoo2ejgsXB03ZS4IXx3q9SZLvBRuKJg1rxrygu-hQdPRXd4dpKNAei61PF489lVjeagLIH4WvFh8XiRgGlc-dLmW2hf6sebsrIkLQhb3gQfW-45EPC8zOa8nAJV3YZu49vODMzdYAfeiFP_9Cz2udbbVjwe2Cz2a00F040lU-MCS6V3bAh7xAvE5i-CIhYeMmsQO2gKzdO0sL4QZ5YbJHwkD6O1Gtz36E1aS1lNsZktIVCKMtHs2aPA49S6WRMadbzLft1Hld6I7gVWaLuzeN8Hjw0ae0y0kuedIv07qXVo9TDvMTzbcY9kyPyIYJd385Tgkkny2CLKZb2osarfmyeCWxysubQ-lN9g7b6TlfSvEkREBAxG6C3k1ZZxsE6eiQ1Gk8sBXKgGZTD_EixI2uAojH-VfTedO630OW8wLXrrTEuI5_B8rV1-Df4pX5WAjAXrjyp5QwiXkb-co8SNRVxyY2610NEFqoW6vnHQ1gzdVydpPCNDvQDnmAOBys9ZUHRdc0u8s0ACsqDSTSj1C_zNtVD5H65oK3VAQwLMnuuKUCJH776KxYePcgCBvFLEVEmo70V6jlLb922ubJfaiiv_5hZl114U4ZXppstByg2OzN0_RYS47ebVbvtyD&sai=AMfl-YRBjfqCV1oGbKCP7BjHLl_530aCcy3_uarWCnEFyumv41unyWvNlU8dLQ&sig=Cg0ArKJSzCZWndUHE2RaEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 28 Jan 2022 23:02:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 18156852081126330790
s0.2mdn.net/simgad/ Frame 6CE0 13 KB
13 KB 40ms
40ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/18156852081126330790

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53e374adda52950799fd53164eb030ecd429af493757f48b67ed8cd38cf29dc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 08:18:10 GMT
x-content-type-options: nosniff
age: 225875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13415
x-xss-protection: 0
last-modified: Fri, 30 Jul 2021 17:56:54 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 Jan 2023 08:18:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6CE0 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 14:07:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Jan 2023 14:07:25 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6CE0 31 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1451
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12848
x-xss-protection: 0
server: cafe
etag: 11198992762603823889
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:38:34 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6CE0 2 KB
1 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:59:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6CE0 123 KB
37 KB 100ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:02:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 6CE0 14 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:58:33 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 6CE0 18 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 442
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:55:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame A988 22 KB
8 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 28 Jan 2022 14:49:50 GMT
expires: Sat, 28 Jan 2023 14:49:50 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 29576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame E861 8 KB
888 B 90ms
45ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 22:18:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 28 Jan 2022 23:02:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 Jan 2022 23:02:46 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame E861 1 KB
881 B 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:49:47 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame E861 18 KB
7 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:55:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 443
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:55:23 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame E861 2 KB
1 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:59:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E861 123 KB
37 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 28 Jan 2022 23:02:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame E861 14 KB
6 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 22:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 22:58:33 GMT

GET
H3 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame E861 27 KB
11 KB 88ms
39ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 108703
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
DATA 200
OK truncated
/ Frame 6CE0 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 649d64ad7220a60104afe611a95c818fadae921ecf0554757933cbfb4542210a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame A988 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 18:44:38 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame C346 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-2.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 18:44:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 28 Jan 2023 18:44:38 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A988 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj-v5FHb0YdXmM-zY7_UPz9auwAkAAAAAOAHgBAI&bg=!oqGloeXNAAY6OBv_Ojg7ACkAdvg8WrruNXbt7Os46yXrLMSMLvTcQvttn0xDr1RdPsn962wfy1UA9gIAAADGUgAAAAJoAQeZAwKp1-r2TensBm5Ge1W5iC9BtpF9rXY359KcPPVK7kpDEQxhm-4WGO7wGb_kB6leppRJGv8Tr5v7dB1YVRPQOAAiLMoS7YLjrzf5N36dIf6iSFKJbtubLLORVNFEh_9GeFo4YT6Jxmc1qhjlxCPA5EFzIYx39xVI0UHRV8vzyJbyWZx4DNn9ye3Zv-KSD81_0CX-lIPKMPvcoWVqM3ajsmrmr7OogPCbP0dxXbfl8-qKOU8k3QysjfXvx4qQ0tBtxN2rphlTZaVA2O4K3QjN_t9JeTlhBkr0vFAkkUUdg5QPUGFK2Zs-gTs3Md9iEHFDMyDya7sOOlUjdhoXmurlE4nE5NCOPffPpGSF4kHz2K3CqhN1vzJNwOL8X4KEv5FxO1OkOlRdEBDLvomxsuq2NCxxYgCQrPWESsZKRBU-6OuVRd1dbbDgJ48QTe11xApWWFEMSYHzMKAAbBEMgeXfIGAnGc65owwGJfMF-ziHnxiKqiYf3LDcHGLWNjPn7LRPsW6t-UlL_giL3ZmpHjA0NPrTWuRIAC40hB_mfGA_dAWh7g4-tgTsm8DQhlEb-3TFfr699UUy3ewuRzlvitZNG8chnOXrO2UGwkYYFgcBGS_0_Il-4WlnpXSSroNHuVW3c2RWFpyjydZLYTRNdNg1syfpCEH1xSRSMV3an7I6onaygIDzKcqC92EBHJu_IFuPeyDpMLNDCaHnOSHBMJCt-7xJL4afoI24GQnh1FyvPXQtqro_I4--AkFsW0FYTAMWhrezQlrvRSICFAhng0DDzgIvXjzrjP-ConzoFjLF_DV4H9rV5M441r15K-34nHkRXmNVnbIWTtdRxu4_BW2DznHiyttGbQ1JpX49CxRX0-D3TT_60a2pEAg0PAJgFx-4gl2yl2dKFane6vxgJZZ6_TkXV9TXR-enl39q4rjQBvqGbGRUWOEtCOuNp3NsNssLOCHQ8P1XS4qsAW9fzARkL_0MLaW__RxfL4a2U5MZdSpsskNak_ZWmTe6nDTueUWxYDWlfA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4510 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDTWtS9eeFHMK41fQpAcZ2gRN-adVpRWd-KB32FcCwW-jCzrVjoXY2Gq4taUa7-YQ45v1VN3M_kpzsHF3g6LL0BMmVBYJVvc3R7CQ513lOvIA1mSyWPA&sai=AMfl-YR9zXV29uyCnfHI4ApOIH8wm5MwOCpf6UtH_ptUw1t17mZsT4AenbgT-9_Ym9JqzZoe0lmZaB2xGzmE&sig=Cg0ArKJSzBCK5qZ-vYUPEAE&id=lidar2&mcvt=1000&p=0,0,90,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2990650949&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643410964780&rpt=767&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B620 42 B
64 B 75ms
74ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0zUJNsDzUXdqmmT3Xm04_q3Fftbix4U18fNNI5Y50WeAXdslgjKvXpnnUiQwfr0aRFk-NM8aqs6eIC3wmGd-UxW9SdcnMeNJbaRdNYIf_QGkifQ4C2zDa19rxf7E6jbGF4ivkhBRfnyGzYSf30cHjz4eoME90VaJiymRIHidyRA&sai=AMfl-YRtMoAQnJKzpw_-GfTUiq1U-CCCn92oL8edE8dalYmz-c7bieAo5O0x8CQggAI5NdbQx1gd1-5-m2he&sig=Cg0ArKJSzEw6ADSFxJlBEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.81&if=1&app=0&itpl=20&adk=2133039087&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643410964782&rpt=805&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F541 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsssxl3Nq2mlvGJCCiN-dbH8Jr3S862r5OYS10F9WlrijP71f5It4RzYbxruXPsmiLgo4mOQyPjD9vuxV7ikT6SxTWDM5cYJekGbojnB9_Tln8q3xo5fYw&sai=AMfl-YQtl5-US0I8JZ6k3CkBnsnvNrir-7Zput2kGq29_653LKms_OYk7zaZ5UrnOm-K5ZKLvaG4Qq1Uixy2&sig=Cg0ArKJSzDbOHGj009UYEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2305757582&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643410964784&rpt=824&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dynamicad Show response
fundingchoicesmessages.google.com/f/AGSKWxU5fTa6eZHpjvx6tDN0PvlCGjZ24H-BD7Gb-4iOwPqMMoM3uWt7K3pb132btdaMSlVrzUYCjsVdR9BrxnJfQgiz0qFphsqC2iX1EbD9lPxN6pEMod4LSNq6eKYYyqHsp_rGoPSI3Gcnr2jQ3md77lgXihXLW... 54 B
105 B 53ms
53ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU5fTa6eZHpjvx6tDN0PvlCGjZ24H-BD7Gb-4iOwPqMMoM3uWt7K3pb132btdaMSlVrzUYCjsVdR9BrxnJfQgiz0qFphsqC2iX1EbD9lPxN6pEMod4LSNq6eKYYyqHsp_rGoPSI3Gcnr2jQ3md77lgXihXLWgpBcDAPkxGgf1aWMisyRH3a1eovhpPsbxfE6LH_wzk9W7zORJ7_gM0j197vFxOlkXWWasIhkb1Wg0dib-I=/_.nl/ads//ads.js./ad_support./tickeradsget./dynamicad?

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a96cb1746c7d796e47fdd93da67606192f860f69286bb37f14e52ec5de78fba1

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DgOb3moXt+gMHRAykILvTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DgOb3moXt+gMHRAykILvTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-DgOb3moXt+gMHRAykILvTA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-DgOb3moXt+gMHRAykILvTA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
93 B 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 11:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 11:10:06 GMT

POST
H3 204 AGSKWxWZrokPyIwANuSw2668etaS-ATZM9n8Uv1bYrdAfWQjA_HW9liAzygaqqU8QR5z7DzyUV7VTOZ611S_JQa9n4akiYgiTKbC-zbljuqx8emy_MB_CF60buMbB_3DnvWQdjMFJHdkCK0GD51t_1nLZcfLduUAgBqJcWalTROn_26W4tcTs00ZFjnabWfo Show response
fundingchoicesmessages.google.com/el/ 0
26 B 53ms
53ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWZrokPyIwANuSw2668etaS-ATZM9n8Uv1bYrdAfWQjA_HW9liAzygaqqU8QR5z7DzyUV7VTOZ611S_JQa9n4akiYgiTKbC-zbljuqx8emy_MB_CF60buMbB_3DnvWQdjMFJHdkCK0GD51t_1nLZcfLduUAgBqJcWalTROn_26W4tcTs00ZFjnabWfo

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qquzl5ZIVnTc2xNVacWeeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qquzl5ZIVnTc2xNVacWeeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:46 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-qquzl5ZIVnTc2xNVacWeeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-qquzl5ZIVnTc2xNVacWeeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWZrokPyIwANuSw2668etaS-ATZM9n8Uv1bYrdAfWQjA_HW9liAzygaqqU8QR5z7DzyUV7VTOZ611S_JQa9n4akiYgiTKbC-zbljuqx8emy_MB_CF60buMbB_3DnvWQdjMFJHdkCK0GD51t_1nLZcfLduUAgBqJcWalTROn_26W4tcTs00ZFjnabWfo Show response
fundingchoicesmessages.google.com/el/ 0
26 B 52ms
52ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-dgATLLcoXxjC1ZW5MrRjMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dgATLLcoXxjC1ZW5MrRjMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:46 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-dgATLLcoXxjC1ZW5MrRjMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dgATLLcoXxjC1ZW5MrRjMg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWZrokPyIwANuSw2668etaS-ATZM9n8Uv1bYrdAfWQjA_HW9liAzygaqqU8QR5z7DzyUV7VTOZ611S_JQa9n4akiYgiTKbC-zbljuqx8emy_MB_CF60buMbB_3DnvWQdjMFJHdkCK0GD51t_1nLZcfLduUAgBqJcWalTROn_26W4tcTs00ZFjnabWfo Show response
fundingchoicesmessages.google.com/el/ 0
25 B 61ms
61ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L528VQDFeuJB7q2djdtNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-L528VQDFeuJB7q2djdtNTQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:46 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-L528VQDFeuJB7q2djdtNTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-L528VQDFeuJB7q2djdtNTQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXTe5LNUWhxXOpX18PNJZjwlhBx9tJkDucCuQGAT6S087hjkbyd9GMtppNqcCIXLEmgJA8Hon5IfGCu0Tf708WrWu-RjlbIxRRPXXhyDk6JC8Bo6oIT6OWodqon87nwr7W_7ld8v60Xqaoe_uf5X5SNOKka2bjomnOxQlyiYxDq2Q5jjw84UlgDe4Oc Show response
fundingchoicesmessages.google.com/f/ 38 KB
14 KB 62ms
62ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXTe5LNUWhxXOpX18PNJZjwlhBx9tJkDucCuQGAT6S087hjkbyd9GMtppNqcCIXLEmgJA8Hon5IfGCu0Tf708WrWu-RjlbIxRRPXXhyDk6JC8Bo6oIT6OWodqon87nwr7W_7ld8v60Xqaoe_uf5X5SNOKka2bjomnOxQlyiYxDq2Q5jjw84UlgDe4Oc?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjQzNDEwOTY2LDcwNzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLDEsMSxudWxsLG51bGwsMV0sImh0dHBzOi8vZnJpdjIucmFjaW5nL3NxdWlkLWdhbWUtMi5odG1sIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

99d5ffdd22509d8992d5a1f50d28b09afd4180be45bffcbfb49635ceaa16a55c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tRShG7owELGlbO1fw+bQ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tRShG7owELGlbO1fw+bQ3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-tRShG7owELGlbO1fw+bQ3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-tRShG7owELGlbO1fw+bQ3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWZrokPyIwANuSw2668etaS-ATZM9n8Uv1bYrdAfWQjA_HW9liAzygaqqU8QR5z7DzyUV7VTOZ611S_JQa9n4akiYgiTKbC-zbljuqx8emy_MB_CF60buMbB_3DnvWQdjMFJHdkCK0GD51t_1nLZcfLduUAgBqJcWalTROn_26W4tcTs00ZFjnabWfo Show response
fundingchoicesmessages.google.com/el/ 0
26 B 56ms
56ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.oMwJ36n4uxE.es5.O/d=1/rs=AJlcJMwvQaCuljtw9Ex7treoL0e3VQGuDg/m=detection

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CtrkcOl/ECstmpbqIvsIMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CtrkcOl/ECstmpbqIvsIMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:46 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-CtrkcOl/ECstmpbqIvsIMQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-CtrkcOl/ECstmpbqIvsIMQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxWSn8D14o9D7iz6M64Wb6wSjeGS3w0AGGiTYOj4twNTxk78_RUFxBumiNz0qoPxAAn2UVPdVYveEj30TVdRYGhIokXv-VGpD138-DDfvnoge0GvbeQVbeICXq8CGKTthv8QGPSCGfIHZ52lY_MieyN6-6LaNjtGQ2nexSEszTKP8oq5MwruIiX1lmzP Show response
fundingchoicesmessages.google.com/el/ 0
25 B 56ms
55ms XHR
text/html 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWSn8D14o9D7iz6M64Wb6wSjeGS3w0AGGiTYOj4twNTxk78_RUFxBumiNz0qoPxAAn2UVPdVYveEj30TVdRYGhIokXv-VGpD138-DDfvnoge0GvbeQVbeICXq8CGKTthv8QGPSCGfIHZ52lY_MieyN6-6LaNjtGQ2nexSEszTKP8oq5MwruIiX1lmzP

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.bSHIkdPkz40.es5.O/d=1/rs=AJlcJMwk2gtA0qlnSZ9u1A3zP91R6GbHNw/m=cookie_refresh

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TTrubtzXXf2wEgs0+BgmUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-TTrubtzXXf2wEgs0+BgmUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 Jan 2022 23:02:46 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-TTrubtzXXf2wEgs0+BgmUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-TTrubtzXXf2wEgs0+BgmUw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6CE0 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5CdKna2jOxvEl8LWu3f7iCgJbQIMyN-5z05enT_FvwfOoIOz240KpQTEwEDA_pZwrOQRRCaC1qzHnnlEyHnNqswyUdvJRujrD0UrReq_98RMjBOyYmMVz9zLEgOGXXgfSXaRYGFLF5ki6UgBc3hla6iwDb5mH_lkDdT0nBa-eSQ&sai=AMfl-YQ5PYEJn-NLdOwXRAY2efZNQM7HrI35xdFOBQl2iJou36Y8ehOz9_SYTg8VLNW0iprc6Tbq_HKM4lZt&sig=Cg0ArKJSzC1trPziCc_FEAE&id=lidar2&mcvt=1001&p=0,1,124.25,1006&mtos=0,767,1001,1122,1133&tos=0,767,234,121,11&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&app=0&itpl=20&adk=84980951&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643410965814&rpt=261&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jan 2022 23:02:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 09:15:39	Name: FTID Value: 1Xz7OK0su3uF1Xz7OK000Eqe
.friv2.racing/	1970-01-20 18:01:22	Name: _ga Value: GA1.2.169143452.1643410964
.friv2.racing/	1970-01-20 00:31:37	Name: _gid Value: GA1.2.1845921735.1643410964
.yadro.ru/	1970-01-20 09:15:39	Name: VID Value: 2L90If1AsgeF1Xz7OK000JTr
.friv2.racing/	1970-01-20 00:30:11	Name: _gat_gtag_UA_97003001_1 Value: 1
.friv2.racing/	1970-01-20 09:51:46	Name: __gads Value: ID=80910913a8da0df1-222133872fcd0045:T=1643410964:RT=1643410964:S=ALNI_MZwKAUDfxfxxNNxJn-llr5RkwFAEQ
.doubleclick.net/	1970-01-20 09:51:46	Name: IDE Value: AHWqTUlfE6radUo0CJK1pzkZqqYv1uJc27bF_-KoccA9p86J6xJ7Mrvf7LLYsmw_nPs
.doubleclick.net/	1970-01-20 00:30:14	Name: DSID Value: NO_DATA
.friv2.racing/	1970-01-20 09:15:46	Name: FCNEC Value: [["AKsRol-ivNE1KHxx4bPI0KIaokiNZ9m0N3Y7aObsXYm494hxnWU8PxqmjohbKsPLjQVoYa565yJkEBc-PjSlL6CdxkqX0O9N9fQLjHJqJNEec4iaK9bLL5ht7L18yM3B0UTgWZq1iJ_MxKzKaqgHqb_uZe8ZOwjvdw=="],null,[]]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.gamedock.io
connect.facebook.net
counter.yadro.ru
fonts.googleapis.com
friv2.racing
fundingchoicesmessages.google.com
game.api.gamedistribution.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.improvedigital.com
html5.api.gamedistribution.com
html5.gamedistribution.com
imasdk.googleapis.com
img.gamedistribution.com
neueaffenspiele.de
p4-dij7zgkebhwuk-ijbaugvhgtmehoyb-if-v6exp3-v4.metric.gstatic.com
p4-gosae2w2uywde-xe2lynh5qcd35smx-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.gamedistribution.com
pub.headerlift.com
s0.2mdn.net
static.xx.fbcdn.net
stats.g.doubleclick.net
tag.atom.gamedistribution.com
tpc.googlesyndication.com
tracker-v4.gamedock.io
tracker.gamedock.io
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.184.226
142.250.185.131
142.250.186.130
18.66.112.80
18.66.122.82
205.185.216.10
216.58.212.163
2600:1901:0:398::
2600:9000:2250:5e00:4:cd76:8580:93a1
2606:4700:3035::ac43:bdfd
2606:4700:3036::ac43:9ece
2a00:1450:4001:809::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2006
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.120.152.60
35.190.9.86
35.233.56.88
52.222.214.125
52.222.236.119
78.109.31.4
88.212.201.210
03e2ac5b0177e4bb02be3c722db598a88a114710a04b39c5c6607711ee61ba62
0c7081316c21b4024074fc6d21ceb2928af679ee880b97fcf132863e4f6400da
0cba6f9d9f0662efd4e460250bc5293950da78a309ed9a6c80659ade743f6e0f
0e67103d2d0085f2b85dec20a8a1834dc218a645ff553d7018052a8deab8dad1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1143d0629c77a82e51860e70498614633f233467d2b3f8d9aab155866df0570a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
16653dc16da2f67ccbb7f71933b290736c7efc35e2d08327489ec09295ffd007
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
195864cb4d00f382085bbfa50c450ad81789cb24794b2155045be994b1ca4976
1af0bdf0a98fd7013d9cb5e587f6634341a8254511efadd771d0ed4a8cf7a813
1b61206ca8f2dee029bdf11949a8953aee7479479feabdfa8a80742dfa9a0bf7
1eed120ba57562e1faca3ae9f002262bd064d149c4ab99e0aec46ae79b1c07c8
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
2442d64a8a90cf982824a1dca7e8a1fb1d343ee500285b4e7a29c0dc560a486b
27bbce805c2c61aab7e90d5a59180cda702e1b002bd739abdbe56aa9473aeb71
27d80bdc9da46e8118e9380fd7f7a558ffc6cff5ba909882925b0c3087468602
29a6238dac6868a23482b0d3b4707c08e17895e92fc5d487012766be02fea712
2a176a0442b25e0a0bf4687552431aa639c95088c510f4bd012c0b6065237c9b
2a7b0706a49d49ab82dfbb92ef82417c84eede9b0ee82b2c1b2524c4b135f70b
2ad761d9ea92109807b9d98c34f7aa0aba882125488cfe62a68ebfb7000dcaff
2c35ff6c27c50a68d993f43404a00ecf6591fc86f66fd0c00ded254fcff70c48
2e2f3843c4e6e8239cc209544ece9f653a6af137c16654ace78b2b08c6a00b92
3030d060903c587fa12517f8aea1dee90a991276c8358f19ee20aaa2435da425
319905f01279f4560f186bb44de35909b6a991ddcbc2cdfbc7311856d0fbe0e9
32115ecb0a3904d0833e04719228424a2d8db612d204f4e69507a582aa603c93
340be27a3b725774c93a8cfec52dbdc5e7cb212772d969195adcd42410b298d4
35f420911e15e0dcade2d82029717124f6f8263456f3d2686576c5cb364c7d69
3e97ff16899cc1ae490c855c626f820a438a2d3eafec41101ddb6e63bae5770c
43a5d1be8caa69c7488d5215de569e319b0ee4cceb1926d85511b11b107e0c03
4678a41b69db7bb7b59b0d34520aa05a5de03753ade7cea0e3d1c7f43cf53793
493ee3a7f1213fdff1153c2f56d3b6d0ffc403b18771272ddd1cb383a036cf48
4c9b92bfce3b7b0e0a9e33ebe8130496bf50c80ad4375b1b98ddff744b4ea9f5
4cc8ac413e2b44518ef01b79bd43fe699150dbb434875bf72387de84d218c4fe
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e01b379c7596a26049a6d8a32500fdaa3e988baed83cabab6dc8369de7e3027
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bdf7921b31d4c0940d0f8cbc3e57efbafd61e79e9d56b5731233b2b0811ff8
511543d9bdbb348ca15de71f0e2a6848c97d7620c4357543f24c923b0fab80fe
53e374adda52950799fd53164eb030ecd429af493757f48b67ed8cd38cf29dc3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57337e75ff82c6d41616336f54033125179e35f649a440b60ff3f62ac75d0660
57460c68a82fb49a2fa332fb69a2d7a6783a4d3a88ce158e2aa3bbc3e4019523
575eb787320617105cd5dbd56464c98f17f993c82fc40980e81fa880f0d4a141
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd0656a36ea19af3c197bac1479129be9d4bc330581b708b880d1cd9c3adac4
6046c23b85986b7cf6d8a28b653bb0b0a73bab416795df69f476e14d1271a1db
607a593cfd8d289c92d8ebd35b04c61ac9c80ed29ce4654b27c133267f46d07b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495
649d64ad7220a60104afe611a95c818fadae921ecf0554757933cbfb4542210a
6a44700deda014a7cb0c26e686dc274315c34aec3fd9bb853ef303399093630f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e7bfece69986376cbc9f073834ae0e1a39e4d3366f46dd84ae6b273be1ad90e
6f4df1d79600b896a2e01a8ac951e9003a40d40fe25d28bad5633dbc54e74863
705980d04d5fcc271ae323bf089f3eaaaad4133b8ad8719899058714d31aa40f
707cab5e5a6cc435fc2bd6049050df32e0869fa6e6fa986740b8c6d078cc0fbd
7118dab66877bebfafdd02c111dfccc3df668fa622d25c443f4822db37f0c027
71707349929d0aee76de6cf37907137b2c9605208e85d8800bc0d729db7b18ca
72eef537f638851940d55e9c6a218c69a7bdf1f943d8ce6bd718bb5f2cbcbaa6
75bfadb9ac37e28e80e2c3171ff2251e3954bb3dbe0b24dfae0598c1652ad876
7ad1f59229d3b4c19ec76ba06e0a33ca00c6a092afb95c222dfa1fcef162735c
7f784b3ed208878900b4b3c69b3a48fe1426357c31d97985526e23adbcf4801a
8210b1f883e01f520917b36e11d7b67c2410cb403ea7981bb9c6a2bc4e9ae9cf
82309ac55033ce96c50fbc67abaeafa09c94789ae0f064a907e4c40417306a5d
829c46873202109f27565f1fd69b73cc9c465c8714832b4a6d98d80d8bafcc95
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
94ab44c6182106339898ebde9cfb9cbdd4ebc82ca2383d45f03245366b9e5ea8
969e50a669275fed180ed53f20f4bbab60f56dc4c8076aad7d0abc0f1599bff1
98587d0cb6b42b0a909857f87300aac967920dceeec2fcedf04ec84187ba0d37
988b1ef6abf3c216482aabff8024d52388c90d8a61848e4b24214fe728868f83
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d5ffdd22509d8992d5a1f50d28b09afd4180be45bffcbfb49635ceaa16a55c
9be6f2589c241a4e8eaee7f98e2c6130039a0955e415361349a65ad758643fc1
9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d
9ed1e4fa8e4044bb9fedef29c3e3562b1377a24279f6c6178ab1d23415f59976
9fd167ac9b9a8be810ff24aaf55e663171b8e3d170c6fdde92f316391b704123
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a14d20ac3a6fad39a8c19300225b82b935a0843d261ad80c0c771b6909b4017a
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a221343db26c43bb8ec3b2dda04ec6017ba57321fb34076aeb0e276feebe8e54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a8f1333cac843f4640303c36a333e25a25b369a31ebb54049b69fad34e3e0fce
a96cb1746c7d796e47fdd93da67606192f860f69286bb37f14e52ec5de78fba1
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd50facc16180a7b7bd4b56e592dec310229a103a616fee0a1377854ef566b6
ae07b44365d1b861f5b0c93eb844b2a7533198aa62f16e2db1d62fdc848c08cd
b1b7c0bc7f6953d9a85719f68a6cc410bae7859d4e90696d7bc0586d5f014575
b1b89e0ec4cc0133b0b90550c8fa9181f070907610f0aabb4e7058e471943fe2
b322bff530ae94e37edbb216b6adb44aa64fe4d63d3daa95381fc7587fbf826a
b4a576181de48e65c16476d10dcb5de9730675835d885ae49ae1ae3a67ae950b
b67fad811e7e9b06f1bb367ae9204cbdd235b7de4d8b7131a4d4cb212ce6b298
b6f161c171f9e2343980ec98271c9ee9e73ca694cab4977e34f8fd4357684728
b7eb700c4b66a78d7ddce44c218bc07d9ed1679ed97328edbcae59fae9945e20
bb61d7ca61e7a23e23f95136244410a278b923ce9fad3061617c6af3e9770f81
bea44783ce24f6df8ba9bf53fd8c77c7ce430e9564050582fa28e91ba35cbb5f
bf34828caa0495cb4a3d7c99b6fe95b869fcd8c383f50a42049623315f7463e9
c1fa411c9a191949cdc61ad10dacd0fd3425518e0602eb10e142e161618bd06f
c56d80842427c23856403696ddb2f8af818d07a3a72d69a4e165a6b98bf168ae
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e4a2771e3f0e5b7893919ac60e8d9cbfd8a71880f1878162c7af60e200c3f3
d845920d21b08795f90526d2d827e0baea7a2102b359f24a39ec28a87faacdd6
dc677c71054c359e674cba23f96a8fecf60d9d2e8fcffce690d0619037a2b897
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df149d844178b4a4b3ed660e03ef092e3bdfe30ceb564ad7dd571006b7f6995c
e0e09e7e29615ae8b3b52d674e0b0cb325eb0dba5bb73df2fed9e2fb80b071fd
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e31ac1a479f6d3f83a0861061e4d7490c0fed462fb3256a4137fa5bc24ae924a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea97e0f591b16fd7c4906f982ce8700e3700d89f6ae4a51c53d0f56e1898dd02
eef6d2b2e0e49011a64d4a2a6b9a91e8052eea7f80d0d93f01c9ab3787f879a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05ea546087eaf82a5c33966396e0923c1a7cf3477dcfa336a2f3f6e397bf84d
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
f35ed594666f6a6593e9a9bf635a5870096ffc5a3fc4cf1f7e00320ee4690b48
f6d47ae7cc192e9f3b47d32f0e4a32e3034f944d29bbe5633e243bb32b6f4913
f92cfa93bfa5afb9f2859e7c5a5f76872807dec30e4cdf7c8af76dcde7e0b6a2
f93d0298dd39f7dff18566a5b2754067e26c0182b469fd6b24e5d63429fef88b
faf00670b9f644252a3e797641cc4e5186a8b862264f087fd5c521c304b56bb5
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

friv2.racing Open in urlscan Pro 2606:4700:3036::ac43:9ece Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

176 Requests

99 %HTTPS

59 %IPv6

21 Domains

36 Subdomains

35 IPs

5 Countries

3233 kBTransfer

8529 kBSize

9 Cookies

2 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

friv2.racing Open in urlscan Pro
2606:4700:3036::ac43:9ece Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

99 %
HTTPS

59 %
IPv6

21
Domains

36
Subdomains

35
IPs

5
Countries

3233 kB
Transfer

8529 kB
Size

9
Cookies

176 HTTP transactions
5 data transactions