friv2.racing Open in urlscan Pro
2606:4700:3032::6815:312a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://friv2.racing/squid-game-online.html
Submission: On November 11 via manual (November 11th 2021, 12:40:59 am UTC) from UA — Scanned from DE

Summary HTTP 213 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 20 domains to perform 213 HTTP transactions. The main IP is 2606:4700:3032::6815:312a, located in United States and belongs to CLOUDFLARENET, US. The main domain is friv2.racing.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 17th 2021. Valid for: a year.

This is the only time friv2.racing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	2606:4700:303... 2606:4700:3032::6815:312a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
8	2606:4700:20:... 2606:4700:20::ac43:4702	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
18	167.172.13.198 167.172.13.198	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:490e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	188.166.128.113 188.166.128.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
38	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
12	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
213	29

40 2606:4700:3032::6815:312a (United States)

ASN13335 (CLOUDFLARENET, US)

friv2.racing	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4702 (United States)

ASN13335 (CLOUDFLARENET, US)

html5.gamemonetize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.gamemonetize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gamemonetize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 167.172.13.198 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

assets.jetticdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:490e (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.166.128.113 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

backend.jettigames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	712 KB
40	friv2.racing friv2.racing	315 KB
35	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net static.doubleclick.net	280 KB
21	google.com 4 redirects fundingchoicesmessages.google.com adservice.google.com www.google.com	90 KB
18	jetticdn.com assets.jetticdn.com	313 KB
8	gamemonetize.com html5.gamemonetize.com api.gamemonetize.com gamemonetize.com	240 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	52 KB
6	google-analytics.com www.google-analytics.com	79 KB
5	googletagservices.com www.googletagservices.com	182 KB
5	googleapis.com imasdk.googleapis.com fonts.googleapis.com	195 KB
4	jettigames.com backend.jettigames.com	1 KB
3	cloudflare.com cdnjs.cloudflare.com ajax.cloudflare.com	146 KB
3	googletagmanager.com www.googletagmanager.com	107 KB
2	facebook.com www.facebook.com	3 KB
2	google.de adservice.google.de	957 B
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	facebook.net connect.facebook.net	78 KB
1	2mdn.net s0.2mdn.net	17 KB
1	googleadservices.com partner.googleadservices.com	638 B
1	jsdelivr.net cdn.jsdelivr.net	23 KB
213	20

	Domain	Requested by
40	friv2.racing	friv2.racing
38	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com friv2.racing pagead2.googlesyndication.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net friv2.racing www.googletagservices.com
18	assets.jetticdn.com	html5.gamemonetize.com cdnjs.cloudflare.com assets.jetticdn.com friv2.racing
15	pagead2.googlesyndication.com	friv2.racing pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
12	static.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com friv2.racing api.gamemonetize.com
5	www.google.com	4 redirects tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	backend.jettigames.com	html5.gamemonetize.com
3	api.gamemonetize.com	html5.gamemonetize.com api.gamemonetize.com
3	adservice.google.com	pagead2.googlesyndication.com gamemonetize.com
3	html5.gamemonetize.com	friv2.racing html5.gamemonetize.com api.gamemonetize.com
3	www.googletagmanager.com	friv2.racing html5.gamemonetize.com
2	www.facebook.com	connect.facebook.net
2	ad.doubleclick.net	1 redirects
2	gamemonetize.com	api.gamemonetize.com html5.gamemonetize.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdnjs.cloudflare.com	html5.gamemonetize.com
2	counter.yadro.ru	1 redirects friv2.racing
2	connect.facebook.net	friv2.racing connect.facebook.net
1	fonts.gstatic.com	fonts.googleapis.com
1	s0.2mdn.net	gamemonetize.com
1	imasdk.googleapis.com	gamemonetize.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.cloudflare.com	html5.gamemonetize.com
1	cdn.jsdelivr.net	html5.gamemonetize.com
1	stats.g.doubleclick.net	www.google-analytics.com
213	31

This site contains links to these domains. Also see Links.

Domain
kizigamesxl.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-17` - `2022-06-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-20` - `2021-11-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
jetticdn.com R3	`2021-10-12` - `2022-01-10`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
backend.jettigames.com R3	`2021-10-15` - `2022-01-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 25 frames:

Primary Page: https://friv2.racing/squid-game-online.html
Frame ID: F59A3DACE41A2AD6239C633070BA38F5
Requests: 72 HTTP requests in this frame

Frame: https://friv2.racing/games/pages/play-squidgame.html
Frame ID: 5049DFB7B316766968C5FE5C04DC9D6F
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html
Frame ID: CF879CF118279EDA040462F2355E97AC
Requests: 1 HTTP requests in this frame

Frame: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Frame ID: AFE2EDB426C402196EB9D230A4A6BA99
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664
Frame ID: 623660D6538E68EB16867D42E22A9698
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668
Frame ID: BBD3E20946A4F596223A6B2D081F8284
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1636591229&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=184&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zkMzuUnMwC&p=https%3A//friv2.racing&dtd=673
Frame ID: 7620C5BC527BC359F7F5B6B397A68B68
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1636591229&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=187&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=676
Frame ID: 251438FED3727650555BDBB531821479
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 216B14244BACFE045A4DAC743E6F58B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html
Frame ID: 05313DE74B6EF04212BE59DD832EE3C2
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3F7F78E0129CAFCE4752FD56E5B78476
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html
Frame ID: 952CCD5A0B370F5607B48E65BC8CE6A2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E76A0CFF92FA7913B7F928153121DFA3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0D467E291101CBCC93184886379CD719
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0ED3D0422B7EE8DC4863049F7D246969
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1
Frame ID: F74E3F0D8B8E58CC86B2A222ABCDED56
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Frame ID: A98801264A81AC58103C47696E184307
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 78E3BCBC9EDE44BAB415881AFE4818DA
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0303F65CCEA6343F52EB4F3C040F2F08
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Frame ID: 7EDFC07BBD66486EDE702A7A39F29188
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df546b426024%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff295b6956d4b04c%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
Frame ID: 6A0A27674EF399B6A488B8CAD1291357
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310329f46e0d48%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff295b6956d4b04c%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
Frame ID: 02B96AFFF26D0AE0A27D2ECDF0173C79
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js
Frame ID: F9F4A0C79843007121FEC4280C3A975B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3E0C5EBB88DB21D87961F29D92049ABB
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FB6E424D84E0E4FF3C7EBD64D79B3164
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Squid Game Online - Play at Friv2.Racing

Page Statistics

213
Requests

99 %
HTTPS

82 %
IPv6

20
Domains

31
Subdomains

29
IPs

5
Countries

2834 kB
Transfer

7749 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://kizigamesxl.org/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://counter.yadro.ru/hit?t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-online.html;hSquid%20Game%20Online%20-%20Play%20at%20Friv2.Racing;0.881498616969207 HTTP 302
https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-online.html;hSquid%20Game%20Online%20-%20Play%20at%20Friv2.Racing;0.881498616969207

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 190

https://ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/B26673919.317560430;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/B26673919.317560430;dc_pre=CJmAtriJj_QCFVHrEQgdNisJcQ;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Request Chain 202

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

213 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request squid-game-online.html Show response
friv2.racing/ 15 KB
4 KB 449ms
419ms Document
text/html 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: 840d748cdb4b154eb640940a5b107bfea7fd6b5a91a151e074bbea3cbd671f2a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.3.29
link: <http://friv2.racing/?p=2925>; rel=shortlink
expires: Thu, 11 Nov 2021 12:40:28 GMT
vary: Accept-Encoding,User-Agent
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4SfSwVc%2BDYUDPMLKToZxypcJZ2vesqK2CJESB28P9EDoTqIkJx2Wh4ZpZ2I52tWXB6Lz0pPypX35tiL2T2RHQgJeP80FFZoWk3es4e0NN7carLKQ%2BnmE%2FFlg%2FK17uxU6eliQ9etdVTt8D4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac378278cabe003-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
friv2.racing/wp-content/themes/friv/ 16 KB
4 KB 28ms
27ms Stylesheet
text/css 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6046c23b85986b7cf6d8a28b653bb0b0a73bab416795df69f476e14d1271a1db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 471702
cf-polished: origSize=16302
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 30 Aug 2019 19:33:49 GMT
server: cloudflare
etag: W/"5d697a1d-3fae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GkAhLDIn01btL7SAvbBg3uWlCl5BrVZ6Jo3H4MhH%2B%2BDLlrAjKaV9qdSoX9ej4aJ%2Ftf8oWTj58Wgo1RQteQZFmOapGHSmQMXZ6VAVnENDKFTNzPhqL9l3cnZxbWBn9tJlsTGQQxq2k%2BuRNw4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6ac3782a8ebee003-FRA
expires: Fri, 12 Nov 2021 13:38:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 88ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

377b5c18bfa8604e81a30e41d792da7f6238fa25f0a6a1bf2bbc36d0c6c75bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36400
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Nov 2021 00:40:28 GMT

GET
H2 200 logo.png
friv2.racing/wp-content/themes/friv/images/ 6 KB
6 KB 38ms
37ms Image
image/png 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/logo.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea44783ce24f6df8ba9bf53fd8c77c7ce430e9564050582fa28e91ba35cbb5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 488531
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5726
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-165e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2f9l6yohnjzCAl8bPfmZebU5Y3QCMn89tcV2rmUcUYqDLbVH5%2Bt3O%2F7u2mBklA9kIXM2wiWBWfiXiUmp7Tn%2FvlK3RT8h6Sy0M7ZfRDbh%2BLvl9Ij3S5zcHAJn%2FHEHgAjNmxaZCMQtzKD8rU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ebfe003-FRA
expires: Sun, 05 Dec 2021 08:58:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 114ms
19ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1471d2ea98647382600146360be578763684e61b589a76895d3afe847d88a52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51231
x-xss-protection: 0
server: cafe
etag: 502212566320140256
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 00:40:28 GMT

GET
H2 200 back.png
friv2.racing/wp-content/themes/friv/images/ 10 KB
11 KB 38ms
37ms Image
image/png 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/back.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2f3843c4e6e8239cc209544ece9f653a6af137c16654ace78b2b08c6a00b92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10349
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-286d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97W9XUZNpwIDphs3uy%2B0p11b0GQXUzK8RKspe98JcpuCr6RglKH82YCBJXPAy3sxixMtRKlOie188lnW20PtH1rM09t1GgNr7waWMMHSfZTFYLdIRvXblEUA54mr2ziN1wn0j7zMYwijJTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec0e003-FRA
expires: Fri, 19 Nov 2021 12:17:25 GMT

GET
H2 200 kizigamesxl.png
friv2.racing/games/icones/ 6 KB
7 KB 47ms
46ms Image
image/png 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/kizigamesxl.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae07b44365d1b861f5b0c93eb844b2a7533198aa62f16e2db1d62fdc848c08cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1858983
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6496
last-modified: Sun, 19 Mar 2017 20:57:50 GMT
server: cloudflare
etag: "58cef0ce-1960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Am0Y0sd5dtIOY6DEP7BR2UL9IdJrmCurLdIiTj3RS%2FM0a4CLMrTuwYxaBqCPiy0z5Tbsy4JjollWVQIkxdPxBgDNQjljS75BP%2B7aqwS4wmMN88UrOXev%2B6f2nPc%2FL7RJoaZR6xvZSj7aBD0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec1e003-FRA
expires: Fri, 19 Nov 2021 12:17:25 GMT

GET
H2 200 subway-surfers-san-francisco.jpg
friv2.racing/games/icones/ 14 KB
15 KB 20ms
20ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/subway-surfers-san-francisco.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 575eb787320617105cd5dbd56464c98f17f993c82fc40980e81fa880f0d4a141

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1355093
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14683
last-modified: Mon, 20 Sep 2021 21:09:01 GMT
server: cloudflare
etag: "6148f86d-395b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F8DZ%2FFF9yVq4QTSf7rZihL7XY%2FjMR8Eht1b9WOaA0nS9slwIWjNNx%2F%2FoSzNyNpRbODxlX8KXPm96gS196UnjqCPZpIfc9S%2FSh1vQUF8G%2BKrHuaghYEdY1yHNWsme3pVuYZs%2FLPMtpnnfL5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec2e003-FRA
expires: Tue, 23 Nov 2021 08:15:35 GMT

GET
H2 200 save-the-girl.jpg
friv2.racing/games/icones/ 9 KB
9 KB 39ms
38ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/save-the-girl.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ad1f59229d3b4c19ec76ba06e0a33ca00c6a092afb95c222dfa1fcef162735c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1095571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8864
last-modified: Mon, 20 Sep 2021 20:46:23 GMT
server: cloudflare
etag: "6148f31f-22a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4hatfOcxC%2B7gkAEJ%2FEMPnIwHj7cWjxmaTSKH4DviRhmi0OLO24t%2BmGTVCdQOtXPNppkP2wUJmRtXt3DUGxV5ZlDY%2B3Nl%2Feie8ZBEOenEBharpIGDu%2FQdrkwSeeVyRRusFDSF21OXoa3%2Bh4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec3e003-FRA
expires: Fri, 26 Nov 2021 08:20:57 GMT

GET
H2 200 stickman-hook-rescue.jpg
friv2.racing/games/icones/ 9 KB
10 KB 38ms
37ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/stickman-hook-rescue.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f92cfa93bfa5afb9f2859e7c5a5f76872807dec30e4cdf7c8af76dcde7e0b6a2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 577250
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9331
last-modified: Sat, 18 Sep 2021 23:50:54 GMT
server: cloudflare
etag: "61467b5e-2473"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sSU55fnoB3kLX26YcPGeF5B9NTI0ZlwAeHlGeAxObBu9zLbJpN1cwPQM7v%2FxHs6YmYsiDXux8RDwlVE82nN0el%2FRy8hElxtYYnV8THzmfqyVTeEllaU1I8Mv0c2aagD%2BrzH9jgeZ%2B9CO3bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec4e003-FRA
expires: Thu, 02 Dec 2021 08:19:38 GMT

GET
H2 200 happy-shapes.jpg
friv2.racing/games/icones/ 9 KB
10 KB 51ms
51ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/happy-shapes.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c35ff6c27c50a68d993f43404a00ecf6591fc86f66fd0c00ded254fcff70c48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1949507
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9406
last-modified: Sat, 18 Sep 2021 23:34:11 GMT
server: cloudflare
etag: "61467773-24be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3srOWB%2BDqRDb5Cn98i68F6pJOHZUfKC%2F1HtQUbkb3wX8AGYcn9%2BC1GIZffp62xKEtv41TuBryekSqiAJ9bvYOuCsbqbEytmLs%2Fcd%2FWIaVk%2BtYdTlzkt2kTRrZeH4GBs2IbRMNYUUudHHgvs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec5e003-FRA
expires: Tue, 16 Nov 2021 11:08:41 GMT

GET
H2 200 jetpack-joyride.jpg
friv2.racing/games/icones/ 10 KB
10 KB 52ms
50ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/jetpack-joyride.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a14d20ac3a6fad39a8c19300225b82b935a0843d261ad80c0c771b6909b4017a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1356803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10034
last-modified: Thu, 26 Aug 2021 22:46:17 GMT
server: cloudflare
etag: "612819b9-2732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=shrjU75hZHdnN42msuJZXAt6ImH302X7b8YOt0l1hzTABZ7LWrACvJ39BtGCvkbKedcmzlORH2HugEbRvSHHQiLZYM78wbIEcgQdQRHMMImLz9VGIC8bYegjOpJ%2BA%2FKUpORnF1MOUHn2lqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec7e003-FRA
expires: Tue, 23 Nov 2021 07:47:05 GMT

GET
H2 200 hello-kitty-and-friends-jumper.jpg
friv2.racing/games/icones/ 7 KB
7 KB 27ms
26ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/hello-kitty-and-friends-jumper.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3030d060903c587fa12517f8aea1dee90a991276c8358f19ee20aaa2435da425

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1177597
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7124
last-modified: Thu, 19 Aug 2021 20:13:25 GMT
server: cloudflare
etag: "611ebb65-1bd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wl%2FYNqV4kLe3O6TpLqIyAAQri685k0rF4DAbsJRv4ZB9wonQX9e%2FdnnntKx266yNolAtFycFtbiIPOHD4qcVhC8dqY3upM2UG3sq9B5nrweWNtZ0RgKlMMUYQ%2Bhmln5JpvgzbEjV6GtA1oc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ec9e003-FRA
expires: Thu, 25 Nov 2021 09:33:51 GMT

GET
H2 200 friday-night-funkin.jpg
friv2.racing/games/icones/ 11 KB
11 KB 67ms
65ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/friday-night-funkin.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7118dab66877bebfafdd02c111dfccc3df668fa622d25c443f4822db37f0c027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11151
last-modified: Mon, 12 Jul 2021 23:07:14 GMT
server: cloudflare
etag: "60eccb22-2b8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CtiWP0Hqy4J8bJeK1vlyvMLT%2BUENcmDGCHWEAIfYwOET6QDCV7fnfbPvtqPIjiRT5CNBzAQSqrWSQ7PTlzW8Z%2F%2FiBMUYrGWcnXYUvRbeO1QFWF1eKGZjVAu%2FxZTLutFlYTyI1RbToNgKhKk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ed2e003-FRA
expires: Wed, 08 Dec 2021 12:21:10 GMT

GET
H2 200 angry-birds-2.jpg
friv2.racing/games/icones/ 6 KB
6 KB 51ms
50ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/angry-birds-2.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27d80bdc9da46e8118e9380fd7f7a558ffc6cff5ba909882925b0c3087468602

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 44358
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6184
last-modified: Mon, 12 Jul 2021 22:42:41 GMT
server: cloudflare
etag: "60ecc561-1828"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuWuiWX86n6SOGkbLaCGv0yRqF1kXLBYC2W%2FRQyiy0AmgdtfVxdR8%2FaI%2FH%2FIHOv9fLHk7nuiz2XHYRHGYasK0mAAqtHInZXPlVBSjI5Cr0RlmveTiJnvc3LuHenrl5PRQhJJxxHn2lWli1I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ed3e003-FRA
expires: Wed, 08 Dec 2021 12:21:10 GMT

GET
H2 200 who-is-imposter.jpg
friv2.racing/games/icones/ 4 KB
4 KB 52ms
51ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/who-is-imposter.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29a6238dac6868a23482b0d3b4707c08e17895e92fc5d487012766be02fea712

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1782666
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4199
last-modified: Tue, 13 Apr 2021 08:54:53 GMT
server: cloudflare
etag: "60755c5d-1067"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1eyt5bFwSEfI%2BDPd9fofE4e%2BxJoAkfD1S5WsVPH8%2FNmp17y5fHvI8E2mSGbmcIeZcJepf7y9jUgeSO43lN%2F5FuqxjUPWZqiGhT17YrFF5qaKrrrdNpVMDFm9gEBeywXNeWVx5QacNVJG62w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ed6e003-FRA
expires: Thu, 18 Nov 2021 09:29:22 GMT

GET
H2 200 genie-quest.jpg
friv2.racing/games/icones/ 5 KB
5 KB 52ms
51ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/genie-quest.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32115ecb0a3904d0833e04719228424a2d8db612d204f4e69507a582aa603c93

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58649
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4733
last-modified: Tue, 13 Apr 2021 08:37:41 GMT
server: cloudflare
etag: "60755855-127d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SND7aiHEaPoxAxw1DbYz9Z3NfasYbiTMOBiZDctTLLcH4Q65rNsKUqlpXk7gsgSNmAyri5ExWd2QOc8M2ysUKhDBVSGmN2N%2FRcbqzbCwz%2F5EQfMpjfdUjiS6iwkEqxw8FI%2FZ9SybslCRt5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ed7e003-FRA
expires: Wed, 08 Dec 2021 08:22:59 GMT

GET
H2 200 shaun-the-sheep-sheep-stack.jpg
friv2.racing/games/icones/ 4 KB
4 KB 71ms
70ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/shaun-the-sheep-sheep-stack.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71707349929d0aee76de6cf37907137b2c9605208e85d8800bc0d729db7b18ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1514824
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4116
last-modified: Sun, 14 Mar 2021 01:00:00 GMT
server: cloudflare
etag: "604d6010-1014"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1dFPCnmH%2Finp7hcrklvevasiRQKnDkgpzV5J0pB10a0R0xZOtZRRJVPP0Bi7HYfMJwazJW%2BKA9pWsjDQT9zN%2B%2BBihT5JIveveY2xhXOy1bqHf9sxKVQ4pLTnepAdOQO4RqYPPP8aQvbFXlI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ed8e003-FRA
expires: Sun, 21 Nov 2021 11:53:24 GMT

GET
H2 200 penguin-diner-2.jpg
friv2.racing/games/icones/ 4 KB
4 KB 53ms
51ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/penguin-diner-2.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b61206ca8f2dee029bdf11949a8953aee7479479feabdfa8a80742dfa9a0bf7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1849986
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3870
last-modified: Thu, 25 Feb 2021 16:47:16 GMT
server: cloudflare
etag: "6037d494-f1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2B9XLA1Lu4tL0wIq2I0t5Urqm4qyc59voT1n%2FhCJiwhSmAQK5mrOpn0dDa83dBr9m6ukO6jLuW6nTcf7FGa78xcAdcGma89UxhozoLt0TVfSJUOG%2FOeMIfkXKF%2FwgIOYzPIXjQWG2kaqgXQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8ed9e003-FRA
expires: Wed, 17 Nov 2021 14:47:22 GMT

GET
H2 200 talking-tom-run-gold.jpg
friv2.racing/games/icones/ 7 KB
7 KB 89ms
87ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/talking-tom-run-gold.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1143d0629c77a82e51860e70498614633f233467d2b3f8d9aab155866df0570a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6686
last-modified: Mon, 22 Feb 2021 18:43:15 GMT
server: cloudflare
etag: "6033fb43-1a1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2Fz0yhLNyfzO09FWQCYeiuKaOzsCET%2BLqtA%2FRve3tBLON%2BmwsREQ2QUB8ZSu7oWAOQPSgZqOkaEefxd3rOUJSvGg6O%2BYxLUcfcm6B2F7aT5SMUXavaLu9JO0VokEmW6fzax8fpE8MCgWWhg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8edae003-FRA
expires: Tue, 07 Dec 2021 04:05:34 GMT

GET
H2 200 learn-english-word-connect.jpg
friv2.racing/games/icones/ 6 KB
7 KB 49ms
45ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/learn-english-word-connect.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16653dc16da2f67ccbb7f71933b290736c7efc35e2d08327489ec09295ffd007

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1850578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6423
last-modified: Mon, 22 Feb 2021 18:22:29 GMT
server: cloudflare
etag: "6033f665-1917"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=przL8F6kBPRGuGsyxZKlHk9b5znhYCL9duyhRyWotIjHJqUBmRip2rTYBMWChelbLZNC%2Bb8cKfb4klBxrJ%2FXfXBZ5QD3ujpB6PYihA7EuycOZL%2FedHFqQGP4NOVg81BxnWb60D4gWEeiZQU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8edce003-FRA
expires: Wed, 17 Nov 2021 14:37:30 GMT

GET
H2 200 tom-and-jerry-run.jpg
friv2.racing/games/icones/ 7 KB
7 KB 50ms
44ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/tom-and-jerry-run.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df149d844178b4a4b3ed660e03ef092e3bdfe30ceb564ad7dd571006b7f6995c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1849986
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6887
last-modified: Tue, 16 Feb 2021 06:49:01 GMT
server: cloudflare
etag: "602b6add-1ae7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nq1sPVnKmCGjgiimDaflkmtErDJvglc4amq7rAnafdC2H3voZhzgcaqJPP7myA7Sfk%2F1D34SAtw%2FfByGXD9JDCdUrnsfr99l2fQzUdcqiey%2FIkBB3Tu6837dlhm%2FQZvlo1gZheQQ3hQDY6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8edde003-FRA
expires: Wed, 17 Nov 2021 14:47:22 GMT

GET
H2 200 among-us-space-run.jpg
friv2.racing/games/icones/ 4 KB
5 KB 44ms
39ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/among-us-space-run.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd50facc16180a7b7bd4b56e592dec310229a103a616fee0a1377854ef566b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1177597
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4599
last-modified: Sat, 13 Feb 2021 23:49:59 GMT
server: cloudflare
etag: "602865a7-11f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuVaVAp8DkiT7BiAE%2FuHJGw9f4xnJshcvKIhM0RZPuxIm8mSPgoWDFLd2eOaLEvk8SxpAsHx8HcLkuZlovDd2%2BvoPXv2NAe3e7n6Z%2BFT%2BnROvfjjazZID1ZZ8TuleAsApafrXUBqcy9WL50%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a8edee003-FRA
expires: Thu, 25 Nov 2021 09:33:51 GMT

GET
H2 200 fireboy-and-watergirl-island-survival-4.jpg
friv2.racing/games/icones/ 6 KB
7 KB 64ms
57ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/fireboy-and-watergirl-island-survival-4.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 607a593cfd8d289c92d8ebd35b04c61ac9c80ed29ce4654b27c133267f46d07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466888
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6363
last-modified: Sat, 13 Feb 2021 23:36:18 GMT
server: cloudflare
etag: "60286272-18db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gixbtu8muevXlfUjcWoCoczjF9cC9LlMhr6CskUu5psEL907tHHZtx%2FFZCp0dSd6gl3%2Fi8AfEqqnbABQDoKZ%2FCSaS4BCq4cWlBTeQdUJnUyYFOG0%2F2PjkER%2BJK2iVd41oXMsjffyPrs8zig%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9edfe003-FRA
expires: Wed, 10 Nov 2021 11:25:40 GMT

GET
H2 200 kumus-adventure.jpg
friv2.racing/games/icones/ 8 KB
8 KB 70ms
63ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/kumus-adventure.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4cc8ac413e2b44518ef01b79bd43fe699150dbb434875bf72387de84d218c4fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466888
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7695
last-modified: Sun, 31 Jan 2021 18:15:13 GMT
server: cloudflare
etag: "6016f3b1-1e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FmDoueWmRKLlZX2s8U1B0Yh0a4lfE9OdJxWoq9iPlhNqpEaOdgz%2BhqeaaettEBhFmD%2BtExjhcjMnpfGnMcvwU%2FI2ft%2BJbguFTLSjUtvDjDh%2F5i8HAVyo%2FSdzmng6FNguuWsgQeuJNykjz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee0e003-FRA
expires: Wed, 10 Nov 2021 11:25:40 GMT

GET
H2 200 evio.jpg
friv2.racing/games/icones/ 5 KB
5 KB 50ms
43ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/evio.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbac1cc598ac1c61f9ce35be6715357cd81061bed88641cfbb58b6a2b3c891c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1095571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4903
last-modified: Fri, 29 Jan 2021 14:27:09 GMT
server: cloudflare
etag: "60141b3d-1327"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkqpENVzCk1jghVjTdoUyMnTklt7Hsmm8Y2OANiPA6XGSecM6flUBaDywx85SPUEuD4btUcZbubm%2FSKRjNL86C2oTj3LBg2qXzpeTV4nMoipYg3OTT32ov%2FaRfkfSalFJ1Wx23oAXm1T6oY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee1e003-FRA
expires: Fri, 26 Nov 2021 08:20:57 GMT

GET
H2 200 city-car-stunt-3.jpg
friv2.racing/games/icones/ 6 KB
7 KB 70ms
63ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/city-car-stunt-3.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 864ac1199eb07e37517eb96a3af5fa013c961330764944f8a6c796f11e9f17b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1850578
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6589
last-modified: Fri, 29 Jan 2021 14:18:36 GMT
server: cloudflare
etag: "6014193c-19bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2SBC4N4Hi6Nm3Fyl5wKWI7NvccI6aYki916nbqNCDpECksoRv43AbjCIIg4KPzUetgw5mCi1jyPAEonnrxTpDF1lkh8Vi0Dno52OEbUggGsL9HgYDu9IPHaMCZGoCAXu%2BmBciFXaqVW0Qc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee2e003-FRA
expires: Wed, 17 Nov 2021 14:37:30 GMT

GET
H2 200 virtual-families-cook-off.jpg
friv2.racing/games/icones/ 8 KB
8 KB 62ms
55ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/virtual-families-cook-off.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e8123214594971475f38fdf614604b261b8da6e3a483ea56f11572b5877be9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 487685
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8237
last-modified: Mon, 25 Jan 2021 07:20:32 GMT
server: cloudflare
etag: "600e7140-202d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKheZGSDgb42gS9Py7frCoDCb503N3PiC6CwGUXju2ti2oXhs0pQeVPawg5P3HgxS0OereBse17cbudcgw4AeoFFJsizGLIMlm5WnAEkjW0FgzbudAqL2kcrEZs%2BY%2BPD4vLfS1DRfahanXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee3e003-FRA
expires: Fri, 03 Dec 2021 09:12:23 GMT

GET
H2 200 watersplash.jpg
friv2.racing/games/icones/ 7 KB
7 KB 51ms
44ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/watersplash.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52a71f43dbc576e422a51910e4f041861e9e793342a59371aa6787ed7726b213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 234438
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7144
last-modified: Fri, 22 Jan 2021 13:52:31 GMT
server: cloudflare
etag: "600ad89f-1be8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wLKb%2FYrOJO3yhZmqfyN9Eu5o%2FOESv2NjJlkpmVbNRB%2B0h9Qsym2oJUnEFMxBm63A1md6e5E2KPp7MI%2FE%2FlJFA3Nk%2BmcGEQZBOd5lCh%2BqbAcONvogBchpPSxZyKEO%2FUWJ9N8FH9N0u%2FkBaVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee4e003-FRA
expires: Mon, 06 Dec 2021 07:33:10 GMT

GET
H2 200 among-us-impostor.jpg
friv2.racing/games/icones/ 5 KB
6 KB 86ms
79ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/among-us-impostor.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5db810c07cca5033e2aebcdb9324038385e8062a8db33b08620ddd30243add7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2466888
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5494
last-modified: Wed, 20 Jan 2021 23:23:07 GMT
server: cloudflare
etag: "6008bb5b-1576"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zx0wVt%2BrMWGlpkfzHWqIvXVeXV8zP0EZrgQ92su9FEPRXaVrrfrmQIRC1DxkB5iugYgF6mL%2FAx5xQUbw8gzj2qweogZvT9HkxwdGVlm685rX%2B4wCVir8XFYHirArNkpkblezPodMRv79nBU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee5e003-FRA
expires: Wed, 10 Nov 2021 11:25:40 GMT

GET
H2 200 fireboy-and-watergirl-island-survival-3.jpg
friv2.racing/games/icones/ 6 KB
6 KB 84ms
78ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/fireboy-and-watergirl-island-survival-3.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d3c359ee4dfb9e415e8394c3c0052168e17ac610ed1d5dfc7a633dd85a78ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 160494
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5779
last-modified: Wed, 20 Jan 2021 22:49:07 GMT
server: cloudflare
etag: "6008b363-1693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTt0MHWN%2BBt277SmDGgJ56EQ6G0%2B3rWlMVk3AQ3YVMeKs2urJ%2FPwc%2BZB%2FJl5qfI5fEOoZnITBFN9sA%2Bj2p1k2316QKfun%2FQrX2OQp0ioNVEUqOgKm5InkSC0zA9LlOP1vPR%2FZad3HTfbKqw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee6e003-FRA
expires: Tue, 07 Dec 2021 04:05:34 GMT

GET
H2 200 tiny-dungeons.jpg
friv2.racing/games/icones/ 5 KB
5 KB 51ms
45ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/tiny-dungeons.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58efdef30c1040f9bab6f3ffeb7c866c3619672fb65b354620975705b929e0ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1095571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5256
last-modified: Sun, 17 Jan 2021 21:17:00 GMT
server: cloudflare
etag: "6004a94c-1488"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BU4I9AtuwZuSnbiDhTckWCGzmX6Pn5ygK7Qfi7LmpxOQQp4sBFqI5MeEeseEVrhFbsAsURe%2Bt4lkmw4XEMng6oklbzMyJ97fBUHHIreyvo1uhb7fnfDyHa3AkKCK6OwMcGEJswpSWFPRI7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee7e003-FRA
expires: Fri, 26 Nov 2021 08:20:57 GMT

GET
H2 200 minecraft-remake.jpg
friv2.racing/games/icones/ 4 KB
5 KB 82ms
78ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/minecraft-remake.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1bf5abc558b252d429f468d72513a9410a38c09b5e3932a04f8eac7b435599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1849986
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4562
last-modified: Sun, 17 Jan 2021 20:40:47 GMT
server: cloudflare
etag: "6004a0cf-11d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YkX7ddCFjQ0xNpugCP1h8PZ7k0cnvLOm1uMaZkK1NJyYJkT856Qfo5iXRRNto8fmiFIKGBvVYCHJbe4qXqQEmAUvDk%2FP%2BNpNb%2F%2FzhgrikGfI370p0lcw%2FghRq3fn%2B0gcPEdZkmcG5c1ge7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee8e003-FRA
expires: Wed, 17 Nov 2021 14:47:22 GMT

GET
H2 200 rummikub.jpg
friv2.racing/games/icones/ 5 KB
6 KB 82ms
77ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/rummikub.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b7fef7ae8db477e14056c72bafece963d0a73d33de81dcff77edf206b74367

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1095571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5617
last-modified: Wed, 13 Jan 2021 19:33:28 GMT
server: cloudflare
etag: "5fff4b08-15f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TsssbTVG5UOQ%2F4%2BOC%2BS426CZ6vKTf19JRNEKDXy8R0wgmeU5qoOMbHptfVzXKzjY4c5OHl4lPP8McrkKosm2eMCFKcZaNv%2B7FH2eNh0yFe6RC9fr10RJXYJ2szEH2sZqTybjzv2zXi8bpOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9ee9e003-FRA
expires: Fri, 26 Nov 2021 08:20:57 GMT

GET
H2 200 hero-rescue.jpg
friv2.racing/games/icones/ 8 KB
8 KB 81ms
77ms Image
image/jpeg 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/games/icones/hero-rescue.jpg
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eaaa83a6f929a29d7ff5cf7a342a758629a95e4afe9eab69689b6e8120b745d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1095571
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7942
last-modified: Wed, 13 Jan 2021 19:03:17 GMT
server: cloudflare
etag: "5fff43f5-1f06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5hcahNvzMlNqPI9R7qAlt4LfGknJM%2BprTY2egbNnyWTbzwtWuvGr6RNzFhMnqr2LLmwIzoMKPSzKtCwVAW7JKwJ5lblOcHylJupTKzEqxfAMP151lwIfAG56mRbQJRtWnyXqAjReGIfYUE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782a9eeae003-FRA
expires: Fri, 26 Nov 2021 08:20:57 GMT

GET
H2 200 cursor.png
friv2.racing/wp-content/themes/friv/images/ 2 KB
2 KB 59ms
40ms Image
image/png 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/cursor.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b7c0bc7f6953d9a85719f68a6cc410bae7859d4e90696d7bc0586d5f014575

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1192462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1668
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-684"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ql%2B40vszmEA9Sk5BLXhWEfPuMywhB4CX8B31dNbUT6eCfTfLp7OK89lEsL5j9MiE2g%2B9OuDBfPNhq%2Bu7sRE8xSuLBFc5XXyWrh0i77xZaEYaRYDM5lYfLKmmY6aibiNEr9oyT0vDRRxts0E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782adf0ae003-FRA
expires: Sat, 27 Nov 2021 05:26:06 GMT

GET
H2 200 gameback.png
friv2.racing/wp-content/themes/friv/images/ 15 KB
15 KB 58ms
25ms Image
image/png 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/gameback.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a176a0442b25e0a0bf4687552431aa639c95088c510f4bd012c0b6065237c9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1859141
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15309
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-3bcd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJUj8s4TfhvvekqW6qWf9rwuBSNVzhgmWyymi5jzkx%2F1Jfda7%2BPJGNd2jVx6l7Bvbs0d2CMBqqV6f9xrBujKNpyrI88gowQHrXn64007eg8X22jMJaEwg7bFEImXdPBJQVr7E5%2F2aPzs4Ws%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782adf0ee003-FRA
expires: Fri, 19 Nov 2021 12:14:47 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 68ms
12ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a974184f5c497b39a74be6667855dbec199b9c061d5e482feb57bd7c4b695a8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YMgj5d+T20x9VZBBZWkYAA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: oRKaPFlko6/yNrmBPcAEdn6qYRt9mTxYtJs9RDL7zJnYRytDBGSpm3t51iEHiPMkoJ9pnr34ECB8KSnSGVWpNw==
x-fb-trip-id: 917726464
x-fb-content-md5: 656c79fb9a378b145301e953e9bbd4b0
x-frame-options: DENY
date: Thu, 11 Nov 2021 00:40:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6f4ed6062105783d8275db82b43cfbfa"
timing-allow-origin: *
expires: Thu, 11 Nov 2021 00:50:56 GMT

GET
H2 200 menu-bg1.gif
friv2.racing/wp-content/themes/friv/images/ 93 B
608 B 70ms
27ms Image
image/gif 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/menu-bg1.gif
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27bbce805c2c61aab7e90d5a59180cda702e1b002bd739abdbe56aa9473aeb71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1790945
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 93
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "5d-559d691e72c0d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vzVF9fKc%2Bq1cw3KuVVpHCMlmMzwGzQuEJSt2Wnwvn6ZiHs9KUM5X4WpxRbkRdG9R%2FwqIMPly7iCXAMXliIoS%2Bp8Bp3h%2BdJvJUYK9NdSonaPHoUIaWRLGKyMJWRmuev3TSMlISGwPsARWUVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782b2f31e003-FRA
expires: Sat, 20 Nov 2021 17:40:23 GMT

GET
H2 200 search.gif
friv2.racing/wp-content/themes/friv/images/ 165 B
548 B 55ms
29ms Image
image/gif 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/search.gif
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 325963
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 165
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "a5-559d691e98d6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZwyJTy93HEJ2Hm3Wv4zb5y5duNjBb95QJNxigYqcD8e1BU%2FNH82OySE3%2BVe6qVzF2uKB%2FajyMc7%2FcfJ5JY1shyewkCHb%2F8zwZLJUjj8i4A%2Fzn5uSAmoA%2BP3ni1fZQKbJZMKb%2B0HXQIU7p0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782b2f39e003-FRA
expires: Tue, 07 Dec 2021 16:36:45 GMT

GET
H2 200 searchpart.gif
friv2.racing/wp-content/themes/friv/images/ 240 B
651 B 53ms
28ms Image
image/gif 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/searchpart.gif
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1601961
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 240
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "f0-559d691eb94f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FJI%2Ble%2FRaYVLkAwgepPD5rnt8Y7a2VkCmPBOBG8ciwMzcfZPnd3H4UtQqx4LOaQTur%2FEEDXagt4Eo3XDagf7Vcg7tLkpEut2Y4hU4bI0yYhIdsZ3TarGUByfAscbdTOzig8qXegnuMeETA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-accel-version: 0.01
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782b2f3ae003-FRA
expires: Mon, 22 Nov 2021 22:10:07 GMT

GET
H2 200 logo_big.png
friv2.racing/wp-content/themes/friv/images/ 63 KB
64 KB 46ms
29ms Image
image/png 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://friv2.racing/wp-content/themes/friv/images/logo_big.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f420911e15e0dcade2d82029717124f6f8263456f3d2686576c5cb364c7d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2480717
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 64752
last-modified: Sat, 23 Sep 2017 07:49:49 GMT
server: cloudflare
etag: "59c6121d-fcf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4x3Jl%2BoLLlIqXJ%2BlFuhlLcSPXlrKuAX%2BEtXoui4VaM4b8DIfQCHTIddhB0wwsN68BCxir8rLV9dgFiO0LDQHsvFt3cj89%2BHGC7LdGcx1QsFGjPpdOAYkiqN1fhe%2BQACwqcQeOgjQbffByf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6ac3782b3f3fe003-FRA
expires: Fri, 12 Nov 2021 07:35:11 GMT

GET
H2 200 play-squidgame.html Show response
friv2.racing/games/pages/ Frame 5049 1 KB
859 B 57ms
52ms Document
text/html 2606:4700:3032::6815:312a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://friv2.racing/games/pages/play-squidgame.html
Requested by: Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:312a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56fbfddfebb2a54398f0413acae5235283231d30cfd851ed3c8d6408ab7f3e13

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/squid-game-online.html

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-type: text/html
last-modified: Wed, 13 Oct 2021 11:40:20 GMT
vary: Accept-Encoding
cache-control: max-age=43200
expires: Thu, 11 Nov 2021 12:40:28 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z6fL2wADGConIgNaagwjpBAmg9da6wbHH4n6hqGz094Hog3F73oow8JVZuL76TOe2C2l49TgavCD2NE%2BBS2tNRM3ztlkR%2Fx1ylCx90eLnBuR3yKwp3aZV2iMjlLDUZaCgFo9Pz99pE5xcmc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac3782b3f40e003-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-online.html;hSquid%20Game%20Online%20-%20Play%20at%20Friv2.Racing;0.881498616969207
https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-online.html;hSquid%20Game%20Online%20-%20Play%20at%20Friv2.Racing;0.881498616969207

104 B
590 B

43ms
42ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-online.html;hSquid%20Game%20Online%20-%20Play%20at%20Friv2.Racing;0.881498616969207

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

HTTP/1.1

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a221343db26c43bb8ec3b2dda04ec6017ba57321fb34076aeb0e276feebe8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 00:40:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 104
Expires: Tue, 10 Nov 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 11 Nov 2021 00:40:28 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttps%3A//friv2.racing/squid-game-online.html;hSquid%20Game%20Online%20-%20Play%20at%20Friv2.Racing;0.881498616969207
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Tue, 10 Nov 2020 21:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 267 KB
76 KB 43ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=03a1bef4cf85d5c77a9356dc1f91b66f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3cb70a2e9817b7831a17b77189a794c3af0d4adc7b6f7c3115acc63679219ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://friv2.racing/
Origin: https://friv2.racing
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: r6tB6s8OKVBM0NZCDqonuA==
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 76949
x-fb-rlafr: 0
x-fb-debug: An3fyU6ICCYt+z6vAssLN/b9ATV79H0rEhS2AmS03GGxi4Rq2rlXv7Qg1uPaEe3ErttGiAYUEPOfm26Vofeh3A==
x-fb-trip-id: 917726464
x-fb-content-md5: 7a7435ebf1476eb8639c33528c41f3df
x-frame-options: DENY
date: Thu, 11 Nov 2021 00:40:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "635fef5be0ec5d5751ebbb3d1688ba27"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Nov 2022 20:21:05 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 44ms
11ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2394
date: Thu, 11 Nov 2021 00:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 02:00:34 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/ 268 KB
97 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=friv2.racing&bust=31063690

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48ec2063144ca0a1dbfce95b3ab1a89b5c7ca03c62d03418d6a0844862fa093e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98692
x-xss-protection: 0
server: cafe
etag: 12331598553830373832
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 00:40:28 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/ Frame CF87 11 KB
5 KB 32ms
8ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211108/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 10 Nov 2021 20:41:10 GMT
expires: Wed, 24 Nov 2021 20:41:10 GMT
content-type: text/html; charset=UTF-8
etag: 4704609575283140419
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4891
x-xss-protection: 0
age: 14358
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 5049 90 KB
36 KB 22ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Requested by

Host: friv2.racing
URL: https://friv2.racing/games/pages/play-squidgame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f049107d6074e0f1d2ccc9950ff0fc8eecd161600196e7220eb3864a46599de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36400
x-xss-protection: 0
expires: Thu, 11 Nov 2021 00:40:28 GMT

GET
H2 200 / Show response
html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/ Frame AFE2 21 KB
6 KB 78ms
43ms Document
text/html 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Requested by: Host: friv2.racing
URL: https://friv2.racing/games/pages/play-squidgame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef67829aff6d0391203193d04183a2aa78627dd9a2b3cd3bfaed187df88ce78

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-type: text/html; charset=UTF-8
last-modified: Sun, 10 Oct 2021 14:22:14 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FOMMvTFJ1NB%2BtzF4SIHHzt%2FdqVwjQuFenVEWjzMdlbgFsXB4HsFnQPrYUbt09LGW93rBYt%2F2u2mWwoP6UwRu%2FHNlAK8eRcjJr2wPukRg%2FpR1S05LD2nIowXdr8%2F2mgYHB2QTUzWl8wSqhpNR7tfRhyAW1E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ac3782c59434dd0-FRA
content-encoding: br

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 15ms
15ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1227543522&t=pageview&_s=1&dl=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&ul=en-us&de=UTF-8&dt=Squid%20Game%20Online%20-%20Play%20at%20Friv2.Racing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1154563560&gjid=2055681518&cid=1135037187.1636591228&tid=UA-97003001-1&_gid=2075293163.1636591228&_r=1&gtm=2oub80&z=532406494

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ca-pub-7652110621730409 Show response
fundingchoicesmessages.google.com/i/ 78 KB
28 KB 108ms
75ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7652110621730409?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=friv2.racing&bust=31063690

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

208add5a5db5500e31a3be681a36e8f60ff36d819de9152188f14853dd4253cd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1ykFduq6KrIyyEC7RZd5pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-1ykFduq6KrIyyEC7RZd5pg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-1ykFduq6KrIyyEC7RZd5pg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-1ykFduq6KrIyyEC7RZd5pg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Thu, 11 Nov 2021 00:40:29 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 79ms
24ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-97003001-1&cid=1135037187.1636591228&jid=1154563560&gjid=2055681518&_gid=2075293163.1636591228&_u=YEBAAUAAAAAAAC~&z=363745880

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 11 Nov 2021 00:40:29 GMT
content-type: text/plain
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 5049 49 KB
20 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2394
date: Thu, 11 Nov 2021 00:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 02:00:34 GMT

GET
H/1.1 200
OK main-788119ea28.css
assets.jetticdn.com/squidgame/css/ Frame AFE2 5 KB
5 KB 502ms
87ms Stylesheet
text/css 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/css/main-788119ea28.css
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 449758634d83c0f8bd47a5145a45488d98e72b2811b3de23e110cf10a87cd1ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
last-modified: Fri, 08 Oct 2021 08:48:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f3-1406"
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5126

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame AFE2 90 KB
36 KB 40ms
38ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-101981884-10

Requested by

Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e17a799a36103ea76870388bc25f8492043bb6cd057db1fb1542c9d9cb7eb3cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36395
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 11 Nov 2021 00:40:28 GMT

GET
H2 200 three.min.js Show response
cdnjs.cloudflare.com/ajax/libs/three.js/110/ Frame AFE2 583 KB
119 KB 65ms
28ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js

Requested by

Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81287c7a8b736ff095bc244418f50d8085ae0e74d89d9bd53909d1acfd5e0e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5.gamemonetize.com/
Origin: https://html5.gamemonetize.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1336170
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 121878
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-91c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A%2FEhvpD4MvGdUQpCuWUIEaBh7DiKpnzQJAbo5tg6gWyP7xdj1fkLlzrEjSORd9WPNBbsgzt3Bf7S08pL3WfofuTxfFN1Ql1NEv2QEPWW8josOYPkMOCJiQPwrwcvSGzuNXSxNHsGEbrUKFadm1KhOau"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ac3782d485c4eaf-FRA
expires: Tue, 01 Nov 2022 00:40:29 GMT

GET
H2 200 lodash.min.js Show response
cdn.jsdelivr.net/lodash/4.13.1/ Frame AFE2 66 KB
23 KB 62ms
25ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/lodash/4.13.1/lodash.min.js

Requested by

Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f127b2a89ed9019c7c5a72203ff6e02ba2c62232a38688cd3c748c57f7e8dbd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1396385
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19158-FRA
timing-allow-origin: *
server: cloudflare
etag: W/"10979-laBcZlGXb15QhzwbsayMnQNiKTs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6ac3782d5d2b6964-FRA

GET
H2 200 socket.io.slim.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/ Frame AFE2 52 KB
14 KB 56ms
19ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.slim.js

Requested by

Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ee978734f5c76b58a5d5b5a9653f1179e7c970c4cc020bc75725d6743d55b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://html5.gamemonetize.com/
Origin: https://html5.gamemonetize.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2965211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13995
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-d0dd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh0Q2tyFZDQmRCPh5JYBzwrGUM%2BBdSTzC5sIJAlNcMJtQe0qhCsbAZOdA3plhSr3pL5YgIG2JSyB3iqcUoH23Zu%2B3qt26DYuf2etg%2FbI6c5Y51II1%2FtaeillommJVRgcbdeQeRKnlwS2TkOowzOhRIMq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ac3782d485d4eaf-FRA
expires: Tue, 01 Nov 2022 00:40:29 GMT

GET
H/1.1 200
OK all-70cd5a76f9.js Show response
assets.jetticdn.com/squidgame/js/ Frame AFE2 89 KB
89 KB 578ms
164ms Script
application/javascript 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/js/all-70cd5a76f9.js
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3d65d7e722a134c222a469515c91a0716ce3ac64014410e20739a1721519d959

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
last-modified: Fri, 08 Oct 2021 08:48:52 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f4-16205"
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 90629

GET
H2 200 mirage2.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/ Frame AFE2 38 KB
12 KB 73ms
15ms Script
application/javascript 2606:4700::6811:490e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js

Requested by

Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:490e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
last-modified: Mon, 08 Nov 2021 15:42:51 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"6189457b-9688"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qDmYwg2eJwXId4c89jE355jyzEk%2BsH%2FlspS3yEYhIMlrFwg2Llm1uNrvL3vgygQPTj5sqxHLlYRpQZsFBW%2BuZxBnGk22r%2FFIYt72LMgCSWzNZmP5Q%2BiOSkUuxYn7l3JNvuSakkWJQ06spWdwIW8jADo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6ac3782d6e204309-FRA
expires: Sat, 13 Nov 2021 00:40:29 GMT

GET
H2 200 email-decode.min.js Show response
html5.gamemonetize.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ Frame AFE2 1 KB
1 KB 22ms
21ms Script
application/javascript 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://html5.gamemonetize.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 08 Nov 2021 15:43:33 GMT
server: cloudflare
etag: W/"618945a5-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEXa6UJw6nhaJQIkS0g8x%2F3UG0FVNtZCTiAHv9YncaVixb2Q2sHaG1yc2rYSVRzROfKSrvoZ2Ehyf2HMFwuVVB2GI9KOkeoeySTdTgSd1aEEXR%2BgKxT9MPs4jD2mcRLjrutEsOg6OqLUWR1wKUjGfvn1vbY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac3782d19ef4dd0-FRA
vary: Accept-Encoding
expires: Sat, 13 Nov 2021 00:40:28 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 5049 35 B
132 B 15ms
14ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=4115756&t=pageview&_s=1&dl=https%3A%2F%2Ffriv2.racing%2Fgames%2Fpages%2Fplay-squidgame.html&ul=en-us&de=UTF-8&dt=Play%20Squid%20Game%20Here&sd=24-bit&sr=1600x1200&vp=900x675&je=0&_u=QACAAUAB~&jid=&gjid=&cid=1135037187.1636591228&tid=UA-97003001-1&_gid=2075293163.1636591228&gtm=2oub80&z=1750299466

Requested by

Host: friv2.racing
URL: https://friv2.racing/games/pages/play-squidgame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Nov 2021 09:19:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 55240
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxVpb9wVqKjGGo2aMR0me5d3mXyd6RA8bV5JpYWmjoRbCBFqwLmUyFJxH3zrDRquPwx1jJxzDSn4Ym0MGvqDzd8= Show response
fundingchoicesmessages.google.com/el/ 0
895 B 42ms
20ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVpb9wVqKjGGo2aMR0me5d3mXyd6RA8bV5JpYWmjoRbCBFqwLmUyFJxH3zrDRquPwx1jJxzDSn4Ym0MGvqDzd8=?pvid=C2E0C23F-C51D-4F4C-8746-89D1C587DC15&anonid=17752FF1-2E10-41CE-B110-243C7A8A6505

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.oTc3muKHBJ8.es5.O/d=1/rs=AJlcJMz72_EH25bmytKRF1UvmlGvFiBCuQ/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6NSuEM5hfUgxDt12n8N+Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6NSuEM5hfUgxDt12n8N+Sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-6NSuEM5hfUgxDt12n8N+Sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-6NSuEM5hfUgxDt12n8N+Sw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxV1jY13Ab6WmN8MA0WbCIv5Tv-4BfcaOQynawPz-lZnWVxRy2H2NwPApCTTSOwcq3hX09kT7WclglI6T271oFM= Show response
fundingchoicesmessages.google.com/f/ 45 KB
18 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV1jY13Ab6WmN8MA0WbCIv5Tv-4BfcaOQynawPz-lZnWVxRy2H2NwPApCTTSOwcq3hX09kT7WclglI6T271oFM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2NTkxMjI5LDI2MDAwMDAwXSwiQzJFMEMyM0YtQzUxRC00RjRDLTg3NDYtODlEMUM1ODdEQzE1IiwiMTc3NTJGRjEtMkUxMC00MUNFLUIxMTAtMjQzQzdBOEE2NTA1IixudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vZnJpdjIucmFjaW5nL3NxdWlkLWdhbWUtb25saW5lLmh0bWwiLG51bGwsW11d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f32b7f1fd8f14e4609d2f5e1a6afe3f53b8ad27f9a4a7065c70d5ffae0713c57

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ac1kWSRCb1pnO/gtHP2iug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Ac1kWSRCb1pnO/gtHP2iug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Ac1kWSRCb1pnO/gtHP2iug' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Ac1kWSRCb1pnO/gtHP2iug' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
638 B 68ms
16ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=friv2.racing&callback=_gfp_s_&client=ca-pub-7652110621730409

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

976df30875c5347b6b126b8de4cc77b7b2eb034022fd118f279f4439b7374bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
15ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 42ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6236 74 KB
25 KB 455ms
454ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22dce523adc2d1db663608abe419441635a27262c8cfa9d019f234a2ec60f694

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM7d_7aJj_QCFYZ94AodLRQKlg&gqi=fWaMYYznG4SE3gOOp5m4DQ&layout=/sadbundle/%24csp%253Der3%24/5132579750669189120/AD_KFZ1_211018_mf_07/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM7d_7aJj_QCFYZ94AodLRQKlg&gqi=fWaMYYznG4SE3gOOp5m4DQ&layout=/sadbundle/%24csp%253Der3%24/5132579750669189120/AD_KFZ1_211018_mf_07/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Nov 2021 00:40:29 GMT
server: cafe
content-length: 25258
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BBD3 81 KB
26 KB 482ms
479ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60ad20dd76d812c3d941cb92d2e691b57f030771c2caf9671b18d5f49d877380

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJmIgLeJj_QCFZS8ewoddmgOwg&gqi=fWaMYYuVHNSV3gP67KvwAg&layout=/sadbundle/%24csp%253Der3%24/9148009138863734784/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJmIgLeJj_QCFZS8ewoddmgOwg&gqi=fWaMYYuVHNSV3gP67KvwAg&layout=/sadbundle/%24csp%253Der3%24/9148009138863734784/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Nov 2021 00:40:29 GMT
server: cafe
content-length: 26238
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7620 70 KB
28 KB 513ms
513ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1636591229&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=184&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zkMzuUnMwC&p=https%3A//friv2.racing&dtd=673

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8c401041a4d2376f0f7dd9bb967a211cb5023e339ef34319cfffa5fe46ce0cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Nov 2021 00:40:29 GMT
server: cafe
content-length: 28162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:29 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2514 214 KB
58 KB 574ms
574ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1636591229&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=187&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=4&uci=a!4&fsb=1&dtd=676

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dde1a8419ad24ecfc162c1097650ab4d0f1abe80552b39ef24c122afb527cc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Nov 2021 00:40:30 GMT
server: cafe
content-length: 59413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:30 GMT
cache-control: private

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame AFE2 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-101981884-10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2395
date: Thu, 11 Nov 2021 00:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 02:00:34 GMT

GET
H2 200 sdk.js Show response
api.gamemonetize.com/ Frame AFE2 695 KB
95 KB 36ms
26ms Script
application/javascript 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.gamemonetize.com/sdk.js
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e2519e4eeded968669e947a787db9b5ab71cd482dae6060208fce5cffe99ad4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 16:05:17 GMT
server: cloudflare
age: 2027
etag: W/"adab3-5d0716467584a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbG2HxndMRYpNHm%2BWKEWghOIoO1sVjutRsu%2BpAoRDEOb%2FkLyVKp4g6JxRWl1Obsvq9ETL%2FViyLvn57iTPiKG2SqB2GKo7pzsRiXRXQ9sgkIFexFqPrDhZJ9oi6aAu0EZd6enxem1wEBMEpnuVyH6n71q"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac378305c834dd0-FRA

POST
H2 204 AGSKWxUNE9B8j7cgQuisiDOMJy-TFlM7CmfsHeq7SYclYrAB8w4f6IzMFj1RZtVdt6WK8bpS4PR9nIY3uWSay-akuFNANqGVvAImrPT_pkCTPEFouxQoiLBHRMMHauw9jWr3R5N73FPgibjK_VIiXX2fSVJEzeJDBGQ3qH7DEY46yZCbAAJ2X5Q1uGFmdb7B Show response
fundingchoicesmessages.google.com/el/ 0
365 B 27ms
26ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUNE9B8j7cgQuisiDOMJy-TFlM7CmfsHeq7SYclYrAB8w4f6IzMFj1RZtVdt6WK8bpS4PR9nIY3uWSay-akuFNANqGVvAImrPT_pkCTPEFouxQoiLBHRMMHauw9jWr3R5N73FPgibjK_VIiXX2fSVJEzeJDBGQ3qH7DEY46yZCbAAJ2X5Q1uGFmdb7B

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabCcpaWebSignalJs.de.hx-pxAXvyic.es5.O/d=1/rs=AJlcJMyY7HtVwqgrIBDxomhIf4sDKC3pvg/m=iabccpawebsignalscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j29KTYFfCgSZN6RQhDvjEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j29KTYFfCgSZN6RQhDvjEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-j29KTYFfCgSZN6RQhDvjEg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-j29KTYFfCgSZN6RQhDvjEg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUNE9B8j7cgQuisiDOMJy-TFlM7CmfsHeq7SYclYrAB8w4f6IzMFj1RZtVdt6WK8bpS4PR9nIY3uWSay-akuFNANqGVvAImrPT_pkCTPEFouxQoiLBHRMMHauw9jWr3R5N73FPgibjK_VIiXX2fSVJEzeJDBGQ3qH7DEY46yZCbAAJ2X5Q1uGFmdb7B Show response
fundingchoicesmessages.google.com/el/ 0
362 B 55ms
54ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Pyeo/b/DMp4PGLaU2PpH3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Pyeo/b/DMp4PGLaU2PpH3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Pyeo/b/DMp4PGLaU2PpH3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Pyeo/b/DMp4PGLaU2PpH3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXokNBLr_D8ssoCJSe98n4exC5hnQ90E9LFV2ptRJKBZoeZ8JkqfqbaZ0eaaeBjrcA4Xvh9EW9KrL1wq88uIJV_GOEojBeBqtxvJhHuxldAHavwEiFgyi3fdNd9_qrBD88ZMeWAm5sR521ucYLUTrd8VQFfsI5lXXRZ5wUjgMP4dkhZJKB9pcLobZa1 Show response
fundingchoicesmessages.google.com/f/ 61 KB
23 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXokNBLr_D8ssoCJSe98n4exC5hnQ90E9LFV2ptRJKBZoeZ8JkqfqbaZ0eaaeBjrcA4Xvh9EW9KrL1wq88uIJV_GOEojBeBqtxvJhHuxldAHavwEiFgyi3fdNd9_qrBD88ZMeWAm5sR521ucYLUTrd8VQFfsI5lXXRZ5wUjgMP4dkhZJKB9pcLobZa1?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2NTkxMjI5LDE0NTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9mcml2Mi5yYWNpbmcvc3F1aWQtZ2FtZS1vbmxpbmUuaHRtbCIsbnVsbCxbXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2aa37149dc391c910ae9f47247fccab53c3a18bde6a244b7c4548556592fd47e

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Me9jG5X2aNxhd/lQl/KCjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Me9jG5X2aNxhd/lQl/KCjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-Me9jG5X2aNxhd/lQl/KCjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Me9jG5X2aNxhd/lQl/KCjA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3.js Show response
gamemonetize.com/api/ Frame AFE2 273 KB
94 KB 37ms
27ms Script
application/javascript 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gamemonetize.com/api/ima3.js
Requested by: Host: api.gamemonetize.com
URL: https://api.gamemonetize.com/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74c0db4bb9bf18fc500afe7c78cfc5fd982d57bb6536fa11c78dd6750c12fc6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Jul 2021 07:37:55 GMT
server: cloudflare
age: 7688794
etag: W/"60efe5d3-442d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9uD05s%2F9Z9Jgvl7nXrPz5mBEbHonIZ0ta6DKNg%2BM20SGcGWuj0n7pymq1z9KNz2bIaf2XHyTP86dHaAhHvZMpatsuusIjglLYHIQ58QkjW0ntIqQM0SIgP5%2FYXGpY6tScQPTt0YXqygKYh5yYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac37830ed024dd0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ga.js Show response
api.gamemonetize.com/ Frame AFE2 8 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.gamemonetize.com/ga.js
Requested by: Host: api.gamemonetize.com
URL: https://api.gamemonetize.com/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffdc94a1437339a2f1167dcfea984a9d7bdddc5e8c333997ef3eb91934430ed7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 19 Oct 2021 10:50:31 GMT
server: cloudflare
etag: W/"616ea2f7-218f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2B7mpSOfk22ZDz3Z1nJpjpbQ1uab8aPFjhR%2F8pWJBlVKwVEf7o9l8EpA1i0QdE1LZrS57cB1JMVKr%2B3wl8QM9dY%2Fxb7WMowkbSHmyFUC3cmJEJrpOSq%2Bz3NuMCIt8xOuh1mfWktKzzWlMtKXoSfYovhX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
cf-ray: 6ac37830ecf14dd0-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/ Frame AFE2 21 KB
6 KB 48ms
48ms Fetch
text/html 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Requested by: Host: api.gamemonetize.com
URL: https://api.gamemonetize.com/sdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ef67829aff6d0391203193d04183a2aa78627dd9a2b3cd3bfaed187df88ce78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 10 Oct 2021 14:22:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5QVqRIOqmuj7jNidF%2BStEaC%2FXlQo6CvnP2dcYTP6Bn5GwazPl3d%2F8GenJcZ2%2FDByS5R1Kkz2dTfhnPwm5DHayWcVm04P9mQCmCfIGTaXF2MiiqwiRHpFIoKdnGNpOSWUGKNcx%2Fz%2FGm27NeG%2FE0ppw3VZJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-ray: 6ac37830ecf24dd0-FRA

GET
H2 200 event.php
gamemonetize.com/account/ Frame AFE2 695 B
1 KB 46ms
46ms Image
image/jpg 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gamemonetize.com/account/event.php?page_url=friv2.racing&game_id=j4drf322s2noxvmrvou4ed4j7a0h2ugv&eventtype=1
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.22
Resource Hash: 1a0913922f860052b6b99f7beef92d572754f865a42cc164a339f69870f8e183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.22
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N7o0w3uyVbDKmQ%2BgAyyAZwSHGL3llb96YoobfOdqsD0jHyY%2BqBX7fvIoCr21y95EKMmN1W02bOv16Eu%2F0t9O95gEv5Z2Es%2B7IABHGeuZuYSM7Tcc8DEbMhIhsOv3nrjS8i4GyggDcrwnJvE07MQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpg
access-control-allow-origin: *
cf-ray: 6ac37830ed044dd0-FRA
content-length: 695

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame AFE2 49 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: api.gamemonetize.com
URL: https://api.gamemonetize.com/ga.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 2395
date: Thu, 11 Nov 2021 00:00:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 11 Nov 2021 02:00:34 GMT

GET
H2 200 bridge3.353.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 216B 595 KB
192 KB 33ms
9ms Document
text/html 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: gamemonetize.com
URL: https://gamemonetize.com/api/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86cfdf9b07db942980d11e509a5dab207186ffc65791af50833ed53e8d362291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 196419
date: Wed, 10 Nov 2021 16:33:09 GMT
expires: Thu, 10 Nov 2022 16:33:09 GMT
last-modified: Wed, 20 Nov 2019 19:30:13 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 29240
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AFE2 44 KB
17 KB 40ms
16ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: gamemonetize.com
URL: https://gamemonetize.com/api/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 11 Nov 2021 00:40:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame AFE2 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=html5.gamemonetize.com

Requested by

Host: gamemonetize.com
URL: https://gamemonetize.com/api/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

OPTIONS
H/1.1 204
No Content client
backend.jettigames.com/ Frame 0
0 84ms
20ms Preflight 188.166.128.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.jettigames.com/client
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 188.166.128.113 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://html5.gamemonetize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 11 Nov 2021 00:40:29 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type

OPTIONS
H/1.1 204
No Content client
backend.jettigames.com/ Frame 0
0 84ms
21ms Preflight 188.166.128.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.jettigames.com/client
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 188.166.128.113 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://html5.gamemonetize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 11 Nov 2021 00:40:29 GMT
Content-Length: 0
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type

POST
H/1.1 200
OK client Show response
backend.jettigames.com/ Frame AFE2 87 B
415 B 22ms
21ms XHR
text/html 188.166.128.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.jettigames.com/client
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 188.166.128.113 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 474445404a6938af3e7e9a4a9941f175fe3d54cd5b46d81a20721de3c883addf

Request headers

Referer: https://html5.gamemonetize.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 11 Nov 2021 00:40:29 GMT
Content-Encoding: gzip
ETag: W/"57-WidhJITKZGmUzQYgotPuYfldKa8"
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

POST
H/1.1 200
OK client Show response
backend.jettigames.com/ Frame AFE2 1 KB
808 B 22ms
22ms XHR
text/html 188.166.128.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://backend.jettigames.com/client
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 188.166.128.113 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 0a81a5e22b5cb9dffce12122df1d1de2612fc4962d11cd6188fbadf6ae3b01ac

Request headers

Referer: https://html5.gamemonetize.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Thu, 11 Nov 2021 00:40:29 GMT
Content-Encoding: gzip
ETag: W/"4d4-RP5k8eFPzYkPrcU1KE4TWj+m2+c"
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive

GET
H2 200 sdk_mobile.js Show response
api.gamemonetize.com/ Frame AFE2 99 KB
35 KB 66ms
66ms Script
application/javascript 2606:4700:20::ac43:4702
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.gamemonetize.com/sdk_mobile.js?v=1636591229280
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4702 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bf4e70001e53d8a128c82b59bb6ca451d5c7f3032d001617f2ec97f3d2e4440

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 03 Nov 2021 03:15:07 GMT
server: cloudflare
etag: W/"18ada-5cfd9d12f2fbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IE%2B8VhYNkhvN1vgK7dZpXoDpTin2W5HrnDga0PsC9EF1OzjTqrSEeI2mps462mN53J2CnqvNpOnZMPsklWyZ%2Fczwl5x1BPLsXn%2FMtb1RZ%2FJB30RUGGLuFkfJOiJepqFRqgyB%2BVir3mhWMqsH5SsbgpKn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2678400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6ac378318d974dd0-FRA

GET
H/1.1 200
OK logo.png
assets.jetticdn.com/squidgame/assets/textures/ Frame AFE2 58 KB
59 KB 90ms
90ms Image
image/png 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.jetticdn.com/squidgame/assets/textures/logo.png
Requested by: Host: html5.gamemonetize.com
URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d970589b6660ec91a6aa1a10d344f7ac0b3f089125ff86a11a0e5d77235b7391

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:29 GMT
last-modified: Fri, 08 Oct 2021 08:48:59 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fb-e936"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 59702

GET
H/1.1 200
OK p1.obj Show response
assets.jetticdn.com/squidgame/assets/models/player/ Frame AFE2 12 KB
12 KB 332ms
161ms XHR
application/octet-stream 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/models/player/p1.obj
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1a2b89d2e740488f2ac7995cccf9287662e3e83231afb3ec6c329ce42c3adf1f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:54 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f6-2f5a"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 12122

GET
H/1.1 200
OK ph.obj Show response
assets.jetticdn.com/squidgame/assets/models/player/ Frame AFE2 11 KB
11 KB 255ms
85ms XHR
application/octet-stream 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/models/player/ph.obj
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 652a7fe3ea9660458bcbdef58efc09309f326058bc94c93b55603b68c65be041

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f5-2a2d"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 10797

GET
H/1.1 200
OK pt.obj Show response
assets.jetticdn.com/squidgame/assets/models/player/ Frame AFE2 3 KB
3 KB 256ms
83ms XHR
application/octet-stream 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/models/player/pt.obj
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6e9fd94eea99a4cb688c9acb0dbbd8ac70f957c5ae4b382e67834a70035d5cca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f5-be6"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3046

GET
H/1.1 200
OK pf.obj Show response
assets.jetticdn.com/squidgame/assets/models/player/ Frame AFE2 4 KB
4 KB 278ms
100ms XHR
application/octet-stream 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/models/player/pf.obj
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f88bfcab79ed387a0103e0346190c239ae8bb6e8de191e1820820354b4712e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f5-ff7"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 4087

GET
H/1.1 200
OK food.obj Show response
assets.jetticdn.com/squidgame/assets/models/ Frame AFE2 1 KB
2 KB 278ms
101ms XHR
application/octet-stream 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/models/food.obj
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cad3a128860e28143ba656346b659a18ae392c6f8a1e78b22de0726abdb26902

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:54 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f6-532"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1330

GET
H/1.1 200
OK boff.obj Show response
assets.jetticdn.com/squidgame/assets/models/ Frame AFE2 5 KB
5 KB 278ms
101ms XHR
application/octet-stream 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/models/boff.obj
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/three.js/110/three.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3cb71a81ddfd8982c5729a54b00981b9a824a1e22a3942432371cb7de4d9524

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:53 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005f5-1458"
content-type: application/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
content-length: 5208

GET
H/1.1 200
OK coin.mp3 Show response
assets.jetticdn.com/squidgame/assets/sounds/ Frame AFE2 3 KB
3 KB 340ms
84ms XHR
audio/mpeg 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/sounds/coin.mp3
Requested by: Host: assets.jetticdn.com
URL: https://assets.jetticdn.com/squidgame/js/all-70cd5a76f9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 18fa383ca7b0d6ae6aa596c57833c8c06b4cf7c6455048165b70eba142130a03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fe-bb3"
content-type: audio/mpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2995

GET
H/1.1 200
OK bounce.mp3 Show response
assets.jetticdn.com/squidgame/assets/sounds/ Frame AFE2 3 KB
3 KB 341ms
86ms XHR
audio/mpeg 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/sounds/bounce.mp3
Requested by: Host: assets.jetticdn.com
URL: https://assets.jetticdn.com/squidgame/js/all-70cd5a76f9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ae9278911ecba31af53727f12c3310a4bdf29383cfc546acdf8f72e089584ba9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fe-c84"
content-type: audio/mpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3204

GET
H/1.1 200
OK kill.mp3 Show response
assets.jetticdn.com/squidgame/assets/sounds/ Frame AFE2 9 KB
9 KB 373ms
86ms XHR
audio/mpeg 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/sounds/kill.mp3
Requested by: Host: assets.jetticdn.com
URL: https://assets.jetticdn.com/squidgame/js/all-70cd5a76f9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8a05744c57b6130b4e100fd8561327408e6d722722459c62b2c12dd162f723ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fe-2268"
content-type: audio/mpeg
access-control-allow-origin: *
accept-ranges: bytes
content-length: 8808

GET
H/1.1 200
OK font.json Show response
assets.jetticdn.com/squidgame/assets/fonts/ Frame AFE2 7 KB
8 KB 375ms
87ms XHR
application/json 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.jetticdn.com/squidgame/assets/fonts/font.json
Requested by: Host: assets.jetticdn.com
URL: https://assets.jetticdn.com/squidgame/js/all-70cd5a76f9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a5e7206978d27080f022a7eac0c1da65dc97e0a926f1380a45a4b3b103a73c9d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://html5.gamemonetize.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fd-1dc3"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7619

GET
H/1.1 200
OK hudtex.png
assets.jetticdn.com/squidgame/assets/textures/ Frame AFE2 2 KB
2 KB 84ms
83ms Image
image/png 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.jetticdn.com/squidgame/assets/textures/hudtex.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/games/pages/play-squidgame.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0b0dc2599732a9496959c8d511509a55806bbad51167078555d49db41b7a999a

Request headers

Referer: https://html5.gamemonetize.com/
Origin: https://html5.gamemonetize.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:48:59 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fb-803"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2051

GET
H/1.1 200
OK sand.png
assets.jetticdn.com/squidgame/assets/textures/ Frame AFE2 4 KB
4 KB 85ms
84ms Image
image/png 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.jetticdn.com/squidgame/assets/textures/sand.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/games/pages/play-squidgame.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 7efcd7a73e331f8795f2c47c52befb53a3afeceabd9bfa53f84bc15c474e6db4

Request headers

Referer: https://html5.gamemonetize.com/
Origin: https://html5.gamemonetize.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fc-e9e"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 3742

GET
H/1.1 200
OK font.png
assets.jetticdn.com/squidgame/assets/fonts/ Frame AFE2 20 KB
20 KB 85ms
84ms Image
image/png 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.jetticdn.com/squidgame/assets/fonts/font.png
Requested by: Host: friv2.racing
URL: https://friv2.racing/games/pages/play-squidgame.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3cefc7a4aee10abd282d2c158efe45d62cbbfe6a130286b4076cc7adca59e17b

Request headers

Referer: https://html5.gamemonetize.com/
Origin: https://html5.gamemonetize.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:01 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fd-4e73"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 20083

GET
H/1.1 200
OK buttons.png
assets.jetticdn.com/squidgame/assets/textures/ Frame AFE2 65 KB
66 KB 88ms
88ms Image
image/png 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.jetticdn.com/squidgame/assets/textures/buttons.png
Requested by: Host: assets.jetticdn.com
URL: https://assets.jetticdn.com/squidgame/css/main-788119ea28.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e7b97ddfa6bd0f60f8e00519e12e8919d23e03ac78a0d4d5f2e9a0dd623c46e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.jetticdn.com/squidgame/css/main-788119ea28.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fc-105b9"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 67001

GET
H/1.1 200
OK sndicon.png
assets.jetticdn.com/squidgame/assets/textures/ Frame AFE2 8 KB
8 KB 87ms
87ms Image
image/png 167.172.13.198
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.jetticdn.com/squidgame/assets/textures/sndicon.png
Requested by: Host: assets.jetticdn.com
URL: https://assets.jetticdn.com/squidgame/css/main-788119ea28.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 167.172.13.198 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 55955e7d789408e5f71e4aa492df6c9eb34d13bf2b555b6c74a6f48fa570678e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://assets.jetticdn.com/squidgame/css/main-788119ea28.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
last-modified: Fri, 08 Oct 2021 08:49:00 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "616005fc-1e8f"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 7823

GET
H2 200 698121127378800742
tpc.googlesyndication.com/simgad/ Frame 7620 65 KB
65 KB 49ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/698121127378800742?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnCgrXd46fcdt0cFnUGChtZrS16Pw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1636591229&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=184&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zkMzuUnMwC&p=https%3A//friv2.racing&dtd=673

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a0b8156ca6ec5a2dfdeedb23ad098df650c09942ccad62ab608544f846bfb96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:04:35 GMT
x-content-type-options: nosniff
age: 599755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66049
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 15:32:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 02:04:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 7620 19 KB
8 KB 48ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:47:21 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 7620 2 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 00:19:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7620 119 KB
36 KB 61ms
30ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 00:40:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 7620 15 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:51:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 7620 27 KB
11 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38b09561f7d53a5b6507465e059bf853156b8ea93d249d1221ea72d676b5e45f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 18:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23993
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11385
x-xss-protection: 0
server: cafe
etag: 2663968587473587327
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 18:00:37 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 6236 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 00:19:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6236 119 KB
37 KB 63ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 00:40:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 6236 15 KB
6 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:51:40 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BBD3 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 00:19:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BBD3 119 KB
36 KB 58ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 00:40:30 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame BBD3 15 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2930
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:51:40 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7620 0
0 50ms
50ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQ0cpfWaMYYzvHIX-gQfvjZfIBrK-lJlmgYnmx_gOwff81K4JEAEg56WhBWCVgoCAmAegAZyv-6gCyAECqAMByAPJBKoE1AFP0Kh6JOC3lor096DsciMl8KZAB64An4lyAnJME5LqFwyA2KnQezLRZKes8xiKwU8toY6Xl2Fodh9Tb3wI4KxGKJ8Nx9HojoEX5BPczQc_oiZeLE66DgdaB8lyBsIwr2BQ6k5SnDi1ji4tvxrzUH2CgFcxmaBgWc4mUz89uDgUfdd83E2O9n12YNo2b09L-6z5J0Q4kz-SJvZMFop2l1a8lcfDUBjzu63JiHpMAoMwm4SFz2x6lWpPpJYEsKUlSW2g5zwNERtj1qh0b3OHEKBDY18wvsAEzvyo6dwDkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ5MCxDdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi03NjUyMTEwNjIxNzMwNDA5GAA&sigh=kQ21dZ5Mqak&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1636591229&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=184&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zkMzuUnMwC&p=https%3A//friv2.racing&dtd=673
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Nov 2021 00:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Nov 2021 00:40:30 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 215 KB
26 KB 9ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dfc752f7c8eb3ebc90d53b7b40dbccf5984da0077440533e0ded2dd847ed83fa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Tue, 09 Nov 2021 13:22:34 GMT
expires: Wed, 09 Nov 2022 13:22:34 GMT
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 25669
age: 127076
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6236 0
0 59ms
59ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGPiJfWaMYY6rHIb7gQetqKiwCYiYuvBli-fEst8OmJXMtt4JEAEg56WhBWCVgoCAmAegAcPQtfwDyAEJqQKvGVtqNUSzPqgDAcgDAqoE2gFP0MRBLdryPjjFurruvaMoSrPpkOJafvjQrQORVXeTMEJTWs4p3kLu7UZ3yO98WYRxZeOK471h_UDhP1cWQ4y7AJB-BGYzWPSmPVvpGgZH1QuLeg7bM5erEDfrzMmAZlQYEr3L5rU0mGh4QHSofzcp9bU6mCaxmNWQlewu_OVujMMB9VqnYrVXGlgqWRW8bfqbN2ORKoaLFe3NPDPCvGjjAUrsaq7YiZDU0128G-5FlNVaaiVF0yrW-xJrW_9CT_9uX3fXcr1dmSCiHtIPFfEr4886gKw1l8YxLsAEltTpr80DkgUECAQYAZIFBAgFGASgBl2AB6WvygOoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBRClsr0B0ggJCIDhgBAQARhfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTc2NTIxMTA2MjE3MzA0MDkYAA&sigh=V_NLyg8VJok&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Nov 2021 00:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F7F 143 B
221 B 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 00:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/ Frame 952C 660 KB
42 KB 11ms
9ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c4e3c47ca0add4147cc8bcd28aa5ec442ffec96577d3e635b036d274489adf2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
date: Thu, 04 Nov 2021 15:47:25 GMT
expires: Fri, 04 Nov 2022 15:47:25 GMT
last-modified: Wed, 04 Aug 2021 15:13:58 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 42963
age: 550385
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame BBD3 0
0 196ms
195ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxnUEfWaMYdnVHJT57gP20LmQDJmlor9dqOGd5skO7_mt6JUOEAEg56WhBWCVgoCAmAegAaSlr8UDyAEJqQJ3wk4fqjqBPqgDAcgDAqoE3wFP0BTZjaNB5e1YLTCD8tb9z3csf0Bzw5vb8kJ-FkcOHlOxlEkkVj4nD2yOVh4X5mRjSvh67v5uLXnmvWHH4eaEn1tImLXUbBbNNEHmU-KvOeKxtrMnKWmPd-1337RydrFE95X92lvnFM4l2YJ-Vh6Iz0gFgfqzS7Iz4_YUPgw3s9n_G1g2KDTmQ5NQxVY1Ny-06JqKi9Ca3jWyEYyBm5ESBCxpQ4BeAslzfpsmi2vqTTI4yWxy5zMfp98BudS0xW-BGCA6mIL5TNiLHfzyG8r-8b8jL-Z59oe9WtMT5_vOwATLqv28kAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGa4AHxNrQOqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAfIHBBCB0mXSCAkIgOGAEBABGF-ACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItNzY1MjExMDYyMTczMDQwORgA&sigh=aYveCLYIu9g&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Nov 2021 00:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E76A 143 B
198 B 14ms
9ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 00:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D46 143 B
198 B 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1636591229&psa=0&format=300x600&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=184&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&cms=2&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=zkMzuUnMwC&p=https%3A//friv2.racing&dtd=673

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 00:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 172
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7620 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e6f7bf8af44fd843be154c4785bd65b89d34eb4d3ec92d79b0f7db5ac66c84d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 getarticleadvertimageservlet Show response
fundingchoicesmessages.google.com/f/AGSKWxV53n1OhleBpJwWIwLdJw_womZepos0oucjUr0UZy-ztR-VSFcmA3JZ9EZ-dgJX4OnE7zYc4QkJv7g-hUCgRmjHJiF2EvyR4QcdK6dlT_A2VJ-iUKCQ6HMxpRDqi7vYmRw2YaoPAbxLCVMBZTVRqwuqznm7L... 54 B
465 B 20ms
19ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxV53n1OhleBpJwWIwLdJw_womZepos0oucjUr0UZy-ztR-VSFcmA3JZ9EZ-dgJX4OnE7zYc4QkJv7g-hUCgRmjHJiF2EvyR4QcdK6dlT_A2VJ-iUKCQ6HMxpRDqi7vYmRw2YaoPAbxLCVMBZTVRqwuqznm7LLlEkJGwL-Na7VOi6NAQ8Tqb5rTFtszamil7lUpz19yn07SZ0mbojwoMJtW1-uFveuCpKNSyRio2f4sMK0w=/_-floorboard-ads//getarticleadvertimageservlet?/adserv__googleads_/adsyndication.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50b8d3f38e8ba60f76fa2b5e51b9fe83bfa842037ae1746be79b7f254d4d2cd1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e7UurSOGl6DTUA2yrq8BGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-e7UurSOGl6DTUA2yrq8BGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-e7UurSOGl6DTUA2yrq8BGA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-e7UurSOGl6DTUA2yrq8BGA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4193c1df5b6fb199d0db4071c5a5e16ac3920378e23ab7c48a9a4b787e7d5068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51401
x-xss-protection: 0
server: cafe
etag: 2322517751565054405
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 00:40:31 GMT

POST
H2 204 AGSKWxXesI9OertumHYcE5uhrSRXVj4WHXNxd9ozbn0CgNyEdwrzrnmq-nmIiZDrCfZ7tTEygDC3Nf9NBQU9HLfsw_A8VKtlpO1rucRE7Yr4uNtv_CkwCkZhtf0ghJQHrAfUGDwmER-VWA7uT5EYzQ2k-JLVpCJNxluxIv0EHSNeVS8EJ4WES0Fmv9Eay9ou Show response
fundingchoicesmessages.google.com/el/ 0
362 B 22ms
21ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXesI9OertumHYcE5uhrSRXVj4WHXNxd9ozbn0CgNyEdwrzrnmq-nmIiZDrCfZ7tTEygDC3Nf9NBQU9HLfsw_A8VKtlpO1rucRE7Yr4uNtv_CkwCkZhtf0ghJQHrAfUGDwmER-VWA7uT5EYzQ2k-JLVpCJNxluxIv0EHSNeVS8EJ4WES0Fmv9Eay9ou

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3CONO5QwiDvSqC95/3mt1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3CONO5QwiDvSqC95/3mt1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-3CONO5QwiDvSqC95/3mt1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-3CONO5QwiDvSqC95/3mt1A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/ 147 KB
52 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111090101/reactive_library_fy2019.js?bust=31063690

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f4583be5940babb3b8ff087cf3d164ccf33a2351cace38b94190ac910491698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53471
x-xss-protection: 0
server: cafe
etag: 2442323257297792766
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Nov 2021 00:40:31 GMT

GET
DATA 200
OK truncated
/ Frame 6236 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5686e72d69cd9fe0f4a53f31e84df73110b962f0719bb09e3d4251ad02a2e53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BBD3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e80c87c1f9542ee9190550bfc82c73fb53b32c7a45e9b68f4ed50a3e228e22bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0531 16 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:54:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Nov 2021 03:54:54 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 0531 26 KB
10 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Nov 2021 00:06:00 GMT

POST
H2 204 AGSKWxXesI9OertumHYcE5uhrSRXVj4WHXNxd9ozbn0CgNyEdwrzrnmq-nmIiZDrCfZ7tTEygDC3Nf9NBQU9HLfsw_A8VKtlpO1rucRE7Yr4uNtv_CkwCkZhtf0ghJQHrAfUGDwmER-VWA7uT5EYzQ2k-JLVpCJNxluxIv0EHSNeVS8EJ4WES0Fmv9Eay9ou Show response
fundingchoicesmessages.google.com/el/ 0
362 B 24ms
24ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-sQDFvzuOIRPCT2mLg0auuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sQDFvzuOIRPCT2mLg0auuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-sQDFvzuOIRPCT2mLg0auuQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-sQDFvzuOIRPCT2mLg0auuQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3F7F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

30ms
30ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1636591229&psa=0&format=970x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=7&bdt=266&idt=100&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&correlator=1266827233930&frm=20&pv=2&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=AhERmBQYvb&p=https%3A//friv2.racing&dtd=664

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E76A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
135 B

40ms
40ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?us_privacy=1---&client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1636591229&psa=0&format=728x90&url=https%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636591228382&bpp=1&bdt=266&idt=174&shv=r20211108&mjsv=m202111090101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=1266827233930&frm=20&pv=1&ga_vid=1135037187.1636591228&ga_sid=1636591229&ga_hid=1227543522&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=262&ady=1101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063686%2C31063690%2C31063246&oid=2&pvsid=2010876455788694&pem=659&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Yjw2GgJEBy&p=https%3A//friv2.racing&dtd=668

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0D46
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
144 B

61ms
60ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:31 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:31 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 AGSKWxXesI9OertumHYcE5uhrSRXVj4WHXNxd9ozbn0CgNyEdwrzrnmq-nmIiZDrCfZ7tTEygDC3Nf9NBQU9HLfsw_A8VKtlpO1rucRE7Yr4uNtv_CkwCkZhtf0ghJQHrAfUGDwmER-VWA7uT5EYzQ2k-JLVpCJNxluxIv0EHSNeVS8EJ4WES0Fmv9Eay9ou Show response
fundingchoicesmessages.google.com/el/ 0
530 B 21ms
21ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DnWUne6meDCjTCXeJhDo/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DnWUne6meDCjTCXeJhDo/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorLoggingHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DnWUne6meDCjTCXeJhDo/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DnWUne6meDCjTCXeJhDo/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVE2_j2g4IwxAx3I95ETA5h0Ab1-hFS-O5iVQ4Q1RPBZwR70ZLEF2ekKP5QCE8EABMf8Iy9GPQNI5Tvy-lh_BQwi17vLVaVvwlTOGRIuLEJ4gqCAV2fS59Hj6JhtT5QJtn8aAWNJU9GKZvX3Cs5-b7uLSsqLozbqcYs156Lly2V2LwaFdxQTrRWkGxP Show response
fundingchoicesmessages.google.com/f/ 40 KB
15 KB 37ms
37ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVE2_j2g4IwxAx3I95ETA5h0Ab1-hFS-O5iVQ4Q1RPBZwR70ZLEF2ekKP5QCE8EABMf8Iy9GPQNI5Tvy-lh_BQwi17vLVaVvwlTOGRIuLEJ4gqCAV2fS59Hj6JhtT5QJtn8aAWNJU9GKZvX3Cs5-b7uLSsqLozbqcYs156Lly2V2LwaFdxQTrRWkGxP?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2NTkxMjMwLDg4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsMTAsNl1dLCJodHRwczovL2ZyaXYyLnJhY2luZy9zcXVpZC1nYW1lLW9ubGluZS5odG1sIixudWxsLFtdXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

065c81c3dff36938ce8daeb07a5da49bd1f2e0c8c35121a3cca561d5bc156253

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-26Otz1Wn0w/fHfxSfoGDPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-26Otz1Wn0w/fHfxSfoGDPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-26Otz1Wn0w/fHfxSfoGDPg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-26Otz1Wn0w/fHfxSfoGDPg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxXesI9OertumHYcE5uhrSRXVj4WHXNxd9ozbn0CgNyEdwrzrnmq-nmIiZDrCfZ7tTEygDC3Nf9NBQU9HLfsw_A8VKtlpO1rucRE7Yr4uNtv_CkwCkZhtf0ghJQHrAfUGDwmER-VWA7uT5EYzQ2k-JLVpCJNxluxIv0EHSNeVS8EJ4WES0Fmv9Eay9ou Show response
fundingchoicesmessages.google.com/el/ 0
365 B 53ms
52ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.Do5ZxN43cNw.es5.O/d=1/rs=AJlcJMznfj7ct5acaXsARwWGg9sqfW2OYQ/m=detection

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JQ/GdLSvVj0P9IjRC1FkAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JQ/GdLSvVj0P9IjRC1FkAA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JQ/GdLSvVj0P9IjRC1FkAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-JQ/GdLSvVj0P9IjRC1FkAA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
18ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/ Frame 0ED3 11 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 10 Nov 2021 19:23:36 GMT
expires: Wed, 24 Nov 2021 19:23:36 GMT
content-type: text/html; charset=UTF-8
etag: 4704609575283140419
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4891
x-xss-protection: 0
age: 19015
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/ Frame F74E 11 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 10 Nov 2021 19:23:36 GMT
expires: Wed, 24 Nov 2021 19:23:36 GMT
content-type: text/html; charset=UTF-8
etag: 4704609575283140419
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4891
x-xss-protection: 0
age: 19015
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A988 35 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 16:12:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 952C 1 KB
931 B 42ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

22e0ae93409ea0908c291d0644309c501bd828df32d9279b98d6df4417c883c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 00:14:39 GMT
server: ESF
date: Thu, 11 Nov 2021 00:40:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 00:40:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 0ED3 4 KB
706 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 00:00:51 GMT
server: ESF
date: Thu, 11 Nov 2021 00:40:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 00:40:31 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0ED3 205 B
295 B 48ms
14ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 17:19:15 GMT
x-content-type-options: nosniff
age: 26476
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Nov 2022 17:19:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0ED3 604 B
918 B 46ms
13ms Image
image/png 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 22:11:31 GMT
x-content-type-options: nosniff
age: 8940
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 10 Nov 2022 22:11:31 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame 0ED3 18 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad286edc01d412b681126058e8943593d32b62b8dbacd2c901d9ee02cc2653b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 22:12:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8874
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8114
x-xss-protection: 0
server: cafe
etag: 920690405916455778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 22:12:37 GMT

GET
H2 200 41da6f2331623d3b8845889ffd3555e0.js Show response
www.gstatic.com/mysidia/ Frame F74E 8 KB
3 KB 38ms
10ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/41da6f2331623d3b8845889ffd3555e0.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3349
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:45 GMT

GET
H2 200 14124406fad786a642fdcdf0d5e513a8.js Show response
www.gstatic.com/mysidia/ Frame F74E 8 KB
4 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/14124406fad786a642fdcdf0d5e513a8.js?tag=text/vanilla_highlight

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82892a54c4d7dbea6d54652b28a2b6d9e96844970239dfe0147356409917c136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3767
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:45 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F74E 3 KB
651 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 23:58:53 GMT
server: ESF
date: Thu, 11 Nov 2021 00:40:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 00:40:31 GMT

GET
H2 200 delayed_impression_vu_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/impression/ Frame F74E 16 KB
7 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/impression/delayed_impression_vu_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7822a96aa7f1efc7a73aa0136abe2dcd1537e2fec5164aa814a38e8ba4440d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 20:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15801
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7150
x-xss-protection: 0
server: cafe
etag: 4576762370341825750
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 20:17:10 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame F74E 1 KB
963 B 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3617
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:40:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame F74E 19 KB
8 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:47:21 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame F74E 2 KB
1 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 00:19:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F74E 119 KB
36 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 00:40:31 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame F74E 15 KB
6 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2931
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:51:40 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame F74E 27 KB
11 KB 36ms
12ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:46 GMT

GET
H2 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 952C 16 KB
6 KB 19ms
17ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 03:54:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Nov 2021 03:54:54 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 952C 26 KB
10 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:06:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2071
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Nov 2021 00:06:00 GMT

POST
H2 204 AGSKWxXCs9702JfNckWFjhVGEZ5sZfrYo3uxL-Y7a7-XKlXm3tJ-FGaAUfqK5PxiuTAwpH_wVR2bOMhgmSrpjtEuK8-xn5UKY3T7pGmYrgL7BRHb-vw9gCzaEYTuWtpkQXUVbL9hRaRakKfUz3f8SCbEpjABnfVnhFaHNT7F3iZ3ixFVvwrRCVuE0c5yejMU Show response
fundingchoicesmessages.google.com/el/ 0
362 B 27ms
27ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxXCs9702JfNckWFjhVGEZ5sZfrYo3uxL-Y7a7-XKlXm3tJ-FGaAUfqK5PxiuTAwpH_wVR2bOMhgmSrpjtEuK8-xn5UKY3T7pGmYrgL7BRHb-vw9gCzaEYTuWtpkQXUVbL9hRaRakKfUz3f8SCbEpjABnfVnhFaHNT7F3iZ3ixFVvwrRCVuE0c5yejMU

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.4_eSLMG69gw.es5.O/d=1/rs=AJlcJMy__p4lgfogfKaAOLmG99Ewbs4Nxg/m=cookie_refresh

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MaNa/7tVglQ9CAHQRgIUhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MaNa/7tVglQ9CAHQRgIUhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://friv2.racing/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 11 Nov 2021 00:40:31 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://friv2.racing
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-MaNa/7tVglQ9CAHQRgIUhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-MaNa/7tVglQ9CAHQRgIUhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 7 KB
3 KB 20ms
19ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Logo.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d0bd12db046e2bacf04d499428a48266a64db696ea400c2fa316b3c22f80ce7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 523716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3060
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Thu, 04 Nov 2021 23:11:55 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 23:11:55 GMT

GET
H2 200 Button.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 6 KB
2 KB 19ms
18ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Button.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9942ca8ac2c3fa19b7f8e43e8dca588c67e62a98d3c594ad48856a71aa0a858c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 127076
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2000
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Tue, 09 Nov 2021 13:22:35 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 13:22:35 GMT

GET
H2 200 Element_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 12 KB
4 KB 32ms
32ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Element_3.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22b733329b495cefdd8fd3c3d50f595e02cede8194a18d6383a4f7ab8d0b1d2c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 178703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4137
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Mon, 08 Nov 2021 23:02:08 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:02:08 GMT

GET
H2 200 Typo_3.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 12 KB
5 KB 24ms
24ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Typo_3.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ddd77cc41840cf3d5a8954d0c020d85dbf21dd38d173d1aa0b673a1bf0fd09c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 523716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4596
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Thu, 04 Nov 2021 23:11:55 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 23:11:55 GMT

GET
H2 200 Typo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 13 KB
5 KB 29ms
28ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Typo.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7856db2d13b9512509920ac6c93bc002e4286a82d3ee67cf55cd9142049ea838

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 523716
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4546
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Thu, 04 Nov 2021 23:11:55 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 23:11:55 GMT

GET
H2 200 Auto.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 10 KB
4 KB 30ms
29ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Auto.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba4979c352384ce17af97af31451d3d181c46c99de4483a400227d40e909a3ad

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 178703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3536
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Mon, 08 Nov 2021 23:02:08 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:02:08 GMT

GET
H2 200 Strasse.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 2 KB
1 KB 32ms
31ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Strasse.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4a4e3fb026d44c8a39e4f33f441a8046cc5ab822e86558889274f4cbbe61178

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 505047
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1036
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Fri, 05 Nov 2021 04:23:04 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 04:23:04 GMT

GET
H2 200 Skyline.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 40 KB
7 KB 24ms
23ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Skyline.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e7fabaaa3d13c7eceee2291f67cc3855e589b4705955d72782270fd79010b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 127076
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Tue, 09 Nov 2021 13:22:35 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 09 Nov 2022 13:22:35 GMT

GET
H2 200 Hintergrund.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/ Frame 0531 45 KB
6 KB 25ms
24ms Image
image/svg+xml 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5132579750669189120/AD_KFZ1_211018_mf_07/Hintergrund.svg

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d043ad1f4fd5c41b1297c084d3545d4ee1ce5c2a2a6d87de9f4ee6b089638e1a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 178703
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6357
x-xss-protection: 0
last-modified: Tue, 19 Oct 2021 07:55:24 GMT
server: sffe
date: Mon, 08 Nov 2021 23:02:08 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 08 Nov 2022 23:02:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 78E3 3 KB
674 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 23:58:10 GMT
server: ESF
date: Thu, 11 Nov 2021 00:40:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Nov 2021 00:40:32 GMT

GET
H2 200 delayed_impression_vu_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/impression/ Frame 78E3 16 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/impression/delayed_impression_vu_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7822a96aa7f1efc7a73aa0136abe2dcd1537e2fec5164aa814a38e8ba4440d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 20:17:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15802
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7150
x-xss-protection: 0
server: cafe
etag: 4576762370341825750
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 20:17:10 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 78E3 1 KB
931 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:40:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3618
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:40:14 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame 78E3 19 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:47:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:47:21 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 78E3 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1287
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Nov 2021 00:19:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 78E3 119 KB
36 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Nov 2021 00:40:32 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame 78E3 15 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 23:51:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Nov 2021 23:51:40 GMT

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame 78E3 27 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57406
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:46 GMT

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v13/ Frame 952C 20 KB
21 KB 39ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 17:36:08 GMT
x-content-type-options: nosniff
age: 543864
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20416
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 17:36:08 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7620 42 B
497 B 65ms
44ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsspSR5Mqyyw01Nbwg2hDn4Zc6X_h_syyAE47-4Leed6mKfw6HB6ysD4TDrWGfZP5Z7IycDkHoOT9k-coGzfVBFU5VumTKWoM6KucF52N88TZ3MVS8dqwg&sai=AMfl-YTnNzNaMuai37mGcsKwhSYJ4B9Z3GvxNnK3wIqh7ycjqukqV6PMf8jiR_Z-WbwSbdK0Jm12sLVsFs-1&sig=Cg0ArKJSzEnLhhHO67z1EAE&id=lidar2&mcvt=1080&p=0,0,600,300&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=2305757582&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636591229056&rpt=1467&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sprite.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/ Frame 952C 87 KB
88 KB 19ms
18ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/sprite.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9148009138863734784/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ee1a9b8ae85450c52aae535356180acf79fd9a8e54cc97c4a8e26312ea6ffb2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 533281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89571
x-xss-protection: 0
last-modified: Wed, 04 Aug 2021 15:13:58 GMT
server: sffe
date: Thu, 04 Nov 2021 20:32:31 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Nov 2022 20:32:31 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0303 143 B
202 B 7ms
7ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Nov 2021 00:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame F74E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe9f3d79b36ff972db80f06645f39969a475d95aec898d2c15dcb5fd1e16ae90

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BBD3 42 B
108 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufAczori8iiZnPfQJldBiUJRNMd86l43MnFyjpf6ifYihvRsLTkkQ9SEhWEvRR1p5_PJ7tAB0Vy6XyBMYMoKQsRN-PTKtdsJKthEMC633SjQBNMSYj0w&sai=AMfl-YQIJgsQxtjXMY39rDGtVycUUuXacIZfSQ9m9fOGIKoaVxfM1iA4i7_hOYZIAqV2PzC8hvIOEc3k1eH8&sig=Cg0ArKJSzCYB48ER1gNDEAE&id=lidar2&mcvt=1066&p=0,0,90,728&mtos=1066,1066,1066,1066,1066&tos=1066,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2133039087&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636591229052&rpt=1597&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6236 42 B
108 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm9iOmrHxHZXWiNpaY3Bl_Sd_nuONIANDp5tkCNshJpR0USlYV4g4rLq9V3GO5MtLJ0JaIbfclZldUGnjKDF5-NdRY2-DMV7OXDJ_Y3XwLbN73iwZFpg&sai=AMfl-YR8VBv-qiL9JpczUZMVc05kcFm9B88kGD2zzc_uySloySYJ5BjPv3DcP2hb4dAAxL0fU5Yn92Rocng1&sig=Cg0ArKJSzNMRAVSj2JWAEAE&id=lidar2&mcvt=1067&p=0,0,90,970&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=2990650949&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636591229047&rpt=1585&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 7EDF 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 16:12:24 GMT

GET
H2

200

B26673919.317560430;dc_pre=CJmAtriJj_QCFVHrEQgdNisJcQ;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/ Frame F74E
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/B26673919.317560430;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf...
https://ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/B26673919.317560430;dc_pre=CJmAtriJj_QCFVHrEQgdNisJcQ;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;ta...

42 B
118 B

26ms
26ms

Image
image/gif

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/B26673919.317560430;dc_pre=CJmAtriJj_QCFVHrEQgdNisJcQ;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2

Protocol

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:32 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N1556436.3694615ADWORDS-GDN/B26673919.317560430;dc_pre=CJmAtriJj_QCFVHrEQgdNisJcQ;dc_trk_aid=510115142;dc_trk_cid=159937969;ord=213795265;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?&cbvp=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F74E 0
54 B 48ms
47ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CH5v4fWaMYfSbHceN7gOx6K2oBK756JlmvZrAxNgOwI23ARABIOeloQVglYKAgJgHoAHOo9j-AcgBAagDAcgDywSqBNYBT9B9P2LYFGn3RXillUQ9ANNz65tMN87rk3Wvtx0cjnSmcK3L08U8Xj7_zPJVIc5397qDokLyTBjUMqWiWUHejl7BJrviHjSxFEW7vIsh8yDuTXfosKJuYjRyGvEUkY6SlMFSUVeMlhJsOpQIrNanIK2yYeV8xXOCSj54NZfq-KfXdcBoavWqGGTupptpxpjNQrGTKU77fT5lB7Dv9ded3qknc-eVFhOftpjNqnuR4MPMjqvWW2yUHul860hjxGychpGlvIHbXX5HIKuK3BSVHiFqnHRErcAE9rSQ8uIDgAea3KeBAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJW5N9IICQiA4YAQEAEYX4AKAcgLAdgTA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi03NjUyMTEwNjIxNzMwNDA5GAA&sigh=ZdbR3FFFElQ&uach_m=[UACH]&cbvp=2&vis=1

Requested by

Host: friv2.racing
URL: https://friv2.racing/squid-game-online.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Nov 2021 00:40:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame 6A0A 0
3 KB 45ms
28ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df546b426024%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff295b6956d4b04c%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=03a1bef4cf85d5c77a9356dc1f91b66f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: tjpgHjFs3kGdilt0uuJ/iMPaaAIvpJ9JObLcqlA6nkE7p4Ac2oPD9GqcckNYb25GqBZUTluMGYjjBgl9e7y+Jw==
content-length: 0
date: Thu, 11 Nov 2021 00:40:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 comments.php
www.facebook.com/v2.8/plugins/ Frame 02B9 0
0 49ms
33ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df310329f46e0d48%26domain%3Dfriv2.racing%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ffriv2.racing%252Ff295b6956d4b04c%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fsquid-game-online.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=03a1bef4cf85d5c77a9356dc1f91b66f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com .vrich619.com .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net cx.atdmt.com www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com ad.atdmt.com data: www.instagram.com *.vrich619.com *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: d87nRTawyP07uc2imvO5djKJ0y5gooG3RiloebKjYcb7BBkKtlw/fAAoxZ4DFHVIyzINnymG8rNoGc2dlDUBRw==
content-length: 0
date: Thu, 11 Nov 2021 00:40:32 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 18ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211108&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc8818a7b333cd78128ddc412fe5cdbb27ee7acc82ca4a3cb686dcb018073a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9104
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 952C 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 14696021525347296162_4592859692548837531.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 7 KB
8 KB 45ms
8ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/14696021525347296162_4592859692548837531.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca989c3d45e0a0d4093a3fda467bad4f16fff9207a790895731da1cd99412d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:00:50 GMT
x-content-type-options: nosniff
age: 63582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 15:11:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 07:00:50 GMT

GET
H2 200 11631560529291161341_15573949333364182738.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 10 KB
10 KB 49ms
13ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/11631560529291161341_15573949333364182738.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c4dadb22fb073f7a1a8a75d01bf385c40261b0036b7940948bacc606877719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:57:11 GMT
x-content-type-options: nosniff
age: 575001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10372
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 15:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 08:57:11 GMT

GET
H2 200 8717372094769645583_1803677304059493615.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 18 KB
18 KB 51ms
15ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/8717372094769645583_1803677304059493615.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f795d42dd4aa37955e391526cd3e0e69e3d387e8f77e7e8a2ee9ed4529d215b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:12:40 GMT
x-content-type-options: nosniff
age: 185272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18165
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 20:33:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 21:12:40 GMT

GET
H2 200 16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 5 KB
5 KB 45ms
9ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:16:42 GMT
x-content-type-options: nosniff
age: 577430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5025
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 08:16:42 GMT

GET
H2 200 13911327140193796911_3987520054666488292.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 9 KB
9 KB 50ms
14ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/13911327140193796911_3987520054666488292.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc43dede6f0925b41f9d936148653ecba57505049abca867ba3d6a58f09cab05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 11:18:25 GMT
x-content-type-options: nosniff
age: 307327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 16:04:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 11:18:25 GMT

GET
H2 200 12407430278564887901_1697777050336446539.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 12 KB
12 KB 47ms
11ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/12407430278564887901_1697777050336446539.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 11:18:02 GMT
x-content-type-options: nosniff
age: 307350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12497
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 19:25:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 11:18:02 GMT

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 0303
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
167 B

35ms
35ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Nov 2021 00:40:32 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Nov 2021 00:40:32 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame F9F4 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30488
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 16:12:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 11 Nov 2021 00:40:32 GMT

GET
H2 200 16928933512071875018_10649201908143228687.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 5 KB
5 KB 312ms
10ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/16928933512071875018_10649201908143228687.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:16:42 GMT
x-content-type-options: nosniff
age: 577430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5025
x-xss-protection: 0
last-modified: Tue, 15 Jun 2021 19:02:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 08:16:42 GMT

GET
H2 200 14696021525347296162_4592859692548837531.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 7 KB
7 KB 312ms
10ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/14696021525347296162_4592859692548837531.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dca989c3d45e0a0d4093a3fda467bad4f16fff9207a790895731da1cd99412d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 07:00:50 GMT
x-content-type-options: nosniff
age: 63582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7444
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 15:11:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 07:00:50 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3E0C 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 10 Nov 2021 19:36:51 GMT
expires: Thu, 10 Nov 2022 19:36:51 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 18222
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FB6E 783 B
1002 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1b4389e6fe009544af948c8bdbb8175c099a42cb4f344f1aa728085c471d926b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kkWFs4QJ0sydajWwB10WRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 11 Nov 2021 00:40:33 GMT
date: Thu, 11 Nov 2021 00:40:33 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-kkWFs4QJ0sydajWwB10WRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 12407430278564887901_1697777050336446539.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 12 KB
12 KB 207ms
13ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/12407430278564887901_1697777050336446539.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 11:18:02 GMT
x-content-type-options: nosniff
age: 307350
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12497
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 19:25:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 11:18:02 GMT

GET
H2 200 13911327140193796911_3987520054666488292.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 9 KB
9 KB 206ms
13ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/13911327140193796911_3987520054666488292.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc43dede6f0925b41f9d936148653ecba57505049abca867ba3d6a58f09cab05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 11:18:25 GMT
x-content-type-options: nosniff
age: 307327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
last-modified: Wed, 23 Sep 2020 16:04:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 07 Nov 2022 11:18:25 GMT

GET
H2 200 8717372094769645583_1803677304059493615.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 18 KB
18 KB 205ms
12ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/8717372094769645583_1803677304059493615.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f795d42dd4aa37955e391526cd3e0e69e3d387e8f77e7e8a2ee9ed4529d215b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:12:40 GMT
x-content-type-options: nosniff
age: 185272
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18165
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 20:33:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 21:12:40 GMT

GET
H2 200 11631560529291161341_15573949333364182738.jpeg
static.doubleclick.net/dynamic/5/83933682/ Frame 952C 10 KB
10 KB 203ms
11ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/83933682/11631560529291161341_15573949333364182738.jpeg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44c4dadb22fb073f7a1a8a75d01bf385c40261b0036b7940948bacc606877719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:57:11 GMT
x-content-type-options: nosniff
age: 575001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10372
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 15:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 08:57:11 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FB6E 0
0 47ms
47ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211108&jk=2010876455788694&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E0C 35 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6JxZOoUR1o3jKlvIC1xEK4PVT34jONQGt3Oa0a98nkQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 16:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13451
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Nov 2022 16:12:24 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame F74E 0
0 43ms
43ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZweRfWaMYfSbHceN7gOx6K2oBK756JlmvZrAxNgOwI23ARABIOeloQVglYKAgJgHoAHOo9j-AcgBAagDAaoE1gFP0H0_YtgUafdFeKWVRD0A03Prm0w3zuuTda-3HRyOdKZwrcvTxTxePv_M8lUhznf3uoOiQvJMGNQypaJZQd6OXsEmu-IeNLEURbu8iyHzIO5Nd-iwom5iNHIa8RSRjpKUwVJRV4yWEmw6lAis1qcgrbJh5XzFc4JKPng1l-r4p9d1wGhq9aoYZO6mm2nGmM1CsZMpTvt9PmUHsO_1153eqSdz55UWE5-2mM2qe5Hgw8yOq9ZbbJQe6XzrSGPEbJyGkaW8gdtdfkcgq4rcFJUeIWqcdEStwAT2tJDy4gOAB5rcp4ECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQlbk30ggJCIDhgBAQARhfgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTc2NTIxMTA2MjE3MzA0MDkYAA&sigh=NtTdW2q7Z2E&vt=1&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Nov 2021 00:40:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F74E 42 B
108 B 43ms
42ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMmxIdqxGmfNF_bWUuUZ5fsE7fEhgYBMoiJ62meIqzqTt4wGP4ckHFl2YrTuUpIDimIMtFFqU1KkgmqF5JJYxGWuoZJYKVy298yfc5Teb_theWXR7PJg&sai=AMfl-YSD37IpiDsV_lseAWS-6s4ZtwJTk0hEssZC5xgQimqyGYQJXsAWISJ99ycAfdhFAzw1NROrna_OSifQ&sig=Cg0ArKJSzEQIwtuh7eGOEAE&id=lidar2&mcvt=1068&p=0,0,124,1005&mtos=842,1068,1068,1068,1068&tos=842,226,0,0,0&v=20211110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=84980951&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&pay=1&rst=1636591230909&rpt=1106&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211108&jk=2010876455788694&bg=!HR6lHlrNAAYDGbPvAxk7ACkAdvg8Whn6Isj4Np94wzcyu-u-SqLpTcVxpXs-nQ3d4ehAapWfngMfqQIAAANUUgAAAJ9oAQcKAFQZSrJoriD0W6xLFQrzkuk5OImFHZE29zQqbYWk6pyogwTcieJSxMKwHxGeIJfssrpqhlQyWathzVho8b7TRDijG64gi6IqvdG3dnL-8fZ3YeLSpbuZAqwwF59vDJ_rumddbeGVwtTYHa3vWZtp1oWm2TxXC5ME3FXOG04raTJCUw39-46UwZT3Ptq5xYU_fXChVabosw0Yov0nueVPXlxdY57VwElpfFtTh-QWrr4b3bQrkQsdCeV7rEHVaAVQgbIgaa_a9Een22-UV-gZ3LESJv6C9ocsYFjk9HSJkyVtkwYA8qZVyIVibtEVVjU-VBOBj-1hvW1nklnjd-pTvqPHg3Kd-eoZhQkIX4t8K5QpH72QR78fb3tEiNzKsIFUJ280DI9j3_VivGrsIs2n00BP3Bz_UlsTRuoDGq74p4MkJg7MgtDAUMKIEyNwRawpWB4vCd1aRhIAx4YzNOe_EHnUKsomwb4rAvPWCzPE7shTVO2h0hifbkFfFIIozXL929VK4iVQfVvqaORQOzkZry--2MxdDW3DNdxlV0HHomFNLdaJ1i7a8yo6OAq-zCFBstlQBehkloupboEOgryPsBIbX-pqsJzkI704da7uCx95LP26KeDIj01MXT7VPl0hLHoVhyOT9DyWKMv44OAvE3DgMlfDAWJmkTQrwqPpWMLuuhQCi_ajLHw6ZQcCILHOxjclgZJFvVbQjInrIwZ2Q0G2hEExtPx6KkAqxZnq19uYMaDUzs66Xy5lexF1T2GpXesOBl9UvGThQvCUzJgEmXZ-T-J2ohmI0svbeIUp4mAWQaAKpnlbtPOmMVpoXJZIKj7BhnisXqB3S9yu22mhzFdLH2pEbPnigSdXLiQ4npS_C_545ateCtZmPY1bFXWxRPH7vovAcfyq3IRh5MCYCR9gL3QXYci5APB6Oc-uGx43lhLiShDTUHTT_PAF9KbYWZtLUv29qhW1cU0jAUuAAfx9vksxgDT9LIPyojYobYdWwnjR3miKW5idbGgOj87-qOcLbc4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://friv2.racing/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Nov 2021 00:40:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 07:21:54	Name: FTID Value: 1XZ6Py3d388C1XZ6Py000Q-5
.friv2.racing/	1970-01-20 16:07:43	Name: _ga Value: GA1.2.1135037187.1636591228
.friv2.racing/	1970-01-19 22:37:57	Name: _gid Value: GA1.2.2075293163.1636591228
.friv2.racing/	1970-01-19 22:36:31	Name: _gat_gtag_UA_97003001_1 Value: 1
.yadro.ru/	1970-01-20 07:21:54	Name: VID Value: 3Hmu5g35UPOC1XZ6Py000R0j
.friv2.racing/	1970-01-20 07:58:07	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1636591229010],null,null,null,[]]
.friv2.racing/	1970-01-20 07:58:07	Name: __gads Value: ID=6ac095c28881a56a-2202b7f34dcb0039:T=1636591229:RT=1636591229:S=ALNI_Masu4ZuGdjGM4IgZzr9uPOOfhMWKQ
.doubleclick.net/	1970-01-20 07:58:07	Name: IDE Value: AHWqTUkI50zMlsy02sHvcKi89i9D7Ky2dHdJAlOkralPHQNP6qXP-P28q2H6YurgP4M
.doubleclick.net/	1970-01-19 22:36:34	Name: DSID Value: NO_DATA
.friv2.racing/	1970-01-20 07:22:07	Name: FCNEC Value: [["AKsRol82tc-LCgw2Fvvy-ymrTq99mnk3-zfawq1DX4rC0V4J-FSnaN6PONQMGitPtFOWXwCunVfK2an47O9_2UMlGmyfG2qVkfHM7vG_5FpOs5yfrzaoP5YFH3WgV0kYYqGP5Ell2Op9IoDNcWZWbQus_QLyuSSK2g=="],null,[]]

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://html5.gamemonetize.com/j4drf322s2noxvmrvou4ed4j7a0h2ugv/(Line 6) Message: Blocked autofocusing on a <input> element in a cross-origin subframe.
other	warning	URL: https://assets.jetticdn.com/squidgame/js/all-70cd5a76f9.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20211108/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=84980951&client=ca-pub-7652110621730409&fa=1&ifi=6&uci=a!6&btvi=1 Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.cloudflare.com
api.gamemonetize.com
assets.jetticdn.com
backend.jettigames.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
counter.yadro.ru
fonts.googleapis.com
fonts.gstatic.com
friv2.racing
fundingchoicesmessages.google.com
gamemonetize.com
googleads.g.doubleclick.net
html5.gamemonetize.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.130
142.250.186.38
167.172.13.198
188.166.128.113
2606:4700:20::ac43:4702
2606:4700:3032::6815:312a
2606:4700::6810:125e
2606:4700::6810:5914
2606:4700::6811:490e
2a00:1450:4001:801::2003
2a00:1450:4001:803::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2006
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2006
2a00:1450:400c:c02::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
88.212.201.216
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
04b7fef7ae8db477e14056c72bafece963d0a73d33de81dcff77edf206b74367
065c81c3dff36938ce8daeb07a5da49bd1f2e0c8c35121a3cca561d5bc156253
07d3c359ee4dfb9e415e8394c3c0052168e17ac610ed1d5dfc7a633dd85a78ce
0a81a5e22b5cb9dffce12122df1d1de2612fc4962d11cd6188fbadf6ae3b01ac
0b0dc2599732a9496959c8d511509a55806bbad51167078555d49db41b7a999a
0ee978734f5c76b58a5d5b5a9653f1179e7c970c4cc020bc75725d6743d55b9e
1143d0629c77a82e51860e70498614633f233467d2b3f8d9aab155866df0570a
1471d2ea98647382600146360be578763684e61b589a76895d3afe847d88a52b
16653dc16da2f67ccbb7f71933b290736c7efc35e2d08327489ec09295ffd007
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18fa383ca7b0d6ae6aa596c57833c8c06b4cf7c6455048165b70eba142130a03
1a0913922f860052b6b99f7beef92d572754f865a42cc164a339f69870f8e183
1a2b89d2e740488f2ac7995cccf9287662e3e83231afb3ec6c329ce42c3adf1f
1b4389e6fe009544af948c8bdbb8175c099a42cb4f344f1aa728085c471d926b
1b61206ca8f2dee029bdf11949a8953aee7479479feabdfa8a80742dfa9a0bf7
1e8123214594971475f38fdf614604b261b8da6e3a483ea56f11572b5877be9b
208add5a5db5500e31a3be681a36e8f60ff36d819de9152188f14853dd4253cd
22b733329b495cefdd8fd3c3d50f595e02cede8194a18d6383a4f7ab8d0b1d2c
22dce523adc2d1db663608abe419441635a27262c8cfa9d019f234a2ec60f694
22e0ae93409ea0908c291d0644309c501bd828df32d9279b98d6df4417c883c0
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27bbce805c2c61aab7e90d5a59180cda702e1b002bd739abdbe56aa9473aeb71
27d80bdc9da46e8118e9380fd7f7a558ffc6cff5ba909882925b0c3087468602
29a6238dac6868a23482b0d3b4707c08e17895e92fc5d487012766be02fea712
2a176a0442b25e0a0bf4687552431aa639c95088c510f4bd012c0b6065237c9b
2aa37149dc391c910ae9f47247fccab53c3a18bde6a244b7c4548556592fd47e
2c35ff6c27c50a68d993f43404a00ecf6591fc86f66fd0c00ded254fcff70c48
2e2f3843c4e6e8239cc209544ece9f653a6af137c16654ace78b2b08c6a00b92
3030d060903c587fa12517f8aea1dee90a991276c8358f19ee20aaa2435da425
32115ecb0a3904d0833e04719228424a2d8db612d204f4e69507a582aa603c93
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
35f420911e15e0dcade2d82029717124f6f8263456f3d2686576c5cb364c7d69
377b5c18bfa8604e81a30e41d792da7f6238fa25f0a6a1bf2bbc36d0c6c75bcc
38b09561f7d53a5b6507465e059bf853156b8ea93d249d1221ea72d676b5e45f
3a0b8156ca6ec5a2dfdeedb23ad098df650c09942ccad62ab608544f846bfb96
3cb70a2e9817b7831a17b77189a794c3af0d4adc7b6f7c3115acc63679219ff4
3cefc7a4aee10abd282d2c158efe45d62cbbfe6a130286b4076cc7adca59e17b
3d65d7e722a134c222a469515c91a0716ce3ac64014410e20739a1721519d959
3e2519e4eeded968669e947a787db9b5ab71cd482dae6060208fce5cffe99ad4
3e6f7bf8af44fd843be154c4785bd65b89d34eb4d3ec92d79b0f7db5ac66c84d
4193c1df5b6fb199d0db4071c5a5e16ac3920378e23ab7c48a9a4b787e7d5068
449758634d83c0f8bd47a5145a45488d98e72b2811b3de23e110cf10a87cd1ac
44c4dadb22fb073f7a1a8a75d01bf385c40261b0036b7940948bacc606877719
474445404a6938af3e7e9a4a9941f175fe3d54cd5b46d81a20721de3c883addf
48ec2063144ca0a1dbfce95b3ab1a89b5c7ca03c62d03418d6a0844862fa093e
4cc8ac413e2b44518ef01b79bd43fe699150dbb434875bf72387de84d218c4fe
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
50b8d3f38e8ba60f76fa2b5e51b9fe83bfa842037ae1746be79b7f254d4d2cd1
52a71f43dbc576e422a51910e4f041861e9e793342a59371aa6787ed7726b213
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55955e7d789408e5f71e4aa492df6c9eb34d13bf2b555b6c74a6f48fa570678e
56fbfddfebb2a54398f0413acae5235283231d30cfd851ed3c8d6408ab7f3e13
575eb787320617105cd5dbd56464c98f17f993c82fc40980e81fa880f0d4a141
58efdef30c1040f9bab6f3ffeb7c866c3619672fb65b354620975705b929e0ef
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d0bd12db046e2bacf04d499428a48266a64db696ea400c2fa316b3c22f80ce7
5ddd77cc41840cf3d5a8954d0c020d85dbf21dd38d173d1aa0b673a1bf0fd09c
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6046c23b85986b7cf6d8a28b653bb0b0a73bab416795df69f476e14d1271a1db
607a593cfd8d289c92d8ebd35b04c61ac9c80ed29ce4654b27c133267f46d07b
60ad20dd76d812c3d941cb92d2e691b57f030771c2caf9671b18d5f49d877380
61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495
652a7fe3ea9660458bcbdef58efc09309f326058bc94c93b55603b68c65be041
6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e9fd94eea99a4cb688c9acb0dbbd8ac70f957c5ae4b382e67834a70035d5cca
6eaaa83a6f929a29d7ff5cf7a342a758629a95e4afe9eab69689b6e8120b745d
7118dab66877bebfafdd02c111dfccc3df668fa622d25c443f4822db37f0c027
71707349929d0aee76de6cf37907137b2c9605208e85d8800bc0d729db7b18ca
74c0db4bb9bf18fc500afe7c78cfc5fd982d57bb6536fa11c78dd6750c12fc6a
77b898909b7d12006bb3887862ed2c38411d407cb6b7c3be0bbd7477f32a5ae8
7822a96aa7f1efc7a73aa0136abe2dcd1537e2fec5164aa814a38e8ba4440d07
7856db2d13b9512509920ac6c93bc002e4286a82d3ee67cf55cd9142049ea838
7ad1f59229d3b4c19ec76ba06e0a33ca00c6a092afb95c222dfa1fcef162735c
7b1bf5abc558b252d429f468d72513a9410a38c09b5e3932a04f8eac7b435599
7efcd7a73e331f8795f2c47c52befb53a3afeceabd9bfa53f84bc15c474e6db4
7f795d42dd4aa37955e391526cd3e0e69e3d387e8f77e7e8a2ee9ed4529d215b
81287c7a8b736ff095bc244418f50d8085ae0e74d89d9bd53909d1acfd5e0e32
82892a54c4d7dbea6d54652b28a2b6d9e96844970239dfe0147356409917c136
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840d748cdb4b154eb640940a5b107bfea7fd6b5a91a151e074bbea3cbd671f2a
864ac1199eb07e37517eb96a3af5fa013c961330764944f8a6c796f11e9f17b9
86cfdf9b07db942980d11e509a5dab207186ffc65791af50833ed53e8d362291
8a05744c57b6130b4e100fd8561327408e6d722722459c62b2c12dd162f723ed
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8c401041a4d2376f0f7dd9bb967a211cb5023e339ef34319cfffa5fe46ce0cdc
8c4e3c47ca0add4147cc8bcd28aa5ec442ffec96577d3e635b036d274489adf2
8ee1a9b8ae85450c52aae535356180acf79fd9a8e54cc97c4a8e26312ea6ffb2
8f4583be5940babb3b8ff087cf3d164ccf33a2351cace38b94190ac910491698
976df30875c5347b6b126b8de4cc77b7b2eb034022fd118f279f4439b7374bf4
9942ca8ac2c3fa19b7f8e43e8dca588c67e62a98d3c594ad48856a71aa0a858c
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b84d38d0eab1b3f6cf6491ab4bb7ec35341f6664c10465a617bcfa7f69b6a74
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9bf4e70001e53d8a128c82b59bb6ca451d5c7f3032d001617f2ec97f3d2e4440
9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
9ef67829aff6d0391203193d04183a2aa78627dd9a2b3cd3bfaed187df88ce78
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14d20ac3a6fad39a8c19300225b82b935a0843d261ad80c0c771b6909b4017a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d2587db6538bd1faf74218732ae55bc03c2891d2c168a89260475b44e44199
a221343db26c43bb8ec3b2dda04ec6017ba57321fb34076aeb0e276feebe8e54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e7206978d27080f022a7eac0c1da65dc97e0a926f1380a45a4b3b103a73c9d
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a974184f5c497b39a74be6667855dbec199b9c061d5e482feb57bd7c4b695a8f
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
acd50facc16180a7b7bd4b56e592dec310229a103a616fee0a1377854ef566b6
ad286edc01d412b681126058e8943593d32b62b8dbacd2c901d9ee02cc2653b0
ae07b44365d1b861f5b0c93eb844b2a7533198aa62f16e2db1d62fdc848c08cd
ae9278911ecba31af53727f12c3310a4bdf29383cfc546acdf8f72e089584ba9
b1b7c0bc7f6953d9a85719f68a6cc410bae7859d4e90696d7bc0586d5f014575
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
ba4979c352384ce17af97af31451d3d181c46c99de4483a400227d40e909a3ad
bea44783ce24f6df8ba9bf53fd8c77c7ce430e9564050582fa28e91ba35cbb5f
c5db810c07cca5033e2aebcdb9324038385e8062a8db33b08620ddd30243add7
cad3a128860e28143ba656346b659a18ae392c6f8a1e78b22de0726abdb26902
cb656577f4277a4ded7b312fe6d4a32f3aabbeff803485b75a66fdea67b678af
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cbac1cc598ac1c61f9ce35be6715357cd81061bed88641cfbb58b6a2b3c891c5
cc43dede6f0925b41f9d936148653ecba57505049abca867ba3d6a58f09cab05
d043ad1f4fd5c41b1297c084d3545d4ee1ce5c2a2a6d87de9f4ee6b089638e1a
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d970589b6660ec91a6aa1a10d344f7ac0b3f089125ff86a11a0e5d77235b7391
dca989c3d45e0a0d4093a3fda467bad4f16fff9207a790895731da1cd99412d9
dde1a8419ad24ecfc162c1097650ab4d0f1abe80552b39ef24c122afb527cc95
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df149d844178b4a4b3ed660e03ef092e3bdfe30ceb564ad7dd571006b7f6995c
dfc752f7c8eb3ebc90d53b7b40dbccf5984da0077440533e0ded2dd847ed83fa
e17a799a36103ea76870388bc25f8492043bb6cd057db1fb1542c9d9cb7eb3cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb71a81ddfd8982c5729a54b00981b9a824a1e22a3942432371cb7de4d9524
e695031ac9f24e1107db954e1b54bc86481f5aa9dc0ca457228a270b35bddfea
e7b97ddfa6bd0f60f8e00519e12e8919d23e03ac78a0d4d5f2e9a0dd623c46e5
e80c87c1f9542ee9190550bfc82c73fb53b32c7a45e9b68f4ed50a3e228e22bb
e89c593a8511d68de32a5bc80b5c442b83d54f7e2338d406b7739ad1af7c9e44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f049107d6074e0f1d2ccc9950ff0fc8eecd161600196e7220eb3864a46599de9
f127b2a89ed9019c7c5a72203ff6e02ba2c62232a38688cd3c748c57f7e8dbd6
f32b7f1fd8f14e4609d2f5e1a6afe3f53b8ad27f9a4a7065c70d5ffae0713c57
f3e7fabaaa3d13c7eceee2291f67cc3855e589b4705955d72782270fd79010b3
f4a4e3fb026d44c8a39e4f33f441a8046cc5ab822e86558889274f4cbbe61178
f5686e72d69cd9fe0f4a53f31e84df73110b962f0719bb09e3d4251ad02a2e53
f88bfcab79ed387a0103e0346190c239ae8bb6e8de191e1820820354b4712e41
f92cfa93bfa5afb9f2859e7c5a5f76872807dec30e4cdf7c8af76dcde7e0b6a2
fc8818a7b333cd78128ddc412fe5cdbb27ee7acc82ca4a3cb686dcb018073a8c
fe9f3d79b36ff972db80f06645f39969a475d95aec898d2c15dcb5fd1e16ae90
ffdc94a1437339a2f1167dcfea984a9d7bdddc5e8c333997ef3eb91934430ed7

friv2.racing Open in urlscan Pro 2606:4700:3032::6815:312a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

213 Requests

99 %HTTPS

82 %IPv6

20 Domains

31 Subdomains

29 IPs

5 Countries

2834 kBTransfer

7749 kBSize

10 Cookies

2 Outgoing links

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

friv2.racing Open in urlscan Pro
2606:4700:3032::6815:312a Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

99 %
HTTPS

82 %
IPv6

20
Domains

31
Subdomains

29
IPs

5
Countries

2834 kB
Transfer

7749 kB
Size

10
Cookies

213 HTTP transactions
6 data transactions