friv2.racing Open in urlscan Pro
2606:4700:3036::ac43:9ece Public Scan

Go To Rescan
Add Verdict Report

URL:
http://friv2.racing/watersplash.html
Submission: On February 28 via manual (February 28th 2021, 7:37:35 pm UTC) from UA

Summary HTTP 114 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 20 domains to perform 114 HTTP transactions. The main IP is 2606:4700:3036::ac43:9ece, located in United States and belongs to CLOUDFLARENET, US. The main domain is friv2.racing.

This is the only time friv2.racing was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
39	2606:4700:303... 2606:4700:3036::ac43:9ece	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	78.109.31.4 78.109.31.4	41665 (HOSTING-A...) (HOSTING-AS http://hosting.ua)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
3	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
3	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
4	35.190.9.86 35.190.9.86	15169 (GOOGLE) (GOOGLE)
2 15	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
3	2606:4700:e2:... 2606:4700:e2::ac40:8b11	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
3	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
2 7	34.77.38.18 34.77.38.18	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
114	25

39 2606:4700:3036::ac43:9ece (United States)

ASN13335 (CLOUDFLARENET, US)

friv2.racing	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.109.31.4 (Ukraine)

ASN41665 (HOSTING-AS http://hosting.ua, UA)
PTR: 4.31.109.78.hosting.ua

neueaffenspiele.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

html5.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
html5.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

cdn.gamedock.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hb.improvedigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.9.86 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 86.9.190.35.bc.googleusercontent.com

game.api.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
msgrt.gamedistribution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a03:2880:f11c:8183:face:b00c:0:25de (United States) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8b11 (United States)

ASN13335 (CLOUDFLARENET, US)

pub.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ana.headerlift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.77.38.18 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 18.38.77.34.bc.googleusercontent.com

tag.gitberry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pm.gitberry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2295a6b9cff70a5b873f216a47338a5f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	friv2.racing friv2.racing	306 KB
16	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com 2295a6b9cff70a5b873f216a47338a5f.safeframe.googlesyndication.com	202 KB
15	facebook.com 2 redirects www.facebook.com	923 KB
9	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	129 KB
7	gitberry.com 2 redirects tag.gitberry.com pm.gitberry.com	31 KB
7	gamedistribution.com html5.gamedistribution.com img.gamedistribution.com html5.api.gamedistribution.com game.api.gamedistribution.com msgrt.gamedistribution.com	365 KB
3	headerlift.com pub.headerlift.com ana.headerlift.com	2 KB
3	google-analytics.com www.google-analytics.com	38 KB
2	googleapis.com imasdk.googleapis.com	301 KB
2	improvedigital.com hb.improvedigital.com	107 KB
2	googletagservices.com www.googletagservices.com	47 KB
2	google.com adservice.google.com	1 KB
2	google.de adservice.google.de	2 KB
2	yadro.ru 1 redirects counter.yadro.ru	1 KB
2	facebook.net connect.facebook.net	62 KB
2	googletagmanager.com www.googletagmanager.com	91 KB
1	2mdn.net s0.2mdn.net	17 KB
1	gamedock.io cdn.gamedock.io	9 KB
1	googleadservices.com partner.googleadservices.com	640 B
1	neueaffenspiele.de neueaffenspiele.de	1000 B
114	20

	Domain	Requested by
39	friv2.racing	friv2.racing
15	www.facebook.com	2 redirects connect.facebook.net www.facebook.com
10	pagead2.googlesyndication.com	friv2.racing pagead2.googlesyndication.com tpc.googlesyndication.com srcdoc securepubads.g.doubleclick.net
5	tag.gitberry.com	2 redirects tag.gitberry.com
5	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	www.googletagservices.com tag.gitberry.com securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com html5.api.gamedistribution.com
2	pm.gitberry.com
2	imasdk.googleapis.com	html5.api.gamedistribution.com imasdk.googleapis.com
2	pub.headerlift.com	hb.improvedigital.com
2	hb.improvedigital.com	html5.api.gamedistribution.com hb.improvedigital.com
2	msgrt.gamedistribution.com	html5.api.gamedistribution.com
2	game.api.gamedistribution.com	html5.api.gamedistribution.com
2	www.googletagservices.com	pagead2.googlesyndication.com hb.improvedigital.com
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	counter.yadro.ru	1 redirects friv2.racing
2	connect.facebook.net	friv2.racing connect.facebook.net
2	www.googletagmanager.com	friv2.racing neueaffenspiele.de
1	2295a6b9cff70a5b873f216a47338a5f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ana.headerlift.com	html5.api.gamedistribution.com
1	s0.2mdn.net	imasdk.googleapis.com
1	cdn.gamedock.io	html5.api.gamedistribution.com
1	html5.api.gamedistribution.com	html5.gamedistribution.com
1	img.gamedistribution.com	html5.gamedistribution.com
1	html5.gamedistribution.com	neueaffenspiele.de
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	neueaffenspiele.de	friv2.racing
114	30

This site contains links to these domains. Also see Links.

Domain
kizigamesxl.org
www.liveinternet.ru

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
counter.yadro.ru R3	`2021-01-13` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gamedistribution.com Sectigo RSA Domain Validation Secure Server CA	`2020-07-29` - `2021-07-30`	a year	crt.sh
*.api.gamedistribution.com R3	`2021-01-20` - `2021-04-20`	3 months	crt.sh
*.gamedock.io Sectigo RSA Domain Validation Secure Server CA	`2020-08-28` - `2021-08-29`	a year	crt.sh
*.improvedigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
pm.gitberry.com R3	`2021-01-30` - `2021-04-30`	3 months	crt.sh
tag.gitberry.com R3	`2021-02-27` - `2021-05-28`	3 months	crt.sh

This page contains 14 frames:

Primary Page: http://friv2.racing/watersplash.html
Frame ID: 7437B6308A7B20FDC4119C18990CA660
Requests: 56 HTTP requests in this frame

Frame: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html
Frame ID: FCF9F017B927C66188B5F850790FCB10
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html
Frame ID: 43DCEFC190E6C91A1AE8BEA1A399701B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1614541036&psa=0&format=970x90&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036253&bpp=16&bdt=111&idt=138&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3588861073865&frm=20&pv=2&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bg9G3bwlrf&p=http%3A//friv2.racing&dtd=173
Frame ID: 8721C4F1DA97950769B4E79276EB0A28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1614541036&psa=0&format=728x90&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036270&bpp=2&bdt=128&idt=172&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=262&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=O5ynEBwVvs&p=http%3A//friv2.racing&dtd=176
Frame ID: 4B99D73C9D5FB1F10E1AC970FFB2E17C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1614541036&psa=0&format=300x600&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036272&bpp=1&bdt=131&idt=182&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=lG9jnTmj7j&p=http%3A//friv2.racing&dtd=190
Frame ID: 3A6B51C47AD978F319358331FEBC66ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1614541036&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&ea=0&flash=0&pra=7&wgl=1&dt=1614541036273&bpp=1&bdt=131&idt=192&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=200
Frame ID: 9CDCC278A116B2339AE29624EE71D233
Requests: 1 HTTP requests in this frame

Frame: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
Frame ID: BFCD6DA0C7AC9576A781D5340753C2F8
Requests: 33 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
Frame ID: A34753A6D7F427A7994E0DBA7812E743
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
Frame ID: 792233D9174A3B6348273694A672F5A0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E8BFBB850525D2ADBF792D6AC9F26241
Requests: 2 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html
Frame ID: 272BBDE989FFE121FE37AA82E443E902
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 212F5DFB68664F826E05DCB996CF7DBA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 13DEBD2EE8A86C0D1755F0A8B8D5011B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

114
Requests

61 %
HTTPS

71 %
IPv6

20
Domains

30
Subdomains

25
IPs

5
Countries

2634 kB
Transfer

6888 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://kizigamesxl.org/

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

http://connect.facebook.net/en_US/sdk.js HTTP 307
https://connect.facebook.net/en_US/sdk.js

Request Chain 43

https://counter.yadro.ru/hit?t45.9;r;s1600*1200*24;uhttp%3A//friv2.racing/watersplash.html;hWatersplash%20-%20Match%203%20Games%20at%20Friv2.Racing;0.9330171834503431 HTTP 302
https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttp%3A//friv2.racing/watersplash.html;hWatersplash%20-%20Match%203%20Games%20at%20Friv2.Racing;0.9330171834503431

Request Chain 68

https://www.facebook.com/v2.8/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912

Request Chain 87

https://tag.gitberry.com/v1/663 HTTP 302
https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

Request Chain 88

https://tag.gitberry.com/v1/9P3?sizes=320x50 HTTP 302
https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

114 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set watersplash.html Show response
friv2.racing/ 15 KB
4 KB 486ms
467ms Document
text/html 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.29
Resource Hash: 8c50cb5becee5ed64a8851522dd913bd6aacc34aefff260ecbfe0e2d70252ba5

Request headers

Host: friv2.racing
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=ddafb867c6c1509d7bd5c2b7e3655bee91614541035; expires=Tue, 30-Mar-21 19:37:15 GMT; path=/; domain=.friv2.racing; HttpOnly; SameSite=Lax
X-Powered-By: PHP/5.3.29
Link: <http://friv2.racing/?p=2827>; rel=shortlink
Expires: Mon, 01 Mar 2021 07:37:15 GMT
Vary: Accept-Encoding,User-Agent
CF-Cache-Status: DYNAMIC
cf-request-id: 088bbe309800004e3d5c32a000000001
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zJzWZoyxQmtq8Cy2qecH5d1chaz1qAi73DC6PDtdKF13eZ6chvsIJr2cIoNVkyEEPUVDYxB5JDY73gPfTQGJkPZRdNFT6p1%2FFnCBHfENhzZtQUOvMrLMkg8%3D"}]}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 628c9960fe064e3d-FRA
Content-Encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK style.css
friv2.racing/wp-content/themes/friv/ 16 KB
4 KB 13ms
13ms Stylesheet
text/css 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6046c23b85986b7cf6d8a28b653bb0b0a73bab416795df69f476e14d1271a1db

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 469631
Cf-Polished: origSize=16302
Transfer-Encoding: chunked
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088bbe327100004e3d311d1000000001
Last-Modified: Fri, 30 Aug 2019 19:33:49 GMT
Server: cloudflare
ETag: W/"5d697a1d-3fae"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=l%2FqOWijxOjnD6uOpmqEsj%2F%2BPUSb%2BA%2F4BmQpZf81jlJLVkub0qHs%2FQEQH2JJD9R2GkWNlF1fe9q%2FL0yZN2xaAK28scgO81ItnrbBULnUl8vWEc%2Btep9yhTLw%3D"}]}
Content-Type: text/css
Expires: Tue, 02 Mar 2021 09:10:05 GMT
Cache-Control: max-age=604800
CF-RAY: 628c9963eb1c4e3d-FRA
Cf-Bgj: minify

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Requested by

Host: friv2.racing
URL: http://friv2.racing/watersplash.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d2fe503c3f3caed128e7db62f97a28502a8095517651eedeb9781d05657fa9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39490
x-xss-protection: 0
last-modified: Sun, 28 Feb 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 28 Feb 2021 19:37:16 GMT

GET
H/1.1 200
OK logo.png
friv2.racing/wp-content/themes/friv/images/ 6 KB
6 KB 35ms
26ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/logo.png
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bea44783ce24f6df8ba9bf53fd8c77c7ce430e9564050582fa28e91ba35cbb5f

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1575582
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5726
cf-request-id: 088bbe327a000016ea99acb000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "59c6121d-165e"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kgRzjshBk9eq9eXGjhBh2%2F0uLqhgKUtDXZVcjJ%2B%2BYi4wpuKB4JrEITW0nmb2R0cDRqVycCOKzwYj9AS8JQovWM4%2FWYnhsItZbnyhqzghgbGDbdtz6ttjTDs%3D"}],"max_age":604800}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c9963fc5316ea-FRA
Expires: Fri, 12 Mar 2021 13:57:34 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 138 KB
49 KB 33ms
23ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: friv2.racing
URL: http://friv2.racing/watersplash.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sun, 28 Feb 2021 19:37:16 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 13386428730629145965
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 49420
X-XSS-Protection: 0
Expires: Sun, 28 Feb 2021 19:37:16 GMT

GET
H/1.1 200
OK back.png
friv2.racing/wp-content/themes/friv/images/ 10 KB
11 KB 31ms
21ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/back.png
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e2f3843c4e6e8239cc209544ece9f653a6af137c16654ace78b2b08c6a00b92

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 533256
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 10349
cf-request-id: 088bbe327b0000c2ef23081000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "59c6121d-286d"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WQIUmCdXL6A52Zd6jE9qTD4ETYmkQEE3NndOSJb%2BgRPXiACs1F0y9ZFgauV4Cbxnp4sY%2B8LjcJ%2B1Xe0pTpz3jOCRbb1c%2Fyz5Xi668hqCY9pAeok0W%2BClPRI%3D"}]}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c9963fd9ac2ef-FRA
Expires: Wed, 24 Mar 2021 15:29:40 GMT

GET
H/1.1 200
OK kizigamesxl.png
friv2.racing/games/icones/ 6 KB
7 KB 32ms
23ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/kizigamesxl.png
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae07b44365d1b861f5b0c93eb844b2a7533198aa62f16e2db1d62fdc848c08cd

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 298521
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6496
cf-request-id: 088bbe327e00004ee60dbd8000000001
Last-Modified: Sun, 19 Mar 2017 20:57:50 GMT
Server: cloudflare
ETag: "58cef0ce-1960"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1GzIwxE8K1tqy8ntx30D%2BDdeVaDPwJPw2zx3kgsbAx8ex%2F%2BwcY7odhs4C17PrQOMU%2Fepm4PMstYY%2Bw67Ei8uWziarrbtDSrqwvcED57yO9vlkhwwGQ2Bcg4%3D"}]}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c9963fc7b4ee6-FRA
Expires: Sat, 27 Mar 2021 08:41:55 GMT

GET
H/1.1 200
OK among-us-impostor.jpg
friv2.racing/games/icones/ 5 KB
6 KB 23ms
14ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/among-us-impostor.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5db810c07cca5033e2aebcdb9324038385e8062a8db33b08620ddd30243add7

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290742
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5494
cf-request-id: 088bbe327b0000062dfb102000000001
Last-Modified: Wed, 20 Jan 2021 23:23:07 GMT
Server: cloudflare
ETag: "6008bb5b-1576"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AM2Dh%2F3OiZV2xXoMDk5yk0pY7k5hI3jw2Q%2Ftmq%2FuYwU67WHtWAwtjOxf05MrqgSLB14jSuT7N4d58amxWNbHRTAk2EC8l5POZU6C3i7Zw9HdgS%2FRLNZ%2Fsog%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c9963ff3a062d-FRA
Expires: Thu, 25 Mar 2021 10:51:33 GMT

GET
H/1.1 200
OK fireboy-and-watergirl-island-survival-3.jpg
friv2.racing/games/icones/ 6 KB
6 KB 25ms
16ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/fireboy-and-watergirl-island-survival-3.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07d3c359ee4dfb9e415e8394c3c0052168e17ac610ed1d5dfc7a633dd85a78ce

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 723888
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5779
cf-request-id: 088bbe327b000006149c30c000000001
last-modified: Wed, 20 Jan 2021 22:49:07 GMT
Server: cloudflare
etag: "6008b363-1693"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ROVq%2Fzh%2FrU0kkES6vesFwzo2S3tOjC4U5Omlwv2fcKBf%2B%2FYQlDv0a8Tm1gQwjag9iEUqO3LUZYde7Ug2JIrh%2BsVMdwi8AX48FW%2FhfRJOi1Z09mb1%2BzKHwik%3D"}]}
Content-Type: image/jpeg
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c9963fb390614-FRA
expires: Sat, 20 Mar 2021 10:32:28 GMT

GET
H/1.1 200
OK tiny-dungeons.jpg
friv2.racing/games/icones/ 5 KB
6 KB 13ms
12ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/tiny-dungeons.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58efdef30c1040f9bab6f3ffeb7c866c3619672fb65b354620975705b929e0ef

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1071395
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5256
cf-request-id: 088bbe327f00004e3d720b5000000001
Last-Modified: Sun, 17 Jan 2021 21:17:00 GMT
Server: cloudflare
ETag: "6004a94c-1488"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LW0bsQ5uN9UGBZYIzGCqIh1gWQ8FBifTMO3eKi%2Bo6KZ45uoo9%2FQztV%2FNVGjdC13qCoPPDLfzdcbUXalP%2Bc4k9N5lNr%2FkOXYPrR1wisNAjN5cTbMOmMoHTd4%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c9963fb4b4e3d-FRA
Expires: Tue, 16 Mar 2021 10:00:41 GMT

GET
H/1.1 200
OK minecraft-remake.jpg
friv2.racing/games/icones/ 4 KB
5 KB 16ms
15ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/minecraft-remake.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1bf5abc558b252d429f468d72513a9410a38c09b5e3932a04f8eac7b435599

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 992065
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4562
cf-request-id: 088bbe328c0000062dd7974000000001
Last-Modified: Sun, 17 Jan 2021 20:40:47 GMT
Server: cloudflare
ETag: "6004a0cf-11d2"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=w5NO75z0hQ8wbydpnU0V3oiHP8vOoB2Bbwut%2FBUGF%2FUcLpIURY%2FLcAKhDsytllopTYJlgbdF1IBn4%2BXKodWvjUTkRBeOakaQ%2FfnYbvoBOzA6KCXYSH0a5sY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99641f69062d-FRA
Expires: Wed, 17 Mar 2021 08:02:51 GMT

GET
H/1.1 200
OK rummikub.jpg
friv2.racing/games/icones/ 5 KB
6 KB 12ms
11ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/rummikub.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b7fef7ae8db477e14056c72bafece963d0a73d33de81dcff77edf206b74367

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2105644
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5617
cf-request-id: 088bbe328d000006147602d000000001
Last-Modified: Wed, 13 Jan 2021 19:33:28 GMT
Server: cloudflare
ETag: "5fff4b08-15f1"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vzVYeB5Yj2vYyGAfVCSGL5DKqiakqGldbZt8R1FwBUQMVP3KrFqfUUFBkefDmJpIKlqPVKzJfeQvfeTYPhsWjqzVSuMpsUMuz2mUpEMflMXL%2B%2FpzoJ5v06E%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99641b630614-FRA
Expires: Thu, 04 Mar 2021 10:43:12 GMT

GET
H/1.1 200
OK hero-rescue.jpg
friv2.racing/games/icones/ 8 KB
9 KB 18ms
17ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/hero-rescue.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eaaa83a6f929a29d7ff5cf7a342a758629a95e4afe9eab69689b6e8120b745d

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290742
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7942
cf-request-id: 088bbe328e00004e3d348df000000001
Last-Modified: Wed, 13 Jan 2021 19:03:17 GMT
Server: cloudflare
ETag: "5fff43f5-1f06"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t%2Bae4mI9ofWhm2OqOvJ%2BxqE%2B%2BYQVOB0pDx20dkDUNk4vjaALuSi%2F%2B%2FyBdxZyPJ%2FAK6XhbmIg66lfDxXUo%2BsxgKOhD9fh1h0fig%2Fmb9lrAorBp9wbY7Wq1zs%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99641b6f4e3d-FRA
Expires: Thu, 25 Mar 2021 10:51:34 GMT

GET
H/1.1 200
OK among-us-the-imposter.jpg
friv2.racing/games/icones/ 5 KB
5 KB 12ms
12ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/among-us-the-imposter.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab690010396c5fb95295eb11225539a9949eaa64c1dcb1d84f35ce2091016ad0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 891361
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4790
cf-request-id: 088bbe329f00004e3d810ab000000001
Last-Modified: Wed, 30 Dec 2020 19:50:04 GMT
Server: cloudflare
ETag: "5fecd9ec-12b6"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=J0naUP2MRlYNw%2BXmv6Jk3HhrfBPWNhFfZCeIcK0GOAxyyHK2aQbfJ7lHcJDceSlLJIf%2B7xlmQYHAljf37VNb5VrRMHm%2FM0U8xzylgeQHxX2QVjxpkBobu88%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99643bb44e3d-FRA
Expires: Thu, 18 Mar 2021 12:01:15 GMT

GET
H/1.1 200
OK santa-city-run.jpg
friv2.racing/games/icones/ 5 KB
6 KB 11ms
11ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/santa-city-run.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c5343a303ed649d77a83277087dd0b581e82c4bd1e2220d3f4f140c0890c55

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 290742
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5613
cf-request-id: 088bbe32a1000016eaa92bc000000001
Last-Modified: Wed, 30 Dec 2020 19:30:01 GMT
Server: cloudflare
ETag: "5fecd539-15ed"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=i%2FwDLIjGNtVWqt8PyHuPXGw41oikE8tIv5zgD1x1nMaeu90j9WvLipqmPCk48SU6Ys4jTcyHf1IU9yttA5vl1T%2FHLTwwNSZzfxKNQqMMs1BWTfGMvTFG5tM%3D"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99643cbc16ea-FRA
Expires: Thu, 25 Mar 2021 10:51:34 GMT

GET
H/1.1 200
OK adam-and-eve-crossy-river.jpg
friv2.racing/games/icones/ 7 KB
8 KB 40ms
13ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/adam-and-eve-crossy-river.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 161d9a328b315e73855df7fdf032222b5350ca968ababd7a0be6b1d169eafc6e

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290742
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7411
cf-request-id: 088bbe32bf00004ee6db9e2000000001
Last-Modified: Sun, 20 Dec 2020 18:39:23 GMT
Server: cloudflare
ETag: "5fdf9a5b-1cf3"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TousnND7VRzkp4Aq5R3olCu4cD%2BHXSvKCmYw1eDHnHqRrHB54QGUaIr0Du%2FsqC3OpO34wyHhGB8iHEP4EVztSh6iWkjlys1oEuokw7BA8CzsJhJTUFjM1kg%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99646d244ee6-FRA
Expires: Thu, 25 Mar 2021 10:51:34 GMT

GET
H/1.1 200
OK sudoku-christmas.jpg
friv2.racing/games/icones/ 8 KB
9 KB 24ms
12ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/sudoku-christmas.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82a9f6210ee2b1386af90d3094f9f9e1117ce59105fa93a974bfd2b836ece4e9

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 522550
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8126
cf-request-id: 088bbe32af000016ea49a21000000001
Last-Modified: Sun, 20 Dec 2020 18:30:19 GMT
Server: cloudflare
ETag: "5fdf983b-1fbe"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yK03CfdOb2hsXtdoMSpx0klusdQ4PSTAIeUrqCVEFdwWuexo502u4i3ztrq8vw0j3jPZ0OlNGssNQ37zYnsWdus8nLkCg0CtpoV6vrVUmW%2BCmwx6uFj5SwY%3D"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99644cdd16ea-FRA
Expires: Mon, 22 Mar 2021 18:28:06 GMT

GET
H/1.1 200
OK among-us-christmas-run.jpg
friv2.racing/games/icones/ 6 KB
7 KB 36ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/among-us-christmas-run.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25bfbfcb5ced74665cf429cf318730204a1570e335984220dc0040000a9fb52e

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290741
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6237
cf-request-id: 088bbe32be00004e3d360c9000000001
Last-Modified: Fri, 18 Dec 2020 15:08:35 GMT
Server: cloudflare
ETag: "5fdcc5f3-185d"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BamPlf7YNEe1ZGiByJmtx88T%2Frnuoi8GNyR%2FKVyEd%2BWHqVlM%2FTczy9SCYMAum%2FIC4UB1GpN2aTsMuP2ShSW1LawBtXL0Xb8VcPee9w0KWh2%2BRtLxOD1pVqw%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99646c2d4e3d-FRA
Expires: Thu, 25 Mar 2021 10:51:35 GMT

GET
H/1.1 200
OK chummy-chum-chums-match.jpg
friv2.racing/games/icones/ 5 KB
5 KB 38ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/chummy-chum-chums-match.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ee12e1783fedb202f02a98f453339744a0085bcd35d23086f8922c1cf6af9e5

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 290741
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4775
cf-request-id: 088bbe32bf000016eaa92bd000000001
last-modified: Fri, 18 Dec 2020 14:46:32 GMT
Server: cloudflare
etag: "5fdcc0c8-12a7"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zTcdcbNy8HUQNrTBmYnT2bVIWcXyJ8z0GE6X550y6%2B0ANvtGPXfiHwPVKx%2FWu%2BuiezyCYzjYpOpxpiaOYggp2k03rmzcIHC5m8NtXH7GQInRdyjyYJTrG6I%3D"}],"max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99646d0f16ea-FRA
expires: Thu, 25 Mar 2021 10:51:35 GMT

GET
H/1.1 200
OK adam-and-eve-8.jpg
friv2.racing/games/icones/ 9 KB
9 KB 22ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/adam-and-eve-8.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0094d364a30b9e1b13b40d7955c72a55732fc9db8f6bb4fd8e71a1c67db6f726

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290741
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8719
cf-request-id: 088bbe32af00004e3d8b299000000001
Last-Modified: Sun, 13 Dec 2020 20:23:39 GMT
Server: cloudflare
ETag: "5fd6784b-220f"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=99jMMd5ZWejFkVcHQZhwlGjxCPSya8BV0LA%2B7fyie%2FGTkmfyqW9QzCKXVjoim%2BnuX5Yk5uqYyZQjrEhXCy82%2F9s0BXOor1f6ig4lQgkUOEf8zLhIwszVhXM%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99644bf54e3d-FRA
Expires: Thu, 25 Mar 2021 10:51:35 GMT

GET
H/1.1 200
OK my-dolphin-show-christmas-edition.jpg
friv2.racing/games/icones/ 5 KB
6 KB 21ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/my-dolphin-show-christmas-edition.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78d5cef34a0cd3077a73228baf175887c15c96c745b4f5dde5031a603622553a

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 13338
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5304
cf-request-id: 088bbe32ad0000062dee27c000000001
Last-Modified: Sun, 13 Dec 2020 20:10:11 GMT
Server: cloudflare
ETag: "5fd67523-14b8"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=245WqqnDjIWojnv5T%2B762pXq3wf5p5OjBYm%2FtvqmoqCEhOKpZUIZE3SEHtM2G2mT6NwF6LRjKVasUREio2SIXRfo9e65NKQJKkyPllfsUnmvSxmMIeDovuo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99644fdf062d-FRA
Expires: Sun, 28 Mar 2021 15:54:58 GMT

GET
H/1.1 200
OK among-us-online-edition.jpg
friv2.racing/games/icones/ 4 KB
5 KB 11ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/among-us-online-edition.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07e6986ed80c3d22efad485f7d6842b5c122a6e37f6985e9fbf30bdb0de1b179

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2250563
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4248
cf-request-id: 088bbe32a400004ee608201000000001
Last-Modified: Tue, 08 Dec 2020 15:32:42 GMT
Server: cloudflare
ETag: "5fcf9c9a-1098"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dMF8fIMIX67Pxmr8yplTeuYOo%2FcHy24Q6xTZ2wu8uzS5KLzqB4cEHoQ%2BiEkrVXqXM085YEvg0UknWUdL0u7cCogEZpkXKiz0MQEMq3BhuRrvDo1PUrJ%2FtMc%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99643ce84ee6-FRA
Expires: Tue, 02 Mar 2021 18:27:53 GMT

GET
H/1.1 200
OK adam-and-eve-go-xmas.jpg
friv2.racing/games/icones/ 8 KB
8 KB 36ms
12ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/adam-and-eve-go-xmas.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b11eb80e5a3fc8f6dd211eb23e961ad970132ed2d64ade7c9193b4045b3ab367

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 290741
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7723
cf-request-id: 088bbe32bc0000c2ef9f99b000000001
Last-Modified: Tue, 08 Dec 2020 14:46:29 GMT
Server: cloudflare
ETag: "5fcf91c5-1e2b"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bxu4KcqQz9z027yd8JU19bV4qSlxvdlCkKVT%2F5skvt0XFPvmfEUu6A2mM80vbiIRLqUc%2BTjbh0ltoTjWv44MhS0p2lalU2RO9Mmx5%2B%2BFOIZTnwMB3UwdNR8%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99645e0bc2ef-FRA
Expires: Thu, 25 Mar 2021 10:51:35 GMT

GET
H/1.1 200
OK among-us-space-rush.jpg
friv2.racing/games/icones/ 8 KB
8 KB 33ms
17ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/among-us-space-rush.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d610dd5a39ef5078ba51efa82a08c566cd698e54d97e4f604caaaa0900f539

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290741
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 7748
cf-request-id: 088bbe32b3000006149293c000000001
Last-Modified: Thu, 03 Dec 2020 22:24:49 GMT
Server: cloudflare
ETag: "5fc965b1-1e44"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0W%2BRqm%2FgHit7FakoIs5R%2Bdw4E5BVS3Co11jIWTklQrfwd34V%2Bd%2F99ItTK3esDrTF8SMBBKeoJMYQEPIGw7BAILZdOCNJfSlodgoFuyFGjz%2BiDpvjpW%2BOVQ8%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99645bc90614-FRA
Expires: Thu, 25 Mar 2021 10:51:35 GMT

GET
H/1.1 200
OK bullet-league-robogeddon.jpg
friv2.racing/games/icones/ 5 KB
6 KB 22ms
11ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/bullet-league-robogeddon.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 236930e77fe7184145689dd2a47813c8d92fb937bc164165b0b700b38d93269f

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 2295413
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5522
cf-request-id: 088bbe32ad0000c2efb0288000000001
Last-Modified: Thu, 03 Dec 2020 22:15:39 GMT
Server: cloudflare
ETag: "5fc9638b-1592"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OgTf5kdUonekRy4mxc8069SOEF7IH7uxIwyaWD5u2ZN06601LNOsI%2B%2BEqIu0o69nIG4F%2BQ1Huatl5KIevWg75eBY9L0FTXfJ8gmln1%2BG4RqLK4sQ24e0F1g%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99644df2c2ef-FRA
Expires: Tue, 02 Mar 2021 06:00:23 GMT

GET
H/1.1 200
OK among-us-single-player.jpg
friv2.racing/games/icones/ 4 KB
5 KB 22ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/among-us-single-player.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e0bcb4228595caf145bfaf82525e49e3690aa1789fdc00e9314974d7d542893

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290724
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 4208
cf-request-id: 088bbe32af00004ee6ff3f1000000001
Last-Modified: Sun, 29 Nov 2020 02:29:34 GMT
Server: cloudflare
ETag: "5fc3078e-1070"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vz8PPfd16npos0BNoExN7HkSWThse1jVYxL%2F2VhDcfR3qgEiYr52oC2a5ZboDFnBJz%2FKp0V9nxeb98lJcfE4M6I1ZQWHkT%2Funwa%2B0%2FRkGFbKbay9yMjKgZI%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99644d064ee6-FRA
Expires: Thu, 25 Mar 2021 10:51:52 GMT

GET
H/1.1 200
OK pirates-match-3.jpg
friv2.racing/games/icones/ 6 KB
6 KB 32ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/pirates-match-3.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2d9ad47ae0a4a30ad353f615bac58b9bdba56c15cf4d6cc91809f1cae4ff6fb

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290740
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5762
cf-request-id: 088bbe32b90000062deea54000000001
Last-Modified: Sun, 29 Nov 2020 02:07:23 GMT
Server: cloudflare
ETag: "5fc3025b-1682"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FspRES2w8n548uKYKvx9dc3Qti17tiBAtE6fJZF2qSPiM6KtRBQgKyVt7JVDCu%2FagOLDsWMFttlSbZur%2F8hK8wSbi%2F1eN5fKQ9LM61LxPOL3K87vTDlXNZ4%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99645810062d-FRA
Expires: Thu, 25 Mar 2021 10:51:36 GMT

GET
H/1.1 200
OK mod-among-us-for-minecraft.jpg
friv2.racing/games/icones/ 4 KB
5 KB 14ms
11ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/mod-among-us-for-minecraft.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71162257e2a26d7af604a8a596f328f5ccc7e5a13f609222e71c0fbc47b35479

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 2250561
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3944
cf-request-id: 088bbe32cb00004e3da0a7f000000001
Last-Modified: Sun, 29 Nov 2020 01:37:12 GMT
Server: cloudflare
ETag: "5fc2fb48-f68"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jUaS6%2FgrDsnu5drIf3oAcr5GPnsde0PXT45FdAfuNwR3q7IphQ4jQepAK%2FO1KkHHyKjw3Y9HXIKfksV2w8AeB%2BvTIt4RkdjUVYjhrUys0NJIa0%2Ft6sxEIWI%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99647c614e3d-FRA
Expires: Tue, 02 Mar 2021 18:27:55 GMT

GET
H/1.1 200
OK frisbee-forever-2.jpg
friv2.racing/games/icones/ 7 KB
7 KB 15ms
12ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/frisbee-forever-2.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f2037587006a27e070a700b82accd3642a9a91c026d2e29b07c05ed58612d67

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1071395
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6777
cf-request-id: 088bbe32ca000016ea44aab000000001
Last-Modified: Mon, 23 Nov 2020 16:34:28 GMT
Server: cloudflare
ETag: "5fbbe494-1a79"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JMn1IXihF%2FEzILGvy4e53OSKc1WQI%2BZxX1WbWORjzbNQPCjYDtSogyshFCOfOo3bC4RplImqbVR8lHT3BsOt%2BOOF5LxZq4XqbzCZ2%2BKmXy%2Fz6BOJuZEyWuE%3D"}],"max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99647d2016ea-FRA
Expires: Tue, 16 Mar 2021 10:00:41 GMT

GET
H/1.1 200
OK supra-drift-stunt.jpg
friv2.racing/games/icones/ 6 KB
6 KB 15ms
14ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/supra-drift-stunt.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2eecfbe5700cb0eae79a1a8cc4e4061c9a0547fb50c70fa7c3205593458d532

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 617065
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5638
cf-request-id: 088bbe32cb0000c2ef5f92d000000001
Last-Modified: Thu, 19 Nov 2020 21:56:55 GMT
Server: cloudflare
ETag: "5fb6ea27-1606"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=n4IoJJqaTa7EgsIQKVjhieJR6S%2B7UNizylEEC%2BlE6lwP208KXMFaPWyz5iYFexd1XTc07dckUn0k7DnFdjsF8HAEOHnQqj8%2B%2BuSna5X79hwRPsjMPCW9jx8%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99647e2bc2ef-FRA
Expires: Sun, 21 Mar 2021 16:12:51 GMT

GET
H/1.1 200
OK vex-5.jpg
friv2.racing/games/icones/ 5 KB
6 KB 25ms
24ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/vex-5.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71db09e8de7818c7eacc2b908d531a613dbbfb019139772317dfa7c2742be717

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290740
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5344
cf-request-id: 088bbe32cb0000062de10f8000000001
Last-Modified: Mon, 16 Nov 2020 21:45:47 GMT
Server: cloudflare
ETag: "5fb2f30b-14e0"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dc9KhqRrsuj75qvY2SU2R3cA5QR2TdkwWaWvSb%2B%2F3Jk93%2FZfXTpdJNmVot%2BL2GRJAEzvJ9Ah1fKgLi4ntZ6j5neqAggB%2FlWDruhDCN1Qbl5NFl5uqCkFBvg%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99647858062d-FRA
Expires: Thu, 25 Mar 2021 10:51:36 GMT

GET
H/1.1 200
OK empire-world-war3.jpg
friv2.racing/games/icones/ 6 KB
7 KB 25ms
23ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/empire-world-war3.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe0c1f51640cd0b18db7d093354115802da5f8243bf9b82c80c196a20edd5662

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290740
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6203
cf-request-id: 088bbe32cc00000614bb1c5000000001
Last-Modified: Mon, 16 Nov 2020 21:30:38 GMT
Server: cloudflare
ETag: "5fb2ef7e-183b"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xsp1ZXYYIHo1mEdAmt9%2BcMPQk4KdX%2BsXzvFk0gDBHdd3ydZqlAeWWqqzh8dioO89mOAbjZCL9o9Lx57hJhzlS1QPyKb77baTCC6X3wySVPFNbK3P%2Fgp4p9Y%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99647c100614-FRA
Expires: Thu, 25 Mar 2021 10:51:36 GMT

GET
H/1.1 200
OK adam-and-eve-aliens.jpg
friv2.racing/games/icones/ 8 KB
9 KB 10ms
10ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/adam-and-eve-aliens.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb1e3682d6be4b09f09ed6cdcd8d25db1e307e31f950c8b4a701b3e98e23596d

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290740
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 8518
cf-request-id: 088bbe32cd00004ee6fabbb000000001
Last-Modified: Thu, 12 Nov 2020 12:16:54 GMT
Server: cloudflare
ETag: "5fad27b6-2146"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=anLaj5gQ5%2FZtzwBVJS70rwkAJYmIAp%2B%2FrehJF90Xt9MTKsOY%2F%2BeBCdJLm5z%2FySX3MgnQ05Vxs6JQyL0oDensPElpsrhYa5f9j%2Bdc7O6U23FlPL01Wjeeaw4%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99647d4d4ee6-FRA
Expires: Thu, 25 Mar 2021 10:51:36 GMT

GET
H/1.1 200
OK zumba-mania.jpg
friv2.racing/games/icones/ 7 KB
8 KB 12ms
9ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/zumba-mania.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac97d0ae8fcc0705ea3abc77b99731dc7e9fe3d06a507d61d8c39d681fea1fe7

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 290738
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 6901
cf-request-id: 088bbe32d700004ee608205000000001
Last-Modified: Thu, 12 Nov 2020 12:10:21 GMT
Server: cloudflare
ETag: "5fad262d-1af5"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=eTRbiKYHm2KVJzoyfR76DMDM5h1M8cBNalefycQd%2FG7FzTkkWASJGFZivt8XgKRHyieuS3aZm0wYHeME2%2B317hsXvmsh4NJlHRfouWFhs1Fz%2BzRaL%2B%2FZ3HM%3D"}]}
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99648d714ee6-FRA
Expires: Thu, 25 Mar 2021 10:51:38 GMT

GET
H/1.1 200
OK escape-out.jpg
friv2.racing/games/icones/ 5 KB
6 KB 11ms
11ms Image
image/jpeg 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/games/icones/escape-out.jpg
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5cbb7f2e0dee545f0f790c02bcd2a26125e668e1fe12f538100ec9dc249cb8

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 290739
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 5372
cf-request-id: 088bbe32d8000016ea68a42000000001
last-modified: Mon, 09 Nov 2020 01:16:00 GMT
Server: cloudflare
etag: "5fa89850-14fc"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ysYSGE06gxyb9KVS6Fom4jvC4moxA7NHU40XCvHFWi7l8q4JY6vIGAE4Y1YBgLkJudDEKMSqrBKx5%2FoyfVWjNkzHtrZnccSznO7urmmB1B8DxOAP6RJll40%3D"}],"max_age":604800}
Content-Type: image/jpeg
cache-control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99648d3c16ea-FRA
expires: Thu, 25 Mar 2021 10:51:37 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/en_US/
Redirect Chain

http://connect.facebook.net/en_US/sdk.js
https://connect.facebook.net/en_US/sdk.js

3 KB
2 KB

7ms
6ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: friv2.racing
URL: http://friv2.racing/watersplash.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eb24254cefa6df28eaffba291b38527ad8f55decbf9b3b4cd2f55b3509586ef5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z0XOJCUYiULVf0y9zh4V4A==
cross-origin-resource-policy: cross-origin
expires: Sun, 28 Feb 2021 19:48:06 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1780
x-fb-rlafr: 0
x-fb-debug: KWspjPs+jxE6+UsyUdnRiTLA/moVciHgPLdssn9jazWzHtHuZEhi/U4QjAQtrzbKrlMt2b+dUFCgSR2OLbyP+Q==
x-fb-trip-id: 686109401
x-fb-content-md5: b6f83a8a805b6fb3448e5fe0f6b4fe89
date: Sun, 28 Feb 2021 19:37:16 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "853e89078fb5fa8150331186271326f8"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.8&appId=192074324531989
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK cursor.png
friv2.racing/wp-content/themes/friv/images/ 2 KB
2 KB 13ms
11ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/cursor.png
Requested by: Host: friv2.racing
URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b7c0bc7f6953d9a85719f68a6cc410bae7859d4e90696d7bc0586d5f014575

Request headers

Referer: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 246565
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1668
cf-request-id: 088bbe32910000c2ef4f2e5000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "59c6121d-684"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hPkI1XmN%2Bc8E3eGejuFawPwn7jSuxLPYF42IoAP6Bdf8XgathS9gQ6okzJJYzTJv6h0ILPd9n97yvB%2FB4KvK69kzfaiLsnjFOtQkWMToBioeoMsrtvuJbCI%3D"}]}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99641dbec2ef-FRA
Expires: Sat, 27 Mar 2021 23:07:51 GMT

GET
H/1.1 200
OK gameback.png
friv2.racing/wp-content/themes/friv/images/ 15 KB
16 KB 35ms
25ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/gameback.png
Requested by: Host: friv2.racing
URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a176a0442b25e0a0bf4687552431aa639c95088c510f4bd012c0b6065237c9b

Request headers

Referer: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 246565
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 15309
cf-request-id: 088bbe329900000614b4055000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "59c6121d-3bcd"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Xfch63noYfIGH6VehGGRAGcJ7RcEM1AtBsWPpPrA19%2BNaTdYi44tbuyRDj5v4eLeLqZutYHBQkFGM1dLswsJMfEe4r3KsD6ZiH3NGiwcVdzZhTJrOMS3h7w%3D"}]}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99642b8d0614-FRA
Expires: Sat, 27 Mar 2021 23:07:51 GMT

GET
H/1.1 200
OK menu-bg1.gif
friv2.racing/wp-content/themes/friv/images/ 93 B
930 B 25ms
13ms Image
image/gif 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/menu-bg1.gif
Requested by: Host: friv2.racing
URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27bbce805c2c61aab7e90d5a59180cda702e1b002bd739abdbe56aa9473aeb71

Request headers

Referer: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1075733
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 93
cf-request-id: 088bbe329d0000062dcea52000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "5d-559d691e72c0d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RbSEk1AlG6mysi02mE216iSP6z%2BnyfF2hVVRbXoNXIJNKYJ1RLdFPTdP7B1Aaq2btYXiOYl4zwmMGP0kQNPjIOxQMW3PtWumT4MULvv56vgJI5gUjVeTTqs%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: image/gif
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99642faa062d-FRA
Expires: Thu, 18 Mar 2021 19:17:23 GMT

GET
H/1.1 200
OK search.gif
friv2.racing/wp-content/themes/friv/images/ 165 B
1011 B 27ms
14ms Image
image/gif 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/search.gif
Requested by: Host: friv2.racing
URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d

Request headers

Referer: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1324499
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 165
cf-request-id: 088bbe329d0000c2ef46a86000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "a5-559d691e98d6e"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d2XpWLfK%2B6f6vPWf8EVCNFnrTkm9Hnd4%2BIMkBr3Vfbax7xnEuHLUSAtkkXYtbzXvaoDZNOGKT10I001lD1sL2iy0fE5%2F7NwWVr%2BwtF2WltTMKeOrk%2BmlV9A%3D"}]}
Content-Type: image/gif
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99642dd4c2ef-FRA
Expires: Mon, 15 Mar 2021 22:11:17 GMT

GET
H/1.1 200
OK searchpart.gif
friv2.racing/wp-content/themes/friv/images/ 240 B
1 KB 17ms
11ms Image
image/gif 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/searchpart.gif
Requested by: Host: friv2.racing
URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495

Request headers

Referer: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"max_age":604800,"report_to":"cf-nel"}
Age: 1075733
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 240
cf-request-id: 088bbe3295000016ea8f111000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "f0-559d691eb94f7"
Vary: Accept-Encoding
Report-To: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=llJY5Yr8q1HvqN4GDv7AgyARSfkZ%2FEXjdyWy6NaQlUrMoPH1auWXFUSpYRP1rYCWZGHCF7PTdQ1QgescY1PU87NF5z%2FQEq3u3ZXlRgn7kFgHTwOFlJ%2Fx6yQ%3D"}],"max_age":604800}
Content-Type: image/gif
X-Accel-Version: 0.01
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99642c9b16ea-FRA
Expires: Thu, 18 Mar 2021 19:17:23 GMT

GET
H/1.1 200
OK logo_big.png
friv2.racing/wp-content/themes/friv/images/ 63 KB
64 KB 13ms
10ms Image
image/png 2606:4700:3036::ac43:9ece
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://friv2.racing/wp-content/themes/friv/images/logo_big.png
Requested by: Host: friv2.racing
URL: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
Protocol: HTTP/1.1
Server: 2606:4700:3036::ac43:9ece , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35f420911e15e0dcade2d82029717124f6f8263456f3d2686576c5cb364c7d69

Request headers

Referer: http://friv2.racing/wp-content/themes/friv/style.css?ver=1.52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:16 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 1075733
Connection: keep-alive
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 64752
cf-request-id: 088bbe329300004ee621b85000000001
Last-Modified: Sat, 23 Sep 2017 07:49:49 GMT
Server: cloudflare
ETag: "59c6121d-fcf0"
Vary: Accept-Encoding
Report-To: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Uc98jQoki%2F3PfRpuvVatNuMNQsqINSJKsKlfvI0ogAs3ZJlBivauXVi4vQxLvF5YTQ9J5e69JUiHR7D63uyy85bIP9uVHt5hP5RY1INMiIAxG7x1kpMX11I%3D"}]}
Content-Type: image/png
Cache-Control: max-age=2592000
Accept-Ranges: bytes
CF-RAY: 628c99641caf4ee6-FRA
Expires: Thu, 18 Mar 2021 08:48:23 GMT

GET
H/1.1 200
OK spielen-watersplash.html Show response
neueaffenspiele.de/spiele/seite/ Frame FCF9 968 B
1000 B 199ms
167ms Document
text/html 78.109.31.4
HOSTING-AS http:/...

General

Check archive.org

Show headers Download Go to

Full URL: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html
Requested by: Host: friv2.racing
URL: http://friv2.racing/watersplash.html
Protocol: HTTP/1.1
Server: 78.109.31.4 , Ukraine, ASN41665 (HOSTING-AS http://hosting.ua, UA),
Reverse DNS: 4.31.109.78.hosting.ua
Software: nginx /
Resource Hash: e516f04f833588d72748ac11cfd04f0864024b5ece8f824aaf2031930a039dc9

Request headers

Host: neueaffenspiele.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://friv2.racing/watersplash.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 19:37:16 GMT
Content-Type: text/html
Content-Length: 608
Connection: keep-alive
X-Accel-Version: 0.01
Last-Modified: Wed, 30 Dec 2020 15:09:11 GMT
ETag: "3c8-5b7afe3b55244-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=43200
Expires: Mon, 01 Mar 2021 07:37:16 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t45.9;r;s1600*1200*24;uhttp%3A//friv2.racing/watersplash.html;hWatersplash%20-%20Match%203%20Games%20at%20Friv2.Racing;0.9330171834503431
https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttp%3A//friv2.racing/watersplash.html;hWatersplash%20-%20Match%203%20Games%20at%20Friv2.Racing;0.9330171834503431

104 B
558 B

98ms
97ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttp%3A//friv2.racing/watersplash.html;hWatersplash%20-%20Match%203%20Games%20at%20Friv2.Racing;0.9330171834503431

Requested by

Host: friv2.racing
URL: http://friv2.racing/watersplash.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

a221343db26c43bb8ec3b2dda04ec6017ba57321fb34076aeb0e276feebe8e54

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 19:37:16 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 104
Expires: Fri, 28 Feb 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 28 Feb 2021 19:37:16 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t45.9;r;s1600*1200*24;uhttp%3A//friv2.racing/watersplash.html;hWatersplash%20-%20Match%203%20Games%20at%20Friv2.Racing;0.9330171834503431
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Fri, 28 Feb 2020 21:00:00 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 196 KB
60 KB 21ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=b3be6abd6743b1efcdd596804f626940&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5f0c38fe39a7fe136253e100401d4ca90bf8342a4da2b51ef70ea9bf82105929

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: http://friv2.racing
Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: YMFWMNi1Wgl75ha0+7bEvw==
cross-origin-resource-policy: cross-origin
expires: Mon, 28 Feb 2022 18:58:48 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 60505
x-fb-rlafr: 0
x-fb-debug: K4oxcfib3miwehwZpnVDcsm/cCu+50P/5Lhm3ouD9rueAxnH8wjzRKNSurzGOxIZLFeP8Gcjj0pfgNSCsnzz9A==
x-fb-trip-id: 686109401
x-fb-content-md5: 9e6ec49453a02a485c76b006029f2126
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 28 Feb 2021 19:37:16 GMT
x-frame-options: DENY
report-to: {"group":"coop_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
origin-trial: AqUfQvNe9Mod+kZ3Qx78GGg2ul4TtHv3l126BaOQCbywgYxRUP0y9rs8/el96V62SmT7ue9StD9aXvYmT3UAAQcAAAB5eyJvcmlnaW4iOiJodHRwczovL2ZhY2Vib29rLmNvbTo0NDMiLCJmZWF0dXJlIjoiQ3Jvc3NPcmlnaW5PcGVuZXJQb2xpY3lSZXBvcnRpbmciLCJleHBpcnkiOjE2MTM0MTE1NzMsImlzU3ViZG9tYWluIjp0cnVlfQ==
etag: "b8daf7feccc0c3232acd5ad1c5ab428b"
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/ 227 KB
86 KB 64ms
44ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=friv2.racing&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87195
x-xss-protection: 0
server: cafe
etag: 3111314854812010922
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 19:37:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/ Frame 43DC 10 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210224/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210224/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 28 Feb 2021 00:12:56 GMT
expires: Sun, 14 Mar 2021 00:12:56 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 69860
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-97003001-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5680
date: Sun, 28 Feb 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 20:02:36 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
385 B 45ms
12ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=997892630&t=pageview&_s=1&dl=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&ul=en-us&de=UTF-8&dt=Watersplash%20-%20Match%203%20Games%20at%20Friv2.Racing&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1221513457&gjid=1930326017&cid=882713518.1614541036&tid=UA-97003001-1&_gid=85477549.1614541036&_r=1&gtm=2ou2h0&z=1659624595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 19:37:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://friv2.racing
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
640 B 136ms
65ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=friv2.racing&callback=_gfp_s_&client=ca-pub-7652110621730409

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210224/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7652110621730409&plah=friv2.racing&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

d75772656779063b7a018f92d9b4a197f09c44a0fd3d6db483c14fdfc9aa5912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 39ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 40ms
17ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=friv2.racing

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8721 405 B
231 B 186ms
172ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1614541036&psa=0&format=970x90&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036253&bpp=16&bdt=111&idt=138&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3588861073865&frm=20&pv=2&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bg9G3bwlrf&p=http%3A//friv2.racing&dtd=173

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c15fe90253b1ad978b50ebec77197f4486195aeababdf27aab2f90a3ed65f23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&h=90&slotname=1329740506&adk=2990650949&adf=3278974735&pi=t.ma~as.1329740506&w=970&lmt=1614541036&psa=0&format=970x90&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036253&bpp=16&bdt=111&idt=138&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=3588861073865&frm=20&pv=2&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=160&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=bg9G3bwlrf&p=http%3A//friv2.racing&dtd=173
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 19:37:16 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 19:52:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 19:37:16 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 39ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614342938524533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:16 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
82 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-97003001-1&cid=882713518.1614541036&jid=1221513457&gjid=1930326017&_gid=85477549.1614541036&_u=IEBAAUAAAAAAAC~&z=1504915652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 28 Feb 2021 19:37:16 GMT
content-type: text/plain
access-control-allow-origin: http://friv2.racing
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B99 405 B
233 B 229ms
229ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1614541036&psa=0&format=728x90&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036270&bpp=2&bdt=128&idt=172&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=262&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=O5ynEBwVvs&p=http%3A//friv2.racing&dtd=176

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81b5e64d06199c8671e23976b0cf8a1f3686e8eb3ea60513acf75aad9f4d930b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&h=90&slotname=7236673302&adk=2133039087&adf=311074737&pi=t.ma~as.7236673302&w=728&lmt=1614541036&psa=0&format=728x90&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036270&bpp=2&bdt=128&idt=172&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=262&ady=1081&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=O5ynEBwVvs&p=http%3A//friv2.racing&dtd=176
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 19:37:16 GMT
server: cafe
content-length: 206
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 19:52:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 19:37:16 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A6B 405 B
230 B 196ms
196ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1614541036&psa=0&format=300x600&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036272&bpp=1&bdt=131&idt=182&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=lG9jnTmj7j&p=http%3A//friv2.racing&dtd=190

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc6dc1cc4fd8cd38abf3b3682bff4a8ac8242074fc6054cf7f2fed4fc6b6a70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&h=600&slotname=4283206909&adk=2305757582&adf=143927933&pi=t.ma~as.4283206909&w=300&lmt=1614541036&psa=0&format=300x600&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&flash=0&wgl=1&dt=1614541036272&bpp=1&bdt=131&idt=182&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1148&ady=217&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&xpc=lG9jnTmj7j&p=http%3A//friv2.racing&dtd=190
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 19:37:16 GMT
server: cafe
content-length: 203
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 19:52:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 19:37:16 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9CDC 2 KB
1017 B 87ms
87ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1614541036&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&ea=0&flash=0&pra=7&wgl=1&dt=1614541036273&bpp=1&bdt=131&idt=192&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=200

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbefe8ce76607d03cd27a9f90461434c8e3fc7cdd398e4453a48d79b326f1045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7652110621730409&output=html&adk=84980950&adf=198458457&lmt=1614541036&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&ea=0&flash=0&pra=7&wgl=1&dt=1614541036273&bpp=1&bdt=131&idt=192&shv=r20210224&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C728x90%2C300x600&nras=1&correlator=3588861073865&frm=20&pv=1&ga_vid=882713518.1614541036&ga_sid=1614541036&ga_hid=997892630&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44735932&oid=3&pvsid=1194536207480452&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=4&uci=a!4&fsb=1&dtd=200
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 28 Feb 2021 19:37:16 GMT
server: cafe
content-length: 454
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 28-Feb-2021 19:52:16 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 28 Feb 2021 19:37:16 GMT
cache-control: private

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ Frame FCF9 137 KB
53 KB 78ms
61ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8DH33QQECN

Requested by

Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

07ddc6ea67a3f93849ecfdcb3573756a2bb16866dfa51307dcbf0393af5334d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53642
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:16 GMT

GET
H/1.1 200
OK / Show response
html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/ Frame BFCD 7 KB
2 KB 184ms
168ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
Requested by: Host: neueaffenspiele.de
URL: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html
Protocol: HTTP/1.1
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2c40ec126d888d5c0de1ad8102cb71b4e542abf7d22d7f5f088d18346525fef7

Request headers

Host: html5.gamedistribution.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://neueaffenspiele.de/spiele/seite/spielen-watersplash.html

Response headers

Server: nginx
Date: Sun, 28 Feb 2021 19:37:16 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Cache-Control: private, max-age 3600
ETag: W/"1bf2-WfQs55/o22MzPJHRtd5l+2ePqKo"
Content-Encoding: gzip
Via: 1.1 google
Cache: MISS
X-ID: fr5-up-gc30

GET
H2 200 2dbffa981d434e81931d327e5d7692e1-512x512.jpeg
img.gamedistribution.com/ Frame BFCD 266 KB
267 KB 44ms
6ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1-512x512.jpeg
Requested by: Host: html5.gamedistribution.com
URL: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: edd5fb1c68debb0fca754942203a36149cb5cb337fcfac23652a2597e4a4e286

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc14
date: Sun, 28 Feb 2021 19:37:16 GMT
last-modified: Thu, 22 Nov 2018 15:22:36 GMT
server: nginx
etag: "a157279e77ea7bb09d24fd76b33f9196"
x-cached-since: 2021-02-28T11:17:41+00:00
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes
content-length: 272658
expires: Mon, 01 Mar 2021 19:37:16 GMT

GET
H2 200 main.min.js Show response
html5.api.gamedistribution.com/ Frame BFCD 320 KB
91 KB 36ms
8ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://html5.api.gamedistribution.com/main.min.js
Requested by: Host: html5.gamedistribution.com
URL: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 3d55abaea0eb323966b9f0c88f81c91c433efb5bf45bf6390e8cad729ea0a38c

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: fr5-up-gc28
date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
last-modified: Sun, 21 Feb 2021 15:57:50 GMT
server: nginx
etag: W/"592676489bfd711460868914b921f2bd"
vary: Accept-Encoding
x-cached-since: 2021-02-25T16:00:12+00:00
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
expires: Mon, 01 Mar 2021 19:37:16 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame BFCD 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5680
date: Sun, 28 Feb 2021 18:02:36 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Sun, 28 Feb 2021 20:02:36 GMT

GET
H2 200 gamedock-sdk.min.js Show response
cdn.gamedock.io/gamedock-web-tracker/4.0.4/script/ Frame BFCD 9 KB
9 KB 162ms
50ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gamedock.io/gamedock-web-tracker/4.0.4/script/gamedock-sdk.min.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 63456a217edb6d57c61411b3f3b3be365f6f5604bc7109f6d97b457f96cd752e

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
last-modified: Mon, 14 Sep 2020 08:30:44 GMT
etag: "1600072244"
x-hw: 1614541036.dop202.lo4.t,1614541036.cds220.lo4.hn,1614541036.cds081.lo4.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=48261
accept-ranges: bytes
content-length: 8968

GET
H2 200 / Show response
game.api.gamedistribution.com/game/v3/get/2dbffa981d434e81931d327e5d7692e1/ Frame BFCD 4 KB
4 KB 145ms
69ms Fetch
application/json 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v3/get/2dbffa981d434e81931d327e5d7692e1/?domain=neueaffenspiele.de&v=1.8.12&localTime=20
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 25c52eaeb1ee243ae4f8e8fa4a93589d1d4c95eb79a7f932c481955f842e4816

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
via: 1.1 google
etag: W/"1041-aWZFkE1xdqURmVxRwwFQNXkAxrI"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age 3600
alt-svc: clear
content-length: 4161

GET
H2 200 friv2.racing Show response
game.api.gamedistribution.com/game/v3/checkdomain/ Frame BFCD 55 B
148 B 45ms
45ms Fetch
application/json 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://game.api.gamedistribution.com/game/v3/checkdomain/friv2.racing?correlator=1614541036906
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: fa6de724b65acaaee077c75c7347a11805bed57b2277e009ce525f185bbb4332

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:16 GMT
via: 1.1 google
etag: W/"37-6H/Q2akFCCaTzHF0OfG11GlVj0c"
x-powered-by: Express
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age 3600
alt-svc: clear
content-length: 55

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame BFCD 2 B
153 B 115ms
43ms Fetch
text/plain 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.error&ar=W3siZ21pZCI6IjJkYmZmYTk4MWQ0MzRlODE5MzFkMzI3ZTVkNzY5MmUxIiwidGRtbiI6ImZyaXYyLnJhY2luZyIsImRvbW4iOiJuZXVlYWZmZW5zcGllbGUuZGUiLCJyZnJyIjoiaHR0cDovL25ldWVhZmZlbnNwaWVsZS5kZS9zcGllbGUvc2VpdGUvc3BpZWxlbi13YXRlcnNwbGFzaC5odG1sIiwibHRociI6MjAsImN0cnkiOiJDWiIsImRwdGgiOjIsInZlcnMiOiIxLjguMTIiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoxLCJhcmdzIjp7Im1lc3NhZ2UiOiJDYW5ub3QgcmVhZCBwcm9wZXJ0eSAnZ2V0SXRlbScgb2YgbnVsbCJ9LCJ0dGxlIjoiV2F0ZXJzcGxhc2giLCJzaXplIjoiODk2IHggNjQwIiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4MyIsIm9zbm0iOiJNYWMgT1MiLCJvc3ZyIjoiMTAuMTQuNSIsImJ5bGQiOmZhbHNlLCJpbWd1Ijp0cnVlLCJpZWd1IjpmYWxzZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1614541036909
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
via: 1.1 google
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 2

GET
H2 200 like.php Show response
www.facebook.com/v2.8/plugins/ Frame A347 47 KB
15 KB 93ms
93ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b3be6abd6743b1efcdd596804f626940&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a9729adee6c450f1ede7ed04e4c666f2912dd5cf0a53c1c72fd63332148c5e72

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-encoding: br
facebook-api-version: v3.2
x-content-type-options: nosniff
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
content-type: text/html; charset="utf-8"
x-fb-debug: yvNqWIP5Pqxi9FfE+2JkxJN/cQkNb6SNRWZ4swI8Gz9MZyQmKFQpJLCgWqFUmrRReOSWK1x6SoDQWr8xUL7qNw==
date: Sun, 28 Feb 2021 19:37:16 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2

200

feedback.php Show response
www.facebook.com/plugins/ Frame 7922
Redirect Chain

https://www.facebook.com/v2.8/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Df...
https://www.facebook.com/plugins/comments.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2....
https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2....

178 KB
37 KB

471ms
470ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=b3be6abd6743b1efcdd596804f626940&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b1eb38a862302925a2a98b52a8d6fea1b6ea70bad8d33c628d5305fd317dbfd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: about:blank

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: mFalIgcozzDtlod1mkjwvBGJHuK09JFWpl3+lv+dQa45hhRZuAHvE+6Il87kO55Ej0JC0Ihr9KOuyBYQ9YDXvQ==
date: Sun, 28 Feb 2021 19:37:17 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: JpUL/gcesVWdlFk5qozcCGvnSFDVfIPLtMFp1TMcNkyP1pmupWBRTXzMYsc5l5X4MqTOUqbgmsnmdasjDKXDvg==
content-length: 0
date: Sun, 28 Feb 2021 19:37:17 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 46ms
33ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210224&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5e1d840aa8399f7a9f1d8b04a62b10769c829f79139691820b9e82bf6927a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:37:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6469
x-xss-protection: 0

GET
H2 200 gameDistributionV1.3.min.js Show response
hb.improvedigital.com/pbw/ Frame BFCD 60 KB
19 KB 164ms
50ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2e198e9eba7efa5923e4a7d8e0f1e49c7c1d9f4c34b6ab305162111a9edf4ca7

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 09:47:55 GMT
etag: "1611049675"
x-hw: 1614541037.dop023.lo4.t,1614541037.cds260.lo4.hn,1614541037.cds012.lo4.c
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1385
accept-ranges: bytes
content-length: 19022

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:17 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E8BF 12 KB
5 KB 54ms
40ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://friv2.racing/watersplash.html
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://friv2.racing/watersplash.html

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 16:59:09 GMT
expires: Mon, 28 Feb 2022 16:59:09 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9488
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame A347 400 B
669 B 5ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: x/DJr50lesmE2PAtSCwOgH/hI9n4k/rl/wW+cHcNm2Ehp0sMJUx0DFJkqjpNKNvMSuqA+v5O3fBfVixLe70rJQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 23 Feb 2021 07:27:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 23 Feb 2022 07:27:59 GMT

GET
H2 200 1MXQrJh1ll2.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yI/l/en_US/ Frame A347 477 KB
123 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yI/l/en_US/1MXQrJh1ll2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e93e6af357e741aaa223028abdd5116a2c21b46a1f0c29b777eb78520d28185

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: SxGScEg0pe2newtl2FS9kDtSo4YBkrgdfUO3lag0iFA4QN9d+TwAg+f9E9xUXb16kY9H/Q5yTueJTXg7sGJwAA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uZiVWvtzyzDLzCYoGN3soQ==
date: Sat, 27 Feb 2021 05:43:35 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 125869
x-fb-rlafr: 0
expires: Sun, 27 Feb 2022 05:43:35 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A347 67 B
925 B 36ms
36ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1614541037021&t_start=1614541037021&t_domcontent=1614541037027&t_layout=1614541037083&t_onload=1614541037083&t_paint=1614541037083&t_creport=1614541037083&t_tti=1614541037027&lid=6934400949606582160-0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df386118b245dcf%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&layout=standard&locale=en_US&sdk=joey&share=true&show_faces=true&size=small&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: XkqRXbZ3a3Ub6BjhmO2RevjXxRSPyQOTxRygOQlLyEWKQogmqWrBysSntBWNd0HBZWDsoKs6XyS6vW0ApW6sKA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Sun, 28 Feb 2021 19:37:17 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame E8BF 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 02:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 60913
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 02:42:04 GMT

GET
H/1.1 200
OK prebid-idhb-v3.26e.min.js Show response
hb.improvedigital.com/pbw/prebid/ Frame BFCD 284 KB
88 KB 97ms
77ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v3.26e.min.js
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Protocol: HTTP/1.1
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: b1c9552ff946c8d6ed8b4a6879aed0d758c5c1bdffe3e284de7e3bb4c4e3b950

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 05 Nov 2020 08:29:15 GMT
ETag: "1604564955"
X-HW: 1614541037.dop031.lo4.t,1614541037.cds088.lo4.c
Content-Type: application/javascript
Cache-Control: public, max-age=57101
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 90098

GET
H2 200 opphb Show response
pub.headerlift.com/ Frame BFCD 388 B
543 B 46ms
24ms Fetch
application/json 2606:4700:e2::ac40:8b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=http%3A%2F%2Ffriv2.racing&game_id=2dbffa981d434e81931d327e5d7692e1&ad_position=gdbanner
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b028968b3cbfd5783188de8bbb7be163e659f3172f6c2563b45476e3e7601f4

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: *
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088bbe367800004ea41da9c000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CRwyelXBH%2FmaqMoCXjZix8QMtjg6A8H0Dl1RzWJrQWvh3Liniqu1sUPLaUvp8vxl2uua2Y92MkrTFoGTkiiedVXBOUh25McEfgLQspeVlI7wsajixWVECIrHHYY0nGA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 628c996a5e3e4ea4-FRA
access-control-allow-headers: *

GET
H2 200 opphb Show response
pub.headerlift.com/ Frame BFCD 393 B
1 KB 44ms
23ms Fetch
application/json 2606:4700:e2::ac40:8b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub.headerlift.com/opphb?page_url=http%3A%2F%2Ffriv2.racing&game_id=2dbffa981d434e81931d327e5d7692e1&ad_position=gdprerollbanner
Requested by: Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcbb3f47b0f8359d2961db6fbf193b1577edcbbcc0892cf39d537d51ee48241c

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: *
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 088bbe367800004ea40c187000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kH2XydC7xzc5up3Kv4UnD%2Bu5CIjXcoUgt63rhMYFlZ%2BrcyS088bZUbiUUzoZBz9McZznvLSsIEU1mul91Rby864Lk9rQ9OdyJqGPl0bokvbo5FqiP5PFFypRCh%2FaOi0%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 628c996a5e3f4ea4-FRA
access-control-allow-headers: *

GET
H/1.1 200
OK gpt.js Show response
www.googletagservices.com/tag/js/ Frame BFCD 56 KB
19 KB 20ms
15ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.improvedigital.com
URL: https://hb.improvedigital.com/pbw/gameDistributionV1.3.min.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b9d549796daf6c21ea30897f246ba70b887f3e8f91f3de71ec77169a890f3e22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 28 Feb 2021 19:37:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
ETag: "798 / 14 of 1000 / last-modified: 1614381521"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Timing-Allow-Origin: *
Content-Length: 19353
X-XSS-Protection: 0
Expires: Sun, 28 Feb 2021 19:37:17 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BFCD 326 KB
112 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114726
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:17 GMT

GET
H2 200 pubads_impl_2021022301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BFCD 290 KB
102 KB 109ms
39ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Requested by

Host: www.googletagservices.com
URL: http://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Feb 2021 09:41:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104129
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:17 GMT

GET
H/1.1 200
OK bridge3.444.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 272B 577 KB
189 KB 12ms
7ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.444.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 192862
Date: Sun, 28 Feb 2021 07:41:11 GMT
Expires: Mon, 28 Feb 2022 07:41:11 GMT
Last-Modified: Fri, 26 Feb 2021 01:03:43 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 42966

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BFCD 44 KB
17 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:17 GMT

GET
H2 200 event
ana.headerlift.com/ Frame BFCD 0
0 30ms
22ms Fetch 2606:4700:e2::ac40:8b11
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ana.headerlift.com/event?page_url=http%3A%2F%2Fneueaffenspiele.de%2Fspiele%2Fseite%2Fspielen-watersplash.html&game_id=2dbffa981d434e81931d327e5d7692e1&eventtype=7&ts=1614541037298
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8b11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
access-control-allow-methods: *
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 088bbe36fc00004ea4de0bb000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1k8mxl7tEXNcE9l42%2FHA38UeczOvp98dNjh42lwOp4gCBbiIkaPi4UTqE3ByEyVCGScm%2FsVy%2B7yIDQUFQwcPdHyae2dp9HV5930GMBXf%2BcBFUd7Te5FmjeyBgCDD84Y%3D"}],"max_age":604800,"group":"cf-nel"}
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 628c996b2f934ea4-FRA
access-control-allow-headers: *

GET
H2 200 collect Show response
msgrt.gamedistribution.com/ Frame BFCD 2 B
62 B 43ms
42ms Fetch
text/plain 35.190.9.86
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://msgrt.gamedistribution.com/collect?tp=com.gdsdk.view&ar=W3siZ21pZCI6IjJkYmZmYTk4MWQ0MzRlODE5MzFkMzI3ZTVkNzY5MmUxIiwidGRtbiI6ImZyaXYyLnJhY2luZyIsImRvbW4iOiJuZXVlYWZmZW5zcGllbGUuZGUiLCJyZnJyIjoiaHR0cDovL25ldWVhZmZlbnNwaWVsZS5kZS9zcGllbGUvc2VpdGUvc3BpZWxlbi13YXRlcnNwbGFzaC5odG1sIiwibHRociI6MjAsImN0cnkiOiJDWiIsImRwdGgiOjIsInZlcnMiOiIxLjguMTIiLCJ0cmFjIjpmYWxzZSwid2hsYiI6ZmFsc2UsInBsYXQiOiIiLCJ0cGN0IjoxLCJ0dGxlIjoiV2F0ZXJzcGxhc2giLCJzaXplIjoiODk2IHggNjQwIiwiYnJubSI6IkNocm9tZSIsImJybWoiOiI4MyIsIm9zbm0iOiJNYWMgT1MiLCJvc3ZyIjoiMTAuMTQuNSIsImJ5bGQiOmZhbHNlLCJpbWd1Ijp0cnVlLCJpZWd1IjpmYWxzZSwiaXRndSI6ZmFsc2UsImNtcGUiOmZhbHNlLCJob3N0IjoiaHRtbDUuZ2FtZWRpc3RyaWJ1dGlvbi5jb20ifV0%3D&ts=1614541037299
Requested by: Host: html5.api.gamedistribution.com
URL: https://html5.api.gamedistribution.com/main.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.9.86 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 86.9.190.35.bc.googleusercontent.com
Software: / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
via: 1.1 google
etag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by: Express
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
alt-svc: clear
content-length: 2

GET
H2

200

index.js Show response
pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/ Frame BFCD
Redirect Chain

https://tag.gitberry.com/v1/663
https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

38 KB
14 KB

161ms
47ms

Script
application/javascript

34.77.38.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.77.38.18 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

18.38.77.34.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

017fe7ca54be8e00f30e86e62bdd41e7373ecb064763bd25a29d065e4b363ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=JRM/rw==, md5=/T9xPUECaua6WYHPqydv8w==
date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3205
x-guploader-uploadid: ABg5-UxyrakCTu_mgTUIOod7g63aJP9zRrDvEYdQCqxSOq-miOs2WqK0fdoiICmItlVHT9a7jqevDGRdP2WzCFTCfy8oKtxrJg
x-goog-storage-class: STANDARD
x-goog-meta-surrogate-key: gcs
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 13410
last-modified: Tue, 16 Feb 2021 21:42:53 GMT
server: nginx/1.19.1
etag: "fd3f713d41026ae6ba5981cfab276ff3"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-goog-generation: 1613511773039124
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
x-goog-stored-content-length: 13410
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 28 Feb 2021 19:43:52 GMT

Redirect headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
x-dns-prefetch-control: off
vary: Accept
content-length: 92
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
date: Sun, 28 Feb 2021 19:37:17 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

GET
H2

200

index.js Show response
pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/ Frame BFCD
Redirect Chain

https://tag.gitberry.com/v1/9P3?sizes=320x50
https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

38 KB
14 KB

188ms
74ms

Script
application/javascript

34.77.38.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.77.38.18 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

18.38.77.34.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

017fe7ca54be8e00f30e86e62bdd41e7373ecb064763bd25a29d065e4b363ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-goog-hash: crc32c=JRM/rw==, md5=/T9xPUECaua6WYHPqydv8w==
date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 3205
x-guploader-uploadid: ABg5-UxyrakCTu_mgTUIOod7g63aJP9zRrDvEYdQCqxSOq-miOs2WqK0fdoiICmItlVHT9a7jqevDGRdP2WzCFTCfy8oKtxrJg
x-goog-storage-class: STANDARD
x-goog-meta-surrogate-key: gcs
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 13410
last-modified: Tue, 16 Feb 2021 21:42:53 GMT
server: nginx/1.19.1
etag: "fd3f713d41026ae6ba5981cfab276ff3"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
x-goog-generation: 1613511773039124
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
access-control-allow-credentials: true
x-goog-stored-content-length: 13410
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Sun, 28 Feb 2021 19:43:52 GMT

Redirect headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
access-control-allow-origin: *
x-dns-prefetch-control: off
vary: Accept
content-length: 92
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
date: Sun, 28 Feb 2021 19:37:17 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
location: https://pm.gitberry.com/@bygit/git-js/0.3.6/dist/default/iife/index.js

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 45ms
45ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210224&jk=1194536207480452&bg=!-Pul-7jNAAXB_3NtwTsAKQB2-DxahUGqzNtiaDQZixaEF9Qzgjr7WjjgymSO752-OJLqNhjxFLVKAgAAAHhSAAAAC2gBBwoBv79DcmpipwxgefNGGHUF66vZJyTaUD_DP6Z9JjlLQkwLfJfIwLZUR67h9hCUe9wClWLcTASeIHVSj4kHedKYKDobhM90LOIsPgRIl3MeWBm1woIzUuHHbyVeCJ_G1kstz9vg04502OkY5tu4lWZv0h7CbJC5j8zR8UGrmRR-OCn4AX78y1KUw0UoEzhacLHpqN-caPLJSYEka-qm0dEVno-9p_gk6RN8r1lVu-nEH5gu84HgvaHI3mNaXReL0ect2LuJStrudAuoDz--FVHv_fFFo7YWgmr7hx4HlBZfb_dR71PgZE3OVutL_CMhVlaQNa9rz2OjKsu50QtMp7u2ktz4obnKJ00zFImQ-0-_zF6bGAd8CXQISGesG6fanwVBSExyx9Bpk5OS2AK9eshw-fszhbnJaomXhhTgpzwy2wPm8hz1JBK5PfT0uygGLEofUarOdeNJZrvSE87TuQVTxMS_QSKG6grvv2yzgKm5lEnlqteOvFlhNvlz6puBcBvSW0Z3zluIMfM_7TgRCGF02GN2OGJuON0j3_K9AO81B2TEToiIVMh14m9j6TN9wZBhaOwMDLcgkOlQJrlzEQIy1ZkB0qNW-2jFqpr-JDzWFIhSlY9OccBGMS66J3bglPSC5xiWV5vT37ik2zZHp6gp-_5JtroTQLBAh1FLGRj8iQgRznt_tGM-GwwIqejLrPSuGBAc5C8UZeefqWAFfaObtEieKKBFvG4U-FCBU-xsHgKU7FkkgLW3E5tgodKVswYHEkIHw-PQW50ATKB9ZE852NPcTT_kI_CJQJXOL8TWGwxWF8kpLdMSdV-znL9qMQMYegQi5nGEGdL7vPjTapGhrKyGexCNhgo5Xf61HWb8cKYOyrf0_8irj5RqmzF-dLDxKhq-AZmpe-ZgruAP1NFT9dn0CsUYeKpIBogwJrfA2THFMrYhUfkpsfnPjyNYiH3zz058Vz2JVxI3DouAiBBRK2QaG37WQhDz9Bbcr2G2eRXhi5UIsjJRYT-4PPXh1btOhLD_Nzk1US6J7Y4YWxSi2TX61AjUxZYWPZH6JkTZPVQx8X4NKrAiDPfmcLzXUq5NExlPne3Dn3kU_Zes4YcemQZWheC75HY8M7aMUQN8QcVzg3PeFVJSWn_iErrtMpD-4q6D8EQxH8zkbHxeNW0WCd2XncSkL4WycGpHEIitYi_AaIKdffvP7O177AnWdcHYay4aZE8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://friv2.racing/watersplash.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 19:37:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 212F 36 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:33:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Sun, 28 Feb 2021 20:33:49 GMT

GET
H2 200 PrqSzrsg8jo.css
www.facebook.com/rsrc.php/v3/yw/l/0,cross/ Frame 7922 1 KB
821 B 8ms
6ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yw/l/0,cross/PrqSzrsg8jo.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

589286fde85f117d997a3b9e25a1d74a418ede69fb3a3f0ed7ae5e558fc10940

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: MUxaR2+a6MFACHBHUsbo+fxRX4EBGofrHSpdwbKNaEr3qTbcHLuGidfjCVyirNpGhFVDo+9/bRnDu2mmXTna/g==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: LwKb4EkLfgMQn4WJJxYrxA==
date: Sat, 27 Feb 2021 18:26:36 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 590
x-fb-rlafr: 0
expires: Sun, 27 Feb 2022 18:26:36 GMT

GET
H2 200 VTJYRtrmH5i.css
www.facebook.com/rsrc.php/v3/yH/l/0,cross/ Frame 7922 128 KB
21 KB 8ms
7ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/VTJYRtrmH5i.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf2d84c750ef589941c8e9068372d5bb9c48b4bedfe697c1b98141dabc071617

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: +pGfc+6ObmjXw9xdI4gQZAEG8d2DyUaszKlGGFBusCoIbZz7ldb877qWThrODmq+Z2RAl+BUpRQAwHx+VLAjNw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: tP5af8l6vshFOOUkHDpBmQ==
date: Fri, 26 Feb 2021 21:14:09 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20975
x-fb-rlafr: 0
expires: Sat, 26 Feb 2022 21:14:09 GMT

GET
H2 200 AEVAIgi-7Lp.js Show response
www.facebook.com/rsrc.php/v3/yz/r/ Frame 7922 267 KB
71 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yz/r/AEVAIgi-7Lp.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8fcb4a09197cb85220605881b380632c624d00f4be04014bec24d27dfaefce9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: EKlBhN7X9FCqvVJqyuScsxlWGCZE4NPbBemGpHUUCVzbfAyE/uz6+5lcvYDX5MjZF5FJtzk9MS5bJu8rVv1SQg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 2jKoCZNPXMFAcjwcE3mv3Q==
date: Fri, 26 Feb 2021 05:23:43 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 72165
x-fb-rlafr: 0
expires: Sat, 26 Feb 2022 05:23:43 GMT

GET
H2 200 56VjjiHvCEs.js Show response
www.facebook.com/rsrc.php/v3i7M54/yM/l/en_US/ Frame 7922 162 KB
45 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3i7M54/yM/l/en_US/56VjjiHvCEs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c70de9c26ae06f3b1389e4e34f3120876352f9637c527ec62afdad94b883faff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: n6f/qq6MtcjrCLMPbWQsUFp2Gzcz6O+GGy2ZBOdcwGZLLSBDFm8KKxYNASCHHMVisIzVagPvlS9oRfQ+uuVtjA==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: aUIeqphfLOLhZ4NPSH0SXA==
date: Sat, 27 Feb 2021 05:45:32 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45756
x-fb-rlafr: 0
expires: Sun, 27 Feb 2022 05:45:32 GMT

GET
H2 200 weQ5ESfTKb8.js Show response
www.facebook.com/rsrc.php/v3iAQZ4/yE/l/en_US/ Frame 7922 1 MB
348 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iAQZ4/yE/l/en_US/weQ5ESfTKb8.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc02605c690f67361f6c16eb226083ce29e24b03135111d4fe0b7099e5f087af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: LydkCp4JTfrD/GLELO2bhH+A8EbjomsDrh/hbAJ+rZvAXmPU3zfjKgganP4seqRw/9eZJ1TL4JC+FzFzv8W9yw==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: b8rP9XfclwrKf9g3ApOh8g==
date: Fri, 26 Feb 2021 21:13:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 355995
x-fb-rlafr: 0
expires: Sat, 26 Feb 2022 21:13:31 GMT

GET
H2 200 5VR2dH_XHWT.js Show response
www.facebook.com/rsrc.php/v3/yN/r/ Frame 7922 26 KB
8 KB 12ms
11ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/yN/r/5VR2dH_XHWT.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3bd64028a852a8e241b42780a7e47853b89f9d3e6b26a9cb765472dd618f3152

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: Qzl8ODKuY9/+IudYMNbfY9VirZBxXbJxdz5X49YJdM77rNVo83ze2m6BgdSwmRSRV5mATuyukEZTj4RA575hDQ==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: KGnC4WKDmGEmi5eIigLTgQ==
date: Thu, 25 Feb 2021 21:22:11 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8294
x-fb-rlafr: 0
expires: Fri, 25 Feb 2022 21:22:11 GMT

GET
H2 200 iiBYh0U41Lp.png
www.facebook.com/rsrc.php/v3/y6/r/ Frame 7922 244 KB
244 KB 6ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y6/r/iiBYh0U41Lp.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/VTJYRtrmH5i.css?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6e065a9ee0fcce60fbc66c5d3316465c20e272296294fd017e2b47db7648a359

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/rsrc.php/v3/yH/l/0,cross/VTJYRtrmH5i.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: msAV7xP/aIsxOE5LkJh6GguNmehx2xU6j6Drrz4oHMBZUp134TvTcy3dz+Csizn1pZOCZ6vYh0Tttbu17oDi9A==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 75bpgmDdTOExdPb1eeWg+w==
date: Thu, 25 Feb 2021 02:40:49 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 249456
x-fb-rlafr: 0
expires: Fri, 25 Feb 2022 02:40:49 GMT

GET
H2 200 7KRk7D4E5Om.js Show response
www.facebook.com/rsrc.php/v3iPwL4/yT/l/en_US/ Frame 7922 28 KB
9 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iPwL4/yT/l/en_US/7KRk7D4E5Om.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/rsrc.php/v3/yz/r/AEVAIgi-7Lp.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e2453e8b4b7b85d1515b2be69da90701b12e8d8e63c21c70fc670a993f6f01d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/feedback.php?app_id=192074324531989&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfaf552a704d9ac%26domain%3Dfriv2.racing%26origin%3Dhttp%253A%252F%252Ffriv2.racing%252Ff1c547844b585b4%26relation%3Dparent.parent&container_width=912&height=100&href=http%3A%2F%2Ffriv2.racing%2Fwatersplash.html&locale=en_US&numposts=5&sdk=joey&version=v2.8&width=912
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: 0rw7XSa76zCPTUXd0ou1cMWF4yOfbwjHffFcM9DbyXfTb37ZIla6s9f2e+kRvVlegkWhLiCPP/9l6gmVIlSy1g==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: PU+OnDcv9HPS1rjDlc0QDw==
date: Thu, 25 Feb 2021 02:02:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8511
x-fb-rlafr: 0
expires: Fri, 25 Feb 2022 02:02:04 GMT

GET
H2 200 atom Show response
tag.gitberry.com/v1/663/ Frame BFCD 368 B
903 B 143ms
50ms Fetch
application/json 34.77.38.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.gitberry.com/v1/663/atom?env=DMN&uhost=friv2.racing

Requested by

Host: tag.gitberry.com
URL: https://tag.gitberry.com/v1/663

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.77.38.18 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

18.38.77.34.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

23bc56befc97555e6ff645eb1e002922b866d976f8319a1cf150069a089ae336

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"170-87gzNxGKP8kMbtjftNA+9ae+RZo"
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests

GET
H2 200 atom Show response
tag.gitberry.com/v1/9P3/ Frame BFCD 214 B
799 B 140ms
51ms Fetch
application/json 34.77.38.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.gitberry.com/v1/9P3/atom?sizes=320x50&env=DMN&uhost=friv2.racing

Requested by

Host: tag.gitberry.com
URL: https://tag.gitberry.com/v1/9P3?sizes=320x50

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.77.38.18 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

18.38.77.34.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

80f848524d3f86291c4ce053cc364cf0205c6a8d161d6cf81514357b60ff91f1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
date: Sun, 28 Feb 2021 19:37:17 GMT
content-length: 214
x-xss-protection: 0
referrer-policy: no-referrer
server: nginx/1.19.1
x-frame-options: SAMEORIGIN
etag: W/"d6-KeL+N0CWczicSFvTkFyjCpCzO34"
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: *

GET
H3-Q050 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BFCD 56 KB
19 KB 101ms
59ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tag.gitberry.com
URL: https://tag.gitberry.com/v1/663

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

20c771a4793b93d213c329603c5530ec4155a4b02281165f27ef104bbb7d3a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "798 / 23 of 1000 / last-modified: 1614381521"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19354
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:17 GMT

GET
H3-Q050 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ Frame BFCD 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:20:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1034
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6355
x-xss-protection: 0
server: cafe
etag: 18225610270060991024
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 28 Feb 2021 20:20:03 GMT

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame BFCD 107 B
777 B 42ms
29ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=html5.gamedistribution.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame BFCD 107 B
531 B 42ms
29ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=html5.gamedistribution.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame BFCD 344 B
800 B 172ms
172ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1889436967219194&correlator=4041894757185126&output=ldjh&impl=fifs&eid=21068753%2C31060010&vrg=2021022301&ptt=17&sc=0&sfv=1-0-37&ecs=20210228&iu_parts=22110840991%2CDMN%2CAZRN%2C5LQ%2C663&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=120x240%7C120x600%7C160x600%7C180x150%7C200x200&prev_scp=fp%3D75&eri=1&cdm=html5.gamedistribution.com&bc=23&abxe=1&lmt=1614541037&dt=1614541037983&dlt=1614541036664&idt=704&frm=8&biw=-12245933&bih=-12245933&isw=900&ish=655&oid=3&adxs=0&adys=208&adks=786039063&ucis=j4g77pjn8izs&ifi=1&ifk=1504645708&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=http%3A%2F%2Fhtml5.gamedistribution.com%2F2dbffa981d434e81931d327e5d7692e1%2F&ref=http%3A%2F%2Fneueaffenspiele.de%2Fspiele%2Fseite%2Fspielen-watersplash.html&top=http%3A%2F%2Fneueaffenspiele.de%2Fspiele%2Fseite%2Fspielen-watersplash.html&vis=1&scr_x=-12245933&scr_y=-12245933&psz=120x-1&msz=120x-1&ga_vid=641830091.1614541037&ga_sid=1614541038&ga_hid=891311509&fws=772&ohw=900

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

7948b1d14f5ed1a9f81d015fb5956967e96a1d950d7b8ee67c1927ae2f83591e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: http://html5.gamedistribution.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2295a6b9cff70a5b873f216a47338a5f.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame BFCD 0
0 74ms
39ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2295a6b9cff70a5b873f216a47338a5f.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame BFCD 0
0 6ms
6ms Other
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 err
tag.gitberry.com/v1/663/dsp/ Frame BFCD 0
0 48ms
48ms Fetch 34.77.38.18
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.gitberry.com/v1/663/dsp/err?env=dmn&pid=AZRN&hid=5LQ&typ=display&uhost=friv2.racing&ntw=adx&fp=75&ts=1614541038164&ctr=1

Requested by

Host: tag.gitberry.com
URL: https://tag.gitberry.com/v1/663

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.77.38.18 Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

18.38.77.34.bc.googleusercontent.com

Software

nginx/1.19.1 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy: no-referrer
server: nginx/1.19.1
date: Sun, 28 Feb 2021 19:37:18 GMT
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
x-download-options: noopen
access-control-allow-origin: *
x-xss-protection: 0
x-permitted-cross-domain-policies: none
strict-transport-security: max-age=15724800; includeSubDomains
x-dns-prefetch-control: off
content-length: 0
x-content-type-options: nosniff

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BFCD 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4affa0ed71de307b09a9aa2e4337da6201cb59c92d4d4d9877fafbd80873e3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 28 Feb 2021 19:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6559
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BFCD 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021022301.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 19:37:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Sun, 28 Feb 2021 19:37:18 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 13DE 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Sun, 28 Feb 2021 16:59:09 GMT
expires: Mon, 28 Feb 2022 16:59:09 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 9489
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js Show response
pagead2.googlesyndication.com/bg/ Frame 13DE 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5F6tG6N9C-HNFBmbPVEyNyk6q7IXWibXNpfQ51AyKrE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 02:42:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 11:15:00 GMT
server: sffe
age: 60914
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6224
x-xss-protection: 0
expires: Mon, 28 Feb 2022 02:42:04 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BFCD 0
46 B 40ms
39ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021022301&jk=1889436967219194&bg=!CAulC0jNAAXB_3NtwTsAKQB2-Dxa1yAI9O2qtuLeyD_XtCF8k-VFXly78JLXWpjsqlCfEO2VzeYBAgAAAFtSAAAACWgBBwoAgBdhkr0SaBoKf73tiEqewS6z05ev_NLQF0bkCPf2P7KUnylRtJuoQqEhxws21hafmUw7x8kYK0fAYJmSyGEP3XP2aN_kVUaqks9pfTExGxU9AGX9ZJ-CFH5fRuuF0RMQexmZyN-Z4ULKy2X4ks0154VaY-Q5bbEYDzYPqubkHwXMmQISKfn6utAf6o-dNb4l-Ehnu2Pc-TzmsmAxY0VFqKnQdX_zYidnoCSWfcB-bGYpS7ht6SNh_Kbq8YiHDyT5fbebVywZO-RhxgkCdU3TFtPqZOBrVUS-QWe2O3K3AQ-DbXnuBKaL2CCY_1fIPL3eeq0Szlxa8jfyRD_14Fw5stq9MO04aKJ-rofck214mE-SOLBXs-yOl7rwjS8wJ0tWmfyAnVPBrUU5Kelc9be3pPINviMQa7UBfInPqqzYDQMF_ZalJz0D7t9I-yxSEjv9c3NBM9Zm1MaPV60tEj5lX-kZOQTwZAOgwdWomP_lHKaoVrf3BbbhagaYBPI6t0daDXTbq5qXqXGhyZmUNmb2h7WgL09nc6lI9p3BaJNVJ92NwPQ5NmqtVcnOQWdAqpDtm8lg2HEydH6XTq49tQzZ-BS_Q7cByHTSpiX88IplVhyUvhI0-7Ps98gy025uGmS_oMvuIB8Xtj4lz7gM9ExEwepoaVxxWgOysCYu0U9oc4rBEqm4mHl8VNiV5muw_9zyPzzSm1vVd1vINOaD4NfB0i8IR_6l2cjObue49eWtTA8kJT1O1bxZGArehAajwB8-VFQIF0D2G6YiAGX_WQjECvL9dK0ts-IiqfYD4cyeVA0DgCl5Pij3DyCRZ03_DjBZAo_U36FXJjjx6tanzJtgm52e5vARjZmh7nNooYMDygeuJmfn5yc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://html5.gamedistribution.com/2dbffa981d434e81931d327e5d7692e1/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Feb 2021 19:37:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.friv2.racing/	1970-01-19 16:30:27	Name: _gid Value: GA1.2.85477549.1614541036
.friv2.racing/	1970-01-20 01:50:37	Name: __gads Value: ID=99da2e613d55219c-222f83bf9eba0061:T=1614541036:RT=1614541036:S=ALNI_MZ-T9aEZ3ufsr2ih4dQKcOB27cBpg
.friv2.racing/	1970-01-19 16:29:01	Name: _gat_gtag_UA_97003001_1 Value: 1
.friv2.racing/	1970-01-20 10:00:13	Name: _ga Value: GA1.2.882713518.1614541036
.doubleclick.net/	1970-01-19 16:29:01	Name: test_cookie Value: CheckForPermission
.friv2.racing/	1970-01-19 17:12:13	Name: __cfduid Value: ddafb867c6c1509d7bd5c2b7e3655bee91614541035

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://html5.api.gamedistribution.com/main.min.js(Line 8) Message: %c %c %c GameDistribution.com HTML5 SDK \| Version: 1.8.12 %c %c %c background: #9854d8 background: #6c2ca7 color: #fff; background: #450f78; background: #6c2ca7 background: #9854d8 background: #ffffff
console-api	warning	URL: http://hb.improvedigital.com/pbw/prebid/prebid-idhb-v3.26e.min.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2295a6b9cff70a5b873f216a47338a5f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
ana.headerlift.com
cdn.gamedock.io
connect.facebook.net
counter.yadro.ru
friv2.racing
game.api.gamedistribution.com
googleads.g.doubleclick.net
hb.improvedigital.com
html5.api.gamedistribution.com
html5.gamedistribution.com
imasdk.googleapis.com
img.gamedistribution.com
msgrt.gamedistribution.com
neueaffenspiele.de
pagead2.googlesyndication.com
partner.googleadservices.com
pm.gitberry.com
pub.headerlift.com
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tag.gitberry.com
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
142.250.186.34
172.217.18.98
205.185.216.42
2606:4700:3036::ac43:9ece
2606:4700:e2::ac40:8b11
2a00:1450:4001:800::2001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2006
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:400c:c0c::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
34.77.38.18
35.190.9.86
78.109.31.4
88.212.201.204
0094d364a30b9e1b13b40d7955c72a55732fc9db8f6bb4fd8e71a1c67db6f726
017fe7ca54be8e00f30e86e62bdd41e7373ecb064763bd25a29d065e4b363ad5
03449ecbbdb76ecc662e2ad64ea3d61da16722c7f1bb3c0fcc87e52db7eba42f
04b7fef7ae8db477e14056c72bafece963d0a73d33de81dcff77edf206b74367
07d3c359ee4dfb9e415e8394c3c0052168e17ac610ed1d5dfc7a633dd85a78ce
07ddc6ea67a3f93849ecfdcb3573756a2bb16866dfa51307dcbf0393af5334d6
07e6986ed80c3d22efad485f7d6842b5c122a6e37f6985e9fbf30bdb0de1b179
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
161d9a328b315e73855df7fdf032222b5350ca968ababd7a0be6b1d169eafc6e
1c15fe90253b1ad978b50ebec77197f4486195aeababdf27aab2f90a3ed65f23
1e0bcb4228595caf145bfaf82525e49e3690aa1789fdc00e9314974d7d542893
20c771a4793b93d213c329603c5530ec4155a4b02281165f27ef104bbb7d3a54
236930e77fe7184145689dd2a47813c8d92fb937bc164165b0b700b38d93269f
23bc56befc97555e6ff645eb1e002922b866d976f8319a1cf150069a089ae336
2467a9fefa378b8d57d62d9108794bcd476de6ce2cc1ba42ea85200fd73960b3
25bfbfcb5ced74665cf429cf318730204a1570e335984220dc0040000a9fb52e
25c52eaeb1ee243ae4f8e8fa4a93589d1d4c95eb79a7f932c481955f842e4816
27bbce805c2c61aab7e90d5a59180cda702e1b002bd739abdbe56aa9473aeb71
2a176a0442b25e0a0bf4687552431aa639c95088c510f4bd012c0b6065237c9b
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2c40ec126d888d5c0de1ad8102cb71b4e542abf7d22d7f5f088d18346525fef7
2e198e9eba7efa5923e4a7d8e0f1e49c7c1d9f4c34b6ab305162111a9edf4ca7
2e2f3843c4e6e8239cc209544ece9f653a6af137c16654ace78b2b08c6a00b92
2ee12e1783fedb202f02a98f453339744a0085bcd35d23086f8922c1cf6af9e5
35f420911e15e0dcade2d82029717124f6f8263456f3d2686576c5cb364c7d69
3a478cc89688c6d5bc04418bbfd3da092d2df5c78ad9b6663975cceb83832e61
3bd64028a852a8e241b42780a7e47853b89f9d3e6b26a9cb765472dd618f3152
3d55abaea0eb323966b9f0c88f81c91c433efb5bf45bf6390e8cad729ea0a38c
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4affa0ed71de307b09a9aa2e4337da6201cb59c92d4d4d9877fafbd80873e3fa
4b1eb38a862302925a2a98b52a8d6fea1b6ea70bad8d33c628d5305fd317dbfd
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
589286fde85f117d997a3b9e25a1d74a418ede69fb3a3f0ed7ae5e558fc10940
58efdef30c1040f9bab6f3ffeb7c866c3619672fb65b354620975705b929e0ef
5f0c38fe39a7fe136253e100401d4ca90bf8342a4da2b51ef70ea9bf82105929
5f2037587006a27e070a700b82accd3642a9a91c026d2e29b07c05ed58612d67
6046c23b85986b7cf6d8a28b653bb0b0a73bab416795df69f476e14d1271a1db
61f284b7269b653c7526095312dd9c4e3cd5fff99ecaf932467d25efd0736495
63456a217edb6d57c61411b3f3b3be365f6f5604bc7109f6d97b457f96cd752e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e065a9ee0fcce60fbc66c5d3316465c20e272296294fd017e2b47db7648a359
6e93e6af357e741aaa223028abdd5116a2c21b46a1f0c29b777eb78520d28185
6eaaa83a6f929a29d7ff5cf7a342a758629a95e4afe9eab69689b6e8120b745d
71162257e2a26d7af604a8a596f328f5ccc7e5a13f609222e71c0fbc47b35479
71db09e8de7818c7eacc2b908d531a613dbbfb019139772317dfa7c2742be717
78d5cef34a0cd3077a73228baf175887c15c96c745b4f5dde5031a603622553a
7948b1d14f5ed1a9f81d015fb5956967e96a1d950d7b8ee67c1927ae2f83591e
7b1bf5abc558b252d429f468d72513a9410a38c09b5e3932a04f8eac7b435599
80f848524d3f86291c4ce053cc364cf0205c6a8d161d6cf81514357b60ff91f1
81b5e64d06199c8671e23976b0cf8a1f3686e8eb3ea60513acf75aad9f4d930b
81c5343a303ed649d77a83277087dd0b581e82c4bd1e2220d3f4f140c0890c55
82a9f6210ee2b1386af90d3094f9f9e1117ce59105fa93a974bfd2b836ece4e9
870b2aa31c41ba833e28e8e1eb5d6e4ed828cadf9d40a40a6ebf343a0abdc4b0
8c50cb5becee5ed64a8851522dd913bd6aacc34aefff260ecbfe0e2d70252ba5
8fcb4a09197cb85220605881b380632c624d00f4be04014bec24d27dfaefce9b
946d9a7a03fb3be233ea45625f62ecc13c46743c63f0b2d0b8588e4ec1436d13
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b028968b3cbfd5783188de8bbb7be163e659f3172f6c2563b45476e3e7601f4
9d3ebd69106d4518c7a484fea9c9bbb42b529fa7b8d4614f1099549872e5ae2d
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a1538e3b9cb885329d7ec37ef73e34053f4b55174a738028bd62a83e25d48c9d
a221343db26c43bb8ec3b2dda04ec6017ba57321fb34076aeb0e276feebe8e54
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9729adee6c450f1ede7ed04e4c666f2912dd5cf0a53c1c72fd63332148c5e72
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ab690010396c5fb95295eb11225539a9949eaa64c1dcb1d84f35ce2091016ad0
ac97d0ae8fcc0705ea3abc77b99731dc7e9fe3d06a507d61d8c39d681fea1fe7
ae07b44365d1b861f5b0c93eb844b2a7533198aa62f16e2db1d62fdc848c08cd
b11eb80e5a3fc8f6dd211eb23e961ad970132ed2d64ade7c9193b4045b3ab367
b1b7c0bc7f6953d9a85719f68a6cc410bae7859d4e90696d7bc0586d5f014575
b1c9552ff946c8d6ed8b4a6879aed0d758c5c1bdffe3e284de7e3bb4c4e3b950
b2d9ad47ae0a4a30ad353f615bac58b9bdba56c15cf4d6cc91809f1cae4ff6fb
b2eecfbe5700cb0eae79a1a8cc4e4061c9a0547fb50c70fa7c3205593458d532
b9d549796daf6c21ea30897f246ba70b887f3e8f91f3de71ec77169a890f3e22
bb1e3682d6be4b09f09ed6cdcd8d25db1e307e31f950c8b4a701b3e98e23596d
bc02605c690f67361f6c16eb226083ce29e24b03135111d4fe0b7099e5f087af
bea44783ce24f6df8ba9bf53fd8c77c7ce430e9564050582fa28e91ba35cbb5f
bf2d84c750ef589941c8e9068372d5bb9c48b4bedfe697c1b98141dabc071617
c5db810c07cca5033e2aebcdb9324038385e8062a8db33b08620ddd30243add7
c70de9c26ae06f3b1389e4e34f3120876352f9637c527ec62afdad94b883faff
cbefe8ce76607d03cd27a9f90461434c8e3fc7cdd398e4453a48d79b326f1045
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2fe503c3f3caed128e7db62f97a28502a8095517651eedeb9781d05657fa9d8
d5e1d840aa8399f7a9f1d8b04a62b10769c829f79139691820b9e82bf6927a64
d75772656779063b7a018f92d9b4a197f09c44a0fd3d6db483c14fdfc9aa5912
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2453e8b4b7b85d1515b2be69da90701b12e8d8e63c21c70fc670a993f6f01d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45ead1ba37d0be1cd14199b3d513237293aabb2175a26d73697d0e750322ab1
e516f04f833588d72748ac11cfd04f0864024b5ece8f824aaf2031930a039dc9
ea5cbb7f2e0dee545f0f790c02bcd2a26125e668e1fe12f538100ec9dc249cb8
eb24254cefa6df28eaffba291b38527ad8f55decbf9b3b4cd2f55b3509586ef5
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
edd5fb1c68debb0fca754942203a36149cb5cb337fcfac23652a2597e4a4e286
f634b91be542081897250daa08ff62f5bdbd0d114a3485efe020d2c07f21fdc5
f8d610dd5a39ef5078ba51efa82a08c566cd698e54d97e4f604caaaa0900f539
fa6de724b65acaaee077c75c7347a11805bed57b2277e009ce525f185bbb4332
fc6dc1cc4fd8cd38abf3b3682bff4a8ac8242074fc6054cf7f2fed4fc6b6a70b
fcbb3f47b0f8359d2961db6fbf193b1577edcbbcc0892cf39d537d51ee48241c
fe0c1f51640cd0b18db7d093354115802da5f8243bf9b82c80c196a20edd5662

friv2.racing Open in urlscan Pro 2606:4700:3036::ac43:9ece Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

114 Requests

61 %HTTPS

71 %IPv6

20 Domains

30 Subdomains

25 IPs

5 Countries

2634 kBTransfer

6888 kBSize

6 Cookies

2 Outgoing links

Redirected requests

114 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

friv2.racing Open in urlscan Pro
2606:4700:3036::ac43:9ece Public Scan

Screenshot
Live screenshot

Full Image

114
Requests

61 %
HTTPS

71 %
IPv6

20
Domains

30
Subdomains

25
IPs

5
Countries

2634 kB
Transfer

6888 kB
Size

6
Cookies

114 HTTP transactions
1 data transactions