urlscan.io logo urlscan.io
SecurityTrails logo

coronar.io Open in urlscan Pro
2606:4700:3032::6815:6bd  Public Scan

Go To Rescan Add Verdict Report
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Submission: On April 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 15 domains to perform 47 HTTP transactions. The main IP is 2606:4700:3032::6815:6bd, located in United States and belongs to CLOUDFLARENET, US. The main domain is coronar.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 3rd 2020. Valid for: a year.
This is the only time coronar.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    2606:4700:3032::6815:6bd (United States)

ASN13335 (CLOUDFLARENET, US)
coronar.io
2    2606:4700:20::681a:f6b (United States)

ASN13335 (CLOUDFLARENET, US)
api.adinplay.com
2    51.81.57.71 (United States)

ASN16276 (OVH, FR)
PTR: ns1000995.ip-51-81-57.us
n.gameads.io
4    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    23.235.251.211 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2606:4700:20::681a:688 (United States)

ASN13335 (CLOUDFLARENET, US)
ncdn.gameads.io
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.dk
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1521b1d67a773468d3a6a991a75e5266.safeframe.googlesyndication.com
7    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
5    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Domain Requested by
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
coronar.io
cdn.ampproject.org
tpc.googlesyndication.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 mc.yandex.com 2 redirects coronar.io
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 ib.adnxs.com 1 redirects api.adinplay.com
acdn.adnxs.com
4 securepubads.g.doubleclick.net api.adinplay.com
securepubads.g.doubleclick.net
coronar.io
4 coronar.io coronar.io
2 fonts.gstatic.com fonts.googleapis.com
2 mc.yandex.ru 1 redirects coronar.io
2 n.gameads.io coronar.io
2 api.adinplay.com coronar.io
api.adinplay.com
1 googleads.g.doubleclick.net
1 www.google.com 1 redirects
1 fonts.googleapis.com securepubads.g.doubleclick.net
1 acdn.adnxs.com api.adinplay.com
1 1521b1d67a773468d3a6a991a75e5266.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.dk securepubads.g.doubleclick.net
1 ncdn.gameads.io coronar.io
1 server.cpmstar.com api.adinplay.com
1 imasdk.googleapis.com api.adinplay.com
1 cdn.jsdelivr.net api.adinplay.com
47 22

This site contains links to these domains. Also see Links.

Domain
n.gameads.io
kevin.games
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-03 -
2021-08-03		 a year crt.sh
adinplay.com
Cloudflare Inc ECC CA-3		 2020-08-22 -
2021-08-22		 a year crt.sh
n.gameads.io
R3		 2021-02-25 -
2021-05-26		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-25 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
server.cpmstar.com
Go Daddy Secure Certificate Authority - G2		 2020-06-30 -
2022-09-18		 2 years crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
*.google.dk
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-03-11 -
2022-02-07		 a year crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-16 -
2021-06-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Frame ID: CE137464EDF05608ECAF348DF6DD45D4
Requests: 27 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 70E025D1C36D7B908AFB8957FD0015C6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: BFEF78F7C6A431C615B3B6810D9990A2
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8F57EFDE4D3BA88DDBD233A403E65B44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

47
Requests

100 %
HTTPS

77 %
IPv6

15
Domains

22
Subdomains

22
IPs

4
Countries

834 kB
Transfer

2516 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9237.QBBVuF2ozRpeLuUTafFDfSpN4wP2q20ydiousPYmuid_-Zqg8ymJPSNkVp8C6GXr.3bY7iPZum1T3GHRv1Fenj3CY7WU%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9237.5kT4bi03GDEbxO3EkyiUz1p1AOOlvUcDm99A8Jq8FbenDdpDOtakU0y0Vi9K9wMQfWtUGUOQ3FR437jmmetIRg%2C%2C.p7vk9wxt4trBslMJBKJyjQOV20g%2C
Request Chain 22
  • https://mc.yandex.com/watch/61924642?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A336%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A10923894541%3Ahid%3A288194197%3Az%3A120%3Ai%3A20210408073353%3Aet%3A1617860034%3Ac%3A1%3Arn%3A442652054%3Au%3A1617860034815969400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617860033263%3Ads%3A9%2C15%2C67%2C1%2C0%2C0%2C%2C236%2C0%2C%2C%2C%2C332%3Adsn%3A9%2C15%2C68%2C1%2C0%2C0%2C%2C238%2C0%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617860034%3At%3ACoronar.io%20play%20online HTTP 302
  • https://mc.yandex.com/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A336%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A10923894541%3Ahid%3A288194197%3Az%3A120%3Ai%3A20210408073353%3Aet%3A1617860034%3Ac%3A1%3Arn%3A442652054%3Au%3A1617860034815969400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617860033263%3Ads%3A9%2C15%2C67%2C1%2C0%2C0%2C%2C236%2C0%2C%2C%2C%2C332%3Adsn%3A9%2C15%2C68%2C1%2C0%2C0%2C%2C238%2C0%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617860034%3At%3ACoronar.io%20play%20online
Request Chain 24
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 39
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
coronar.io/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.4.16
Resource Hash
a7724ef3e3b776b4b317b5ed5032edcedbe6d4b704e46ad4839d972d5d1460a2

Request headers

:method
GET
:authority
coronar.io
:scheme
https
:path
/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-type
text/html
set-cookie
__cfduid=d0a8fb921b641ed04cb63a75d42208b6a1617860033; expires=Sat, 08-May-21 05:33:53 GMT; path=/; domain=.coronar.io; HttpOnly; SameSite=Lax; Secure
vary
Accept-Encoding
x-powered-by
PHP/5.4.16
cf-cache-status
DYNAMIC
cf-request-id
095192130a00004e4fc2842000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=EqBpZV9029FvJga0mDmRGn4XZjdOdpP7v%2FV23skzjiYN97PMAE4H291iF1pBZtVXp9G%2FVCmhAj8vHtLlAewW98K34rTBTaAiMKzg37V8zNWWd6kwXBPE"}],"max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
63c91f980bdf4e4f-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
index.css
coronar.io/css/ 		2 KB
858 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://coronar.io/css/index.css?v7
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871d8f0f85182c994a468466dfc82c6a722632bd835031a77d51913e407619d9

Request headers

Referer
https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 23 Sep 2020 13:20:55 GMT
server
cloudflare
etag
W/"5f6b4bb7-6ec"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D7z%2FTvmuIBRIxV9iJKAB1CAf1tLZJaFtMBFMa9YSFiCeLhBuFLaahnKuAqtd17vc5AQ9A0fmCI0QKCxqxw9u0CZp7fXTD29X5NcctdNZyMg9mB7RmSpa"}],"max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
63c91f988c5d4e4f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
095192135300004e4fb32c7000000001
tag.min.js
api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/ 		355 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
274d8af1a5af8aa7d8f36fe1e861c3d717675f1f6991005438054bd3eff1be17

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 15 Oct 2020 15:38:39 GMT
server
cloudflare
age
477231
etag
W/"58d97-5b1b77125fdc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rU9KE%2FKKROGrnlzR7FqZabRYg6HnGVnvaJGfRkOmRBZJmETusLjLMvmuMUEQV845FsnO7y5f%2BTXXEIL4leyewxOrvUId9R4dB5wp0tCMMU2rt%2BgFE8GBfJuNxYt%2F"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"max_age":604800,"report_to":"cf-nel"}
cf-ray
63c91f98bcdc2bc6-FRA
cf-request-id
095192137200002bc6b29cb000000001
bundle.js
coronar.io/ 		649 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronar.io/bundle.js?v5
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
228e88d29b1bed0d183cec598aa617bf7b03012510d9c45fd8cfb212836f4c93

Request headers

Referer
https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 09 Oct 2020 07:29:52 GMT
server
cloudflare
etag
W/"5f801170-a22d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jtEp41xLdjMQIlXTgzmXP9pfewJZdFlVAEaY6lGDLLcCz0My2uT5BeegLCmjxQVuYLpwxD2%2Bb6u%2F4N16Hxkfqgej65IMRFEcLPLKNxbyBY8rH%2FbVyZUN"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
63c91f988c5e4e4f-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
095192135300004e4f60b02000000001
email-decode.min.js
coronar.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://coronar.io/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:6bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
nel
{"report_to":"cf-nel","max_age":604800}
cf-request-id
095192135400004e4f6620f000000001
last-modified
Thu, 01 Apr 2021 11:25:31 GMT
server
cloudflare
x-frame-options
DENY
etag
W/"6065adab-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ESPXiLC0KJtSu04IJlpQVzeSJiJf61Pq2f39wN4xNNqAOBVpe%2BHK%2F%2F0FEww%2FCudu7M6l%2FFAEFSPbun%2FYcYnm%2FIUFWwMI32HoBeMEFsxP2%2FoNQR2yvGoS"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
63c91f988c5f4e4f-FRA
expires
Sat, 10 Apr 2021 05:33:53 GMT
getcode
n.gameads.io/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://n.gameads.io/getcode?objid=gameadsbanner&jsdate=1617860033424&lang=en-US&rfunc=GameAdsRenew&fromhost=coronar.io&refr=&fromurl=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.81.57.71 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000995.ip-51-81-57.us
Software
/
Resource Hash
178695c5a1826c084fc3c897e9b31620a1a42e45182524f30c0e5fa982c38916

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 05:33:53 GMT
Access-Control
allow <*>
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-control
max-age=0
Connection
Close
X-Robots-Tag
noindex, nofollow
Content-Length
1740
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		60 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
75a27da6352828afdc0b8329d90874e0b90477d5177eeea8c6820395ce9ffb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"836 / 316 of 1000 / last-modified: 1617834022"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20394
x-xss-protection
0
expires
Thu, 08 Apr 2021 05:33:53 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210408
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
779fb62fe6ba8d891211ceadc3b44dbdbc2aea7a7291c82dc123f54e63ff9f0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
34087
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
content-length
923
etag
W/"677-gSsRHKw6Q5lEVT+HGe4JCe3nKTI"
x-served-by
cache-fra19168-FRA, cache-hhn4073-HHN
date
Thu, 08 Apr 2021 05:33:53 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
adsbygoogle.js
api.adinplay.com/libs/aiptag/assets/ 		16 B
353 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.adinplay.com/libs/aiptag/assets/adsbygoogle.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:f6b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
477500
content-length
16
cf-request-id
09519213ca00002bc6b29cf000000001
last-modified
Wed, 04 Apr 2018 16:13:25 GMT
server
cloudflare
etag
"10-569081a45f340"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2VMh9ZFmbjKbMUpVQozoS8BjQmICstc5yk%2F66pbWx3uVtiPmPvmpdcc%2FbZJ%2FbGWnrinIB7jk0tK9KvPolr3B6KZdLB2bMklpJVYgQ%2F9rAozhXI4u8sjEyGuQzk72"}],"max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63c91f994d822bc6-FRA
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		334 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08cba86dfd6faba59c170707886b7a898f3690798752ac3b4bef36d6984e14be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117140
x-xss-protection
0
expires
Thu, 08 Apr 2021 05:33:53 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 05:33:53 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.237:80
AN-X-Request-Uuid
de51232c-42d3-424e-9c70-30a7f8cd9d63
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://coronar.io
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view.aspx
server.cpmstar.com/ 		27 B
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://server.cpmstar.com/view.aspx?media=banner&json=c_b&mv=1&poolid=81290&reachedTop=true&requestid=400f11c64fc006&referer=https%253A%252F%252Fcoronar.io%252F%253Futm_medium%253D20%2526utm_content%253D86%2526utm_source%253Dgameads%2526utm_campaign%253D2905105413%2526utm_term%253Dpaper-io.com&schain=1.0,1!adinplay.com,TPZ,1,,,
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.235.251.211 Ashburn, United States, ASN19437 (SS-ASH, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
193fdc7a48ae60adfa28663712b68539bead2a82033545589d0d97565c6e983b

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 05:33:53 GMT
Server
Microsoft-IIS/10.0
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADM DEVa PSAa PSDa OUR OTR IND UNI NAV STA"
Access-Control-Allow-Origin
https://coronar.io
Cache-Control
private,no-store, no-cache, must-revalidate
Access-Control-Allow-Credentials
true
Content-Type
application/json; charset=utf-8
Content-Length
27
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/ 		215 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
4a1ffa1ba38dba98eb33a64eeba9347788e4aff54fc026387d715329858db994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
br
last-modified
Mon, 05 Apr 2021 18:52:27 GMT
etag
"6064af5d-11065"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
69733
expires
Thu, 08 Apr 2021 06:33:53 GMT
pubads_impl_2021040501.js
securepubads.g.doubleclick.net/gpt/ 		294 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
sffe /
Resource Hash
6afdb4c99349e317ab25f9be5c0b6819b3910df88259f171bd36cf31c66d73c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 05 Apr 2021 08:36:53 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
105885
x-xss-protection
0
expires
Thu, 08 Apr 2021 05:33:53 GMT
c127.png
ncdn.gameads.io/pics/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ncdn.gameads.io/pics/c127.png
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:688 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f44f65252af5acd869e4aa3bff2f5ebf4e0ef9ab0e7fc2ff03810905ab03e8d

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
5859
content-length
31838
cf-request-id
09519215220000c2f97b938000000001
last-modified
Tue, 16 Feb 2021 19:30:41 GMT
server
cloudflare
etag
"7c5e-5bb79234efc16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HaGAfyz5eha3p3ZjQyGfbnrDuGj7Iz5NQDYW1aGh7lJHtu22cZFt0Lu%2FOZ%2FZoNujZw8yhZhrzt%2BV9PMhj2NOX%2FsX4AHvbIe2qER3dQA0tkPMPpf9lEUGgTOK4Uc%3D"}]}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
63c91f9b68c7c2f9-FRA
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9237.QBBVuF2ozRpeLuUTafFDfSpN4wP2q20ydiousPYmuid_-Zqg8ymJPSNkVp8C6GXr.3bY7iPZum1T3GHRv1Fenj3CY7WU%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9237.5kT4bi03GDEbxO3EkyiUz1p1AOOlvUcDm99A8Jq8FbenDdpDOtakU0y0Vi9K9wMQfWtUGUOQ3FR437jmmetIRg%2C%2C.p7vk9wxt4trBslMJBKJyjQOV20g%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9237.5kT4bi03GDEbxO3EkyiUz1p1AOOlvUcDm99A8Jq8FbenDdpDOtakU0y0Vi9K9wMQfWtUGUOQ3FR437jmmetIRg%2C%2C.p7vk9wxt4trBslMJBKJyjQOV20g%2C
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9237.5kT4bi03GDEbxO3EkyiUz1p1AOOlvUcDm99A8Jq8FbenDdpDOtakU0y0Vi9K9wMQfWtUGUOQ3FR437jmmetIRg%2C%2C.p7vk9wxt4trBslMJBKJyjQOV20g%2C
date
Thu, 08 Apr 2021 05:33:53 GMT
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:53 GMT
last-modified
Thu, 01 Apr 2021 13:57:39 GMT
etag
"6064af5d-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 08 Apr 2021 06:33:53 GMT
pingcame
n.gameads.io/ 		68 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://n.gameads.io/pingcame?cid=127&visitid=3011754114&uid=2882783414&fromhost=coronar.io&jsdate=1617860033424&jsdate3=1617860033868
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.81.57.71 , United States, ASN16276 (OVH, FR),
Reverse DNS
ns1000995.ip-51-81-57.us
Software
/
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Apr 2021 05:33:54 GMT
Access-Control
allow <*>
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-control
max-age=0
Connection
Close
X-Robots-Tag
noindex, nofollow
Content-Length
68
integrator.js
adservice.google.dk/adsid/ 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.dk/adsid/integrator.js?domain=coronar.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 05:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=coronar.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 05:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		50 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2073942619765949&correlator=2692411177277942&output=ldjh&impl=fif&eid=31060550%2C31060722%2C44739387&vrg=2021040501&ptt=17&tfcd=0&sc=1&sfv=1-0-38&ecs=20210408&iu_parts=421469808%2Ccoronar.io_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C336x280%7C300x250&eri=1&cust_params=GS%3DNo%26FC%3D1%26OS%3DOther&cookie_enabled=1&bc=31&abxe=1&lmt=1617860034&dt=1617860034020&dlt=1617860033359&idt=431&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=600&adks=2319094216&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x-1&msz=336x-1&ga_vid=1956134765.1617860034&ga_sid=1617860034&ga_hid=1349922141&ga_fc=false&fws=4&ohw=1600&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
44905849bddf95f83257186afb0d37747c23fedaa1a4bdbfaa64709298de5507
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11455
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://coronar.io
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1521b1d67a773468d3a6a991a75e5266.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1521b1d67a773468d3a6a991a75e5266.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
1
mc.yandex.com/watch/61924642/
Redirect Chain
  • https://mc.yandex.com/watch/61924642?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com&c...
  • https://mc.yandex.com/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com...
203 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A336%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A10923894541%3Ahid%3A288194197%3Az%3A120%3Ai%3A20210408073353%3Aet%3A1617860034%3Ac%3A1%3Arn%3A442652054%3Au%3A1617860034815969400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617860033263%3Ads%3A9%2C15%2C67%2C1%2C0%2C0%2C%2C236%2C0%2C%2C%2C%2C332%3Adsn%3A9%2C15%2C68%2C1%2C0%2C0%2C%2C238%2C0%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617860034%3At%3ACoronar.io%20play%20online
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
46024759089628c718f648821935dc1867089bbcfcfad99e6294b835d220a32f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 05:33:54 GMT
x-content-type-options
nosniff
last-modified
Thu, 08-Apr-2021 05:33:54 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://coronar.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
203
x-xss-protection
1; mode=block
expires
Thu, 08-Apr-2021 05:33:54 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Apr 2021 05:33:54 GMT
last-modified
Thu, 08-Apr-2021 05:33:54 GMT
location
/watch/61924642/1?wmode=7&page-url=https%3A%2F%2Fcoronar.io%2F%3Futm_medium%3D20%26utm_content%3D86%26utm_source%3Dgameads%26utm_campaign%3D2905105413%26utm_term%3Dpaper-io.com&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2qfickvpx9rcbpmn%3Afp%3A336%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A482%3Acn%3A1%3Adp%3A0%3Als%3A10923894541%3Ahid%3A288194197%3Az%3A120%3Ai%3A20210408073353%3Aet%3A1617860034%3Ac%3A1%3Arn%3A442652054%3Au%3A1617860034815969400%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1617860033263%3Ads%3A9%2C15%2C67%2C1%2C0%2C0%2C%2C236%2C0%2C%2C%2C%2C332%3Adsn%3A9%2C15%2C68%2C1%2C0%2C0%2C%2C238%2C0%2C%2C%2C%2C332%3Awv%3A2%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1617860034%3At%3ACoronar.io%20play%20online
strict-transport-security
max-age=31536000
access-control-allow-origin
https://coronar.io
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
x-xss-protection
1; mode=block
expires
Thu, 08-Apr-2021 05:33:54 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 70E0 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: api.adinplay.com
URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://coronar.io/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://coronar.io/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Fri, 09 Apr 2021 05:33:56 GMT
Date
Thu, 08 Apr 2021 05:33:54 GMT
Connection
keep-alive
bounce
ib.adnxs.com/ Frame 70E0
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 05:33:54 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.107:80
AN-X-Request-Uuid
ef9dbc49-443b-4efa-9e93-f4ee1104f70d
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 05:33:54 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.54:80
AN-X-Request-Uuid
4b5ce2d6-1115-4ae4-82dd-a347df843581
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012103020108001/ Frame BFEF 		190 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
498699
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55046
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"aeaf363b1ad89b36"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 11:02:15 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame BFEF 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
498699
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4548
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"4eb73d471ab4cb2c"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 11:02:15 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame BFEF 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
498699
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27208
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"22950e05e749846e"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 11:02:15 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame BFEF 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
498699
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9587
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"739644f32ad1483f"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 11:02:15 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012103020108001/v0/ Frame BFEF 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
498699
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12827
x-xss-protection
0
server
sffe
date
Fri, 02 Apr 2021 11:02:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"5cc8dcc2368726c7"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Apr 2022 11:02:15 GMT
css
fonts.googleapis.com/ Frame BFEF 		3 KB
674 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Apr 2021 04:38:25 GMT
server
ESF
date
Thu, 08 Apr 2021 05:33:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Apr 2021 05:33:54 GMT
truncated
/ Frame BFEF 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b30ce5c2b05c63b8c7fc5075c7f632cc15dc0d99952ec877710e0edfa9070c6a

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFEF 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
76257
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 08 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFEF 		295 B
748 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
22143
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 08 Apr 2021 23:24:51 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame BFEF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C3juIwpVuYLenBLjK7_UPxsmfoAbJ3ODRXPL9z6fGC5KhmrrpDhABIJHi5B9g0YG5gtAHoAHz08vTA8gBAakCLN2jxBHosz7gAgCoAwHIAwqqBMYBT9DTSq8wc2ZEgqc_tN_j87AZBsZ1PzUyIfnbc7uEM6Oq7e8GpSZyX86jhBQwtN6qLBKjPqE04Zi8JnslnFgJc1xznn96qnKXnC9itwCRIbtNcdrThA_K0A-OKXJ9qZKPO7s5e9XloYp22at3tIth8VoabR0GL00AGvSW4RuvLHpIePLlVRHTK2lkLf0530_uAWbqNzimkc_qnt2fmPjCvXXwmxuNzDaL1QmNoN4UttluLj-YrU-l2QCka2G57CrDkyEDxizxwAS3oazGgwPgBAGSBQQIBBgBkgUECAUYBKAGUYAH5KD0LqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBRCijKgB0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi03Mjg5NjgxMTY5MDk5MDQ3gAoDyAsB2BMCshcaChgIABIUcHViLTMyODI1NDcxMTQ4MDAzNDc&sigh=bsHq6xY-Kt4&tpd=AGWhJmufhzuCpUAvZhq6-hTOOHDHX6V3pJArJn9V5WLn3sFsNA
Requested by
Host: coronar.io
URL: https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd12637f28cdf00ac939a964c476f127b44c486f0adcaa20841503b828e8eacc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 08 Apr 2021 05:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6544
x-xss-protection
0
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame BFEF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coronar.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
age
502217
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame BFEF 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://coronar.io
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 02 Apr 2021 10:03:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
age
502217
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
expires
Sat, 02 Apr 2022 10:03:37 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040501.js?31060722
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Apr 2021 05:33:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Thu, 08 Apr 2021 05:33:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BFEF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Thu, 08 Apr 2021 05:33:54 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFEF 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 08:22:57 GMT
x-content-type-options
nosniff
server
cafe
age
76257
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Thu, 08 Apr 2021 08:22:57 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame BFEF 		295 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 07 Apr 2021 23:24:51 GMT
x-content-type-options
nosniff
server
cafe
age
22143
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Thu, 08 Apr 2021 23:24:51 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8F57 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://coronar.io/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://coronar.io/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Wed, 07 Apr 2021 21:31:30 GMT
expires
Thu, 07 Apr 2022 21:31:30 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
28944
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
pagead2.googlesyndication.com/bg/ Frame 8F57 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/DE6_jZsYe42TxIvZMyCjeDFY2mBt4gt7GQO59cBhhbM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Apr 2021 17:21:39 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Wed, 24 Mar 2021 17:18:00 GMT
server
sffe
age
43935
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
expires
Thu, 07 Apr 2022 17:21:39 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040501&jk=2073942619765949&bg=!rK-lr-vNAAY56aLOOek7ACkAdvg8WqMwkI0NWsn9dG1MVqxT0oM4fhbhAti1c2bOnVwy06IMtSjJcwIAAACOUgAAAAxoAQcKAZQQlBCfWKpcLueGGGrdZdxeWlZ-Or4vkR0NFy_5T3mTezt1m02skILPEd3o2F5B7XJG2O4yeMgKBlv9MYrQ2O044e1MQzCDslDRWTO3Gtvve8ZTQ3LeUw_tjz9eOBbCJWtQuP6uL6UrTUMFfvrF1YNFacc9TRc7d9vUi2zWZcCZ4jsXhuSlU5-O8u3YR7v-eipR-MqGP8PNUw7S38znhNS1H_IrhWWnzKkf2iPar52mhoiJsxMiMryCb-6E55ArQeddxPu2r1CSLFbiNBT3BuFtn6QcHW5NeirOGbmcSnl4iERaIzuQEpDqE80UJWpPMo5heqgCDL4Rb8Hmpf1x0Y9_9NHG8myyZL4ASmLqhxsWhbiTDkv4FhbHpmtMuztvsC1WqbV1eUJp2cN2dezoOHHbw5moaX38UC1ik4LMzL6xtbRlCUUPYON9FZqYvH03g2J-FNfBpRsHYQfsis7JKhifhaIfk9EMKs7bw3PPdNAsGKOolBbJgS8Nr_QckxoXaAq_sZsjCUe31DVLZOYDyPEcu9qVepkBzMgsAtAk7sFpFr8srNeJMBruOM8Lov8FKXNWH-jeP9MVqnf4JgvQrjf5IZdQ6GrZYeBO1EdEy_WBSN4YtHUEee8HXfJxMgGxQ1AU96Nb0x3r4IKwwcWU9sB5zLmH7SIkbJbq8drOPgw769sxWlrU5WlLpYVTAo3bXVAaqEwhFqOj0t0D1Kf97mx7U47hnTAThbr8Xw3W54ewqQtJcu2bZMfOQDKiqh3xrzIffb7uFaowvZ4ea2_oQ3VwyqXt7cWXtfcHPnCwRY5zc8bWsNrLtZV2LXLbPURbPFH1vvINas3uoggnwAdRapTStikOnJqZdklGjG-RMbZqfwjaVFjFM9brlfO8OzXBDRU_bISgY8XiJQVXjX5Ta334anLRaZ2eAueL38P5sK7TCij4RCwFVv3QDLPwcnQjNFsRfnd_XWQMbyx86Kib6DIwgOET0YZZDlmQSbImMayYmrULbfpMGGS4Le-1q_xOMbhamI-7BKAR9c2Pvl3f83yKNF1o_SsVKxgXZJJUsThuivSEdk6FY_LIL5hz0h8QYwhIAVesL4gDM-stpmH35ZAw4twQFjJCrNhSlrQFasjQKsh9LSvmGxN2IIQ1OPpb0ujlWzQ
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 05:33:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 70E0 		0
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Apr 2021 05:33:55 GMT
X-Proxy-Origin
82.102.20.235; 82.102.20.235; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid
f252e05a-cfed-47e3-bad6-3124352370b3
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BFEF 		42 B
94 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu6ghalZyUL_PAM4z7aT4Gt7BYzl4cm1dC2GyZV1_4NxAW2fZE-XFp0qBl-huZFrQ5LiN7cYzws2EpmPpmDfo_-J-aDh5-aZHFefnnzYYOvnLDU2R3bc7hzxa3UVQ&sai=AMfl-YSC2daK4fkS_6vzL7W2BFm7fqznYSdNi3ONvF2AKQpJQ_4RsaK4FBWyiAN8BFMokqxzynOwy8fzOEOp_BEopiYgV9UWGQGe9En0zcjEr8brvHoiS7EtjJ7iOmpY3N0&sig=Cg0ArKJSzChW6nF963BNEAE&cid=CAASPeRoQnVwJQbaqbaTirvFEMUM24pAlzWfSA4uio0XTKu0hBILjkGiRVinraOW9geDsBsC0Tetvu5jjevAyr8&id=ampim&o=0,600&d=336,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=156&tls=1156&g=100&h=100&tt=1156&r=v&avms=ampa&adk=2319094216
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://coronar.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Apr 2021 05:33:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| GameAdsRenew object| aip_pbjs function| aipAPI object| $jscomp function| cmp_getlang function| aipSendEvent function| aipDisplay function| aipPlayer function| AipAds function| aippbjsChunk object| aippbjs object| _pbjsGlobals object| aiptag object| pbjs object| googletag object| aipAPItag object| aipDisplayTag number| k function| setImmediate function| clearImmediate object| core object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin function| TweenMax function| CSSPlugin function| TimelineLite function| TimelineMax function| BezierPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| ExpoScaleEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| ShowLeftBanner function| HideLeftBanner function| ShowAbout function| HideAbout object| lastTimeAds function| checktimeForAds function| updateLastAdsTime function| pauseGame function| resumeGame function| showingAds function| showPreroll function| showBottomAds function| hideBottomAds function| showStartAds function| hideStartAds function| toggleBottomAd function| toggleSideAd function| ym object| ggeac object| google_js_reporting_queue object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| ima object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| adplayer function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing number| gameadslastcall boolean| gameadspicloaded object| gameadsfingerprint string| gameadsnosidlist function| gameads_ping_pic object| Ya object| yaCounter61924642 object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

5 Cookies

Domain/Path Name / Value
.coronar.io/ Name: _ym_isad
Value: 2
.coronar.io/ Name: _ym_d
Value: 1617860034
.coronar.io/ Name: _ym_uid
Value: 1617860034815969400
.adnxs.com/ Name: uuid2
Value: 828861468618883071
.coronar.io/ Name: __cfduid
Value: d0a8fb921b641ed04cb63a75d42208b6a1617860033

3 Console Messages

Source Level URL
Text
console-api warning URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js(Line 3)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api log URL: https://api.adinplay.com/libs/aiptag/pub/TPZ/coronar.io/tag.min.js(Line 79)
Message:
%c %c %c AdinPlay v2.0 ✰ TPZ ✰ v4.10.0 aip %c %c ads by http://www.adinplay.com/ %c %c %c%c background: #9C0013; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF; background: #030307; padding:5px 0; background: #9C0013; padding:5px 0; color: #FFFFFF;background: #DB0028; padding:5px 0; background: #9C0013; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0; color: #ff2424; background: #fff; padding:5px 0;
console-api info URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2103020108001 https://coronar.io/?utm_medium=20&utm_content=86&utm_source=gameads&utm_campaign=2905105413&utm_term=paper-io.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1521b1d67a773468d3a6a991a75e5266.safeframe.googlesyndication.com
acdn.adnxs.com
adservice.google.com
adservice.google.dk
api.adinplay.com
cdn.ampproject.org
cdn.jsdelivr.net
coronar.io
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
mc.yandex.com
mc.yandex.ru
n.gameads.io
ncdn.gameads.io
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
server.cpmstar.com
tpc.googlesyndication.com
www.google.com
142.250.185.66
185.33.221.15
2.18.232.130
23.235.251.211
2606:4700:20::681a:688
2606:4700:20::681a:f6b
2606:4700:3032::6815:6bd
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2003
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:828::2004
2a02:6b8::1:119
2a04:4e42:1b::621
51.81.57.71
08cba86dfd6faba59c170707886b7a898f3690798752ac3b4bef36d6984e14be
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c4ebf8d9b187b8d93c48bd93320a3783158da606de20b7b1903b9f5c06185b3
178695c5a1826c084fc3c897e9b31620a1a42e45182524f30c0e5fa982c38916
193fdc7a48ae60adfa28663712b68539bead2a82033545589d0d97565c6e983b
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
228e88d29b1bed0d183cec598aa617bf7b03012510d9c45fd8cfb212836f4c93
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
274d8af1a5af8aa7d8f36fe1e861c3d717675f1f6991005438054bd3eff1be17
351b4bae56595d6878b3ffd7940ac231a0a85427f4cb1e5adb1952b71998f35a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f44f65252af5acd869e4aa3bff2f5ebf4e0ef9ab0e7fc2ff03810905ab03e8d
44905849bddf95f83257186afb0d37747c23fedaa1a4bdbfaa64709298de5507
46024759089628c718f648821935dc1867089bbcfcfad99e6294b835d220a32f
4a1ffa1ba38dba98eb33a64eeba9347788e4aff54fc026387d715329858db994
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6afdb4c99349e317ab25f9be5c0b6819b3910df88259f171bd36cf31c66d73c0
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
75a27da6352828afdc0b8329d90874e0b90477d5177eeea8c6820395ce9ffb6e
779fb62fe6ba8d891211ceadc3b44dbdbc2aea7a7291c82dc123f54e63ff9f0a
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
871d8f0f85182c994a468466dfc82c6a722632bd835031a77d51913e407619d9
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a7724ef3e3b776b4b317b5ed5032edcedbe6d4b704e46ad4839d972d5d1460a2
b30ce5c2b05c63b8c7fc5075c7f632cc15dc0d99952ec877710e0edfa9070c6a
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
fd12637f28cdf00ac939a964c476f127b44c486f0adcaa20841503b828e8eacc