www.google.com Open in urlscan Pro
2a00:1450:4001:827::2004 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fantasticadventures.xyz/
Effective URL:
https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283...
Submission: On July 15 via api (July 15th 2023, 8:10:27 am UTC) from US — Scanned from NL

Summary HTTP 18 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2a00:1450:4001:827::2004, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.google.com. The Cisco Umbrella rank of the primary domain is 10.
TLS certificate: Issued by GTS CA 1C3 on June 19th 2023. Valid for: 3 months.

This is the only time www.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3031::ac43:849b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3033::ac43:a47d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700::68... 2606:4700::6812:1b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
18	7

1 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

fantasticadventures.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:849b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.univerns.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:a47d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

pmaff.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:1b13 (United States)

ASN13335 (CLOUDFLARENET, US)

td.prism.bet	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	google.com www.google.com — Cisco Umbrella Rank: 10 apis.google.com — Cisco Umbrella Rank: 195	116 KB
7	prism.bet td.prism.bet — Cisco Umbrella Rank: 852884	120 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4934	24 KB
1	pmaff.com 1 redirects pmaff.com	757 B
1	univerns.com 1 redirects a.univerns.com	626 B
1	fantasticadventures.xyz 1 redirects fantasticadventures.xyz	899 B
18	7

	Domain	Requested by
7	td.prism.bet	td.prism.bet
6	www.google.com	td.prism.bet www.google.com
2	www.gstatic.com	www.google.com
1	apis.google.com	www.gstatic.com
1	fonts.gstatic.com	www.google.com
1	browser.sentry-cdn.com	td.prism.bet
1	pmaff.com	1 redirects
1	a.univerns.com	1 redirects
1	fantasticadventures.xyz	1 redirects
18	9

This site contains links to these domains. Also see Links.

Domain
about.google
store.google.com
mail.google.com
www.google.nl
accounts.google.com
google.com
sustainability.google
policies.google.com
support.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-25` - `2023-08-25`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809&0=traffic_back_url&1=%27www.google.com%2F%27
Frame ID: 8454CF423001768F6B986BFE0FA87BC9
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Google

Page URL History Show full URLs

https://fantasticadventures.xyz/ HTTP 302
https://a.univerns.com/click?pid=154034&offer_id=7579&l=1680700217&sub1=10fud0dc9sp&sub2= HTTP 302
https://pmaff.com/?serial=61283826&creative_id=1809&anid=64b2546c361e390001b5cbaf-7579_154034 HTTP 302
https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_... Page URL
https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4... Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

335 kB
Transfer

779 kB
Size

12
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://about.google/?fg=1&utm_source=google-NL&utm_medium=referral&utm_campaign=hp-header
Title: Over

Search URL Search Domain Scan URL

URL: https://store.google.com/NL?utm_source=hp_header&utm_medium=google_ooo&utm_campaign=GS100042&hl=nl-NL
Title: Store

Search URL Search Domain Scan URL

URL: https://mail.google.com/mail/&ogbl
Title: Gmail

Search URL Search Domain Scan URL

URL: https://www.google.nl/intl/nl/about/products

Search URL Search Domain Scan URL

URL: https://accounts.google.com/ServiceLogin?hl=nl&passive=true&continue=https://www.google.com/%3Ftid%3Dpr_a64_nomad-Aviator%26prism_click_id%3Db7d3f832-6e75-42d0-ae19-96d014632d4c%26qtag%3Da23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034%26x_pm_click%3Dbd14aae05e13862bffde33bb18a567ee%26redirect_creative_id%3D1809%260%3Dtraffic_back_url%261%3D%2527www.google.com%252F%2527&ec=GAZAmgQ
Title: Inloggen

Search URL Search Domain Scan URL

URL: https://google.com/search/howsearchworks/?fg=1
Title: Hoe Google Zoeken werkt

Search URL Search Domain Scan URL

URL: https://sustainability.google/intl/nl/carbon-free/?utm_source=googlehpfooter&utm_medium=housepromos&utm_campaign=bottom-footer&utm_content=
Title: CO2-neutraal sinds 2007

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=nl&fg=1
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=nl&fg=1
Title: Voorwaarden

Search URL Search Domain Scan URL

URL: https://support.google.com/websearch/?p=ws_results_help&hl=nl&fg=1
Title: Google Zoeken Help

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies?utm_source=ucbs&hl=nl
Title: cookies

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=nl&fg=1&utm_source=ucbs
Title: Privacy

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=nl&fg=1&utm_source=ucbs
Title: Voorwaarden

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fantasticadventures.xyz/ HTTP 302
https://a.univerns.com/click?pid=154034&offer_id=7579&l=1680700217&sub1=10fud0dc9sp&sub2= HTTP 302
https://pmaff.com/?serial=61283826&creative_id=1809&anid=64b2546c361e390001b5cbaf-7579_154034 HTTP 302
https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809 Page URL
https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809&0=traffic_back_url&1=%27www.google.com%2F%27 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://fantasticadventures.xyz/ HTTP 302
https://a.univerns.com/click?pid=154034&offer_id=7579&l=1680700217&sub1=10fud0dc9sp&sub2= HTTP 302
https://pmaff.com/?serial=61283826&creative_id=1809&anid=64b2546c361e390001b5cbaf-7579_154034 HTTP 302
https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809

18 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

8431ff8 Show response
td.prism.bet/
Redirect Chain

https://fantasticadventures.xyz/
https://a.univerns.com/click?pid=154034&offer_id=7579&l=1680700217&sub1=10fud0dc9sp&sub2=
https://pmaff.com/?serial=61283826&creative_id=1809&anid=64b2546c361e390001b5cbaf-7579_154034
https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809

3 KB
2 KB

167ms
111ms

Document
text/html

2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c7521565fa27630318bc1d731e8cf2fa0bf4ace344b3f29853e14ce3ca69c9ea

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token
access-control-allow-methods: HEAD, GET, POST, PUT, PATCH, DELETE
access-control-expose-headers: Origin, X-Requested-With, Content-Type, Accept, Auth-Token
alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7e7087485d589b77-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 15 Jul 2023 08:10:20 GMT
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7e708747cf034dc9-FRA
content-type: text/html; charset=UTF-8
date: Sat, 15 Jul 2023 08:10:20 GMT
location: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlAmFt8udnPIeA4MbdeufQZ2GSn9crff9IKeUfDf1K4HZlNcwI4CYPQP8v0wnWTADVHH%2FqCvpZDnF6%2FL40pZ1tJf8Ryx%2Bwc5Rc1EpT9sGpk1uvSelLiGuFsYNTOSebSwsfCxZuUSrzA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-pm-click: bd14aae05e13862bffde33bb18a567ee
x-powered-by: PHP/8.0.8
x-user-click: 03357568ecf62679290130f713a53a1f
x-user-unique-click: 1

GET
H2 200 loader_prism.gif
td.prism.bet/assets/images/default/ 111 KB
111 KB 27ms
26ms Image
image/gif 2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://td.prism.bet/assets/images/default/loader_prism.gif
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24fe67e98bdbcfa2b6a22a7a784d4ce7563c88dafc6ab535e5f3c3c3e8f2fe17

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sat, 15 Jul 2023 08:10:20 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:12:14 GMT
server: cloudflare
age: 593615
etag: W/"64a6775e-1bc47"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=864000
cf-ray: 7e7087491e3d9b77-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 08:10:20 GMT

GET
H2 200 pmc.css
td.prism.bet/assets/css/ 18 KB
3 KB 50ms
49ms Stylesheet
text/css 2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/css/pmc.css?d8c4c438fa755e418b118af9c131f6df
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5e7568339c5f8010874964d60280b3c61edfb50f695120e6b309cc400b5a241

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sat, 15 Jul 2023 08:10:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:12:14 GMT
server: cloudflare
age: 597417
etag: W/"64a6775e-4998"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=864000
cf-ray: 7e7087491e3e9b77-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 08:10:20 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/5.25.0/ 77 KB
24 KB 63ms
17ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.25.0/bundle.tracing.min.js

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

88454e7bca1c38b374d60d58449e4e22261366642a8650d8d8edae2c395f2603

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://td.prism.bet/
Origin: https://td.prism.bet
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:10:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Mon, 05 Oct 2020 12:46:34 GMT
server: Fastly
age: 3118055
etag: "67493449368510b48a16561680ffdc2b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 24217
expires: Sat, 08 Jun 2024 06:02:45 GMT

GET
H2 200 mirrors-new.js Show response
td.prism.bet/assets/js/includes/ 266 B
271 B 49ms
48ms Script
application/javascript 2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/includes/mirrors-new.js?ab2fc53092b51412b8600282169a3be1
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c833b36b069cd7abe426b1ec0f0a437cf6d7e8180cfe10485be6ca9c7586ecb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sat, 15 Jul 2023 08:10:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:12:14 GMT
server: cloudflare
age: 760748
etag: W/"64a6775e-10a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
cf-ray: 7e7087491e3f9b77-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 08:10:20 GMT

GET
H2 200 BadTraffic.js Show response
td.prism.bet/assets/js/includes/ 2 KB
695 B 50ms
49ms Script
application/javascript 2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/includes/BadTraffic.js?ab2fc53092b51412b8600282169a3be1
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 752c3f374c05fe97e9fac4f75ba26fc6932cdbe949e5708c1ecb1dee582d3a81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sat, 15 Jul 2023 08:10:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:12:14 GMT
server: cloudflare
age: 760748
etag: W/"64a6775e-65c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
cf-ray: 7e7087491e409b77-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 08:10:20 GMT

GET
H2 200 babel-standalone-6.26.0.min.js Show response
td.prism.bet/assets/js/vendor/ 0
89 B 49ms
48ms Script
application/javascript 2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/vendor/babel-standalone-6.26.0.min.js
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sat, 15 Jul 2023 08:10:20 GMT
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:12:15 GMT
server: cloudflare
age: 148423
etag: "64a6775f-0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
accept-ranges: bytes
cf-ray: 7e7087491e429b77-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: Tue, 25 Jul 2023 08:10:20 GMT

GET
H2 200 main-custom-new.js Show response
td.prism.bet/assets/js/ 11 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700::6812:1b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://td.prism.bet/assets/js/main-custom-new.js?ab2fc53092b51412b8600282169a3be1
Requested by: Host: td.prism.bet
URL: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daeafbc8678c76058a36264d19f42a3f6586507e982cf372f346130f9da7ce93

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://td.prism.bet/8431ff8?qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: public
date: Sat, 15 Jul 2023 08:10:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 06 Jul 2023 08:12:14 GMT
server: cloudflare
age: 760748
etag: W/"64a6775e-2be5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=864000
cf-ray: 7e7087491e449b77-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 25 Jul 2023 08:10:20 GMT

GET
H2 200 Primary Request / Show response
www.google.com/ 226 KB
68 KB 165ms
116ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809&0=traffic_back_url&1=%27www.google.com%2F%27

Requested by

Host: td.prism.bet
URL: https://td.prism.bet/assets/js/main-custom-new.js?ab2fc53092b51412b8600282169a3be1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

ce1abdaf55b0273f6af74af96f8ccc1d5ca7fe2a55ddfd1e60448f4135fbba6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://td.prism.bet/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 68369
content-security-policy-report-only: object-src 'none';base-uri 'self';script-src 'nonce-ahWQWt1F1tOIaVfgprqQlQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other-hp
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Sat, 15 Jul 2023 08:10:21 GMT
expires: -1
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: unload=()
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 googlelogo_color_272x92dp.png
www.google.com/images/branding/googlelogo/1x/ 6 KB
6 KB 30ms
29ms Image
image/png 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_272x92dp.png

Requested by

Host: www.google.com
URL: https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809&0=traffic_back_url&1=%27www.google.com%2F%27

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:10:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5969
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Jul 2023 08:10:21 GMT

GET
H2 200 24px.svg
fonts.gstatic.com/s/i/productlogos/googleg/v6/ 742 B
971 B 69ms
20ms Image
image/svg+xml 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.gstatic.com/s/i/productlogos/googleg/v6/24px.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 07:52:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1071
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 17:17:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Jul 2024 07:52:30 GMT

GET
DATA 200
OK truncated
/ 315 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 gen_204
www.google.com/ 0
214 B 87ms
87ms Ping
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?ei=bVSyZLSJGJKNxc8P1_C8mA4&vet=10ahUKEwj084jGoZCAAxWSRvEDHVc4D-MQhJAHCB0..s&gl=nl&pc=SEARCH_HOMEPAGE&isMobile=false

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-N9BKx4DqNsP2gj5TdJsyrA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-N9BKx4DqNsP2gj5TdJsyrA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 15 Jul 2023 08:10:21 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 desktop_searchbox_sprites318_hr.webp
www.google.com/images/searchbox/ 660 B
762 B 27ms
27ms Image
image/webp 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/searchbox/desktop_searchbox_sprites318_hr.webp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809&0=traffic_back_url&1=%27www.google.com%2F%27
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:10:21 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2020 22:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/webp
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 660
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 15 Jul 2023 08:10:21 GMT

GET
DATA 200
OK truncated
/ 775 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 236 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 197 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 686 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 338 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 gen_204
www.google.com/ 0
233 B 31ms
30ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/gen_204?atyp=i&ct=bxjs&cad=&b=0&ei=bVSyZLSJGJKNxc8P1_C8mA4&zx=1689408621546&opi=89978449

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-zOWITg0SWmDMTZhJyVEOvw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-zOWITg0SWmDMTZhJyVEOvw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 15 Jul 2023 08:10:21 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rs=AA2YrTvcagVyTW7BCkkQRuzxRo8lL9FByw Show response
www.gstatic.com/og/_/js/k=og.qtm.en_US.Rp-1YqpBnTQ.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ 202 KB
72 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Rp-1YqpBnTQ.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvcagVyTW7BCkkQRuzxRo8lL9FByw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf9552c5742ee9de58278e85e711f06fe3c6a0ed7731ac8ccaee0ea2725bd413

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 11 Jul 2023 07:00:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 349800
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73973
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 01:42:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Jul 2024 07:00:21 GMT

GET
H2 200 rs=AA2YrTskQVuI_RegvjB3vE2uQHtwf-5cGg
www.gstatic.com/og/_/ss/k=og.qtm.gdDckMx1Njs.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/ 389 B
827 B 68ms
20ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/og/_/ss/k=og.qtm.gdDckMx1Njs.L.W.O/m=qcwid/excm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/ct=zgms/rs=AA2YrTskQVuI_RegvjB3vE2uQHtwf-5cGg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ba175c14a1b3e95fdac52043fdb52c13d7c709f25d3e2d176e21c9aef6d4a0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Thu, 13 Jul 2023 10:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/one-google-eng
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 274
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 01:39:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="one-google-eng"
vary: Accept-Encoding, Origin
report-to: {"group":"one-google-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/one-google-eng"}]}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 12 Jul 2024 10:20:42 GMT

POST
H3 204 gen_204
www.google.com/ 0
19 B 31ms
31ms Ping
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/gen_204?s=webhp&t=aft&atyp=csi&ei=bVSyZLSJGJKNxc8P1_C8mA4&rt=wsrt.166,aft.109,afti.109,prt.83&wh=1200&imn=6&ima=2&imad=0&imac=1&imf=0&aft=1&aftp=1200&opi=89978449&bl=qb-a

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-gi2dJSg-61jr8DZU78cVkw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-gi2dJSg-61jr8DZU78cVkw' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Sat, 15 Jul 2023 08:10:21 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
origin-trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=, AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uwHuQY_gg44.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_V1jKXTs4TkQZGty4n4aTwpK1Z_Q/ 118 KB
40 KB 76ms
20ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uwHuQY_gg44.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_V1jKXTs4TkQZGty4n4aTwpK1Z_Q/cb=gapi.loaded_0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/og/_/js/k=og.qtm.en_US.Rp-1YqpBnTQ.2019.O/rt=j/m=qabr,q_dnp,qcwid,qapid,qald/exm=qaaw,qadd,qaid,qein,qhaw,qhba,qhbr,qhch,qhga,qhid,qhin/d=1/ed=1/rs=AA2YrTvcagVyTW7BCkkQRuzxRo8lL9FByw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b577857c178a06510ed5a51ef48205d61a43b7107be350535a41b08c8b870e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Sat, 15 Jul 2023 08:03:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40799
x-xss-protection: 0
last-modified: Tue, 06 Jun 2023 15:23:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 14 Jul 2024 08:03:01 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fantasticadventures.xyz/	1970-01-20 14:01:27	Name: _subid Value: 10fud0dc9sp
fantasticadventures.xyz/	1970-01-20 22:52:48	Name: 8fa23 Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjMzOFwiOjE2ODk0MDg2MjB9LFwiY2FtcGFpZ25zXCI6e1wiODFcIjoxNjg5NDA4NjIwfSxcInRpbWVcIjoxNjg5NDA4NjIwfSJ9.V_0Yzw5XMISW57lGgeA19CqsyumJi7r8rr3lTTrb79k
fantasticadventures.xyz/	1970-01-20 14:01:27	Name: _token Value: uuid_10fud0dc9sp_10fud0dc9sp64b2546c8934b1.46180505
a.univerns.com/	1970-01-20 22:02:24	Name: afclick Value: 64b2546c361e390001b5cbaf
a.univerns.com/	1970-01-20 22:02:24	Name: afoffers Value: {"7579":1689408620}
pmaff.com/	1970-01-20 14:00:00	Name: click_61283826_1809 Value: 03357568ecf62679290130f713a53a1f
td.prism.bet/	1970-01-20 15:26:24	Name: td_uuid_monitoringnomad_aviator Value: 23366859-fc86-4b27-9e79-305445988994
td.prism.bet/	1970-01-20 14:00:00	Name: td_user_visits_pr-a64-nomad-aviator Value: 1
td.prism.bet/	1969-12-31 23:59:59	Name: visited_landings Value: %7B%224575%22%3A%5B72%5D%7D
.google.com/	1970-01-20 17:36:00	Name: AEC Value: Ad49MVH3wj-_UrImopDxgHRzpKr9tzjyzJCWqw6ZYSulBKZHmoZwK8oInA
.google.com/	1970-01-20 22:46:35	Name: __Secure-ENID Value: 13.SE=ODfo1xWLLF_HhyzdrSYccqTAb09lsnvYqGT2ND2tKRCzNhRM74GX9uByFWR04uTovBjOYPYGJOl_vSlliYBtz2-WeHs8SVf5T3cSoZ7lTnsumOIOckVKRmAmLJMbpm_9lpkhezpDqmNUUU4-2f2gXS54erzXelsEF_7dg0IfYyk
.google.com/	1970-01-20 22:52:48	Name: CONSENT Value: PENDING+870

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
rendering	info	URL: https://www.google.com/?tid=pr_a64_nomad-Aviator&prism_click_id=b7d3f832-6e75-42d0-ae19-96d014632d4c&qtag=a23702_t61283826_c1809_s64b2546c361e390001b5cbaf-7579_154034&x_pm_click=bd14aae05e13862bffde33bb18a567ee&redirect_creative_id=1809&0=traffic_back_url&1=%27www.google.com%2F%27(Line 89) Message: Autofocus processing was blocked because a document already has a focused element.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.univerns.com
apis.google.com
browser.sentry-cdn.com
fantasticadventures.xyz
fonts.gstatic.com
pmaff.com
td.prism.bet
www.google.com
www.gstatic.com
2606:4700:3031::ac43:849b
2606:4700:3033::ac43:a47d
2606:4700::6812:1b13
2a00:1450:4001:800::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:827::2004
2a00:1450:4001:82f::2003
2a04:4e42:600::729
2a06:98c1:3120::3
1ba175c14a1b3e95fdac52043fdb52c13d7c709f25d3e2d176e21c9aef6d4a0f
1e641d94ac2d51089bf1282148963c8b2253dcfe089861537544b44b346672f0
228a729bd6316ceac03ebdf00ccfa5dab5429a38f0598ec0c9f228b16b26261f
24fe67e98bdbcfa2b6a22a7a784d4ce7563c88dafc6ab535e5f3c3c3e8f2fe17
4c833b36b069cd7abe426b1ec0f0a437cf6d7e8180cfe10485be6ca9c7586ecb
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
592fa7f72e229674612ddb6f5578f05cdcd1e8aa470d3fa257415e2c7499e435
73d788f86be22112bb53762545989c0f1bbdb7343161130952c9ba3834ff81e3
752c3f374c05fe97e9fac4f75ba26fc6932cdbe949e5708c1ecb1dee582d3a81
88454e7bca1c38b374d60d58449e4e22261366642a8650d8d8edae2c395f2603
8b01d1155941a02829ae5eaecfd86c83f7e7a5a6e34edd94a0b7780f4ae1ae78
948fe62ca3b291d8bccb2f4799f97bd46f1d670f85d8f275d0347f7398e50e99
b577857c178a06510ed5a51ef48205d61a43b7107be350535a41b08c8b870e3d
b5d67eaa85688500479563e35f5f52c860a32d66234bc5326b4acae00e20bf63
b5e7568339c5f8010874964d60280b3c61edfb50f695120e6b309cc400b5a241
c7521565fa27630318bc1d731e8cf2fa0bf4ace344b3f29853e14ce3ca69c9ea
ce1abdaf55b0273f6af74af96f8ccc1d5ca7fe2a55ddfd1e60448f4135fbba6d
cf9552c5742ee9de58278e85e711f06fe3c6a0ed7731ac8ccaee0ea2725bd413
daeafbc8678c76058a36264d19f42a3f6586507e982cf372f346130f9da7ce93
dfc968774223d526b5bd576d65d52926560be675eb4d289e4b50b6b2d1c4c34c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed9087d76cdc6d1c53698f6068f79872e77e87c8d012c0cfdad13b05b6ccb37c

www.google.com Open in urlscan Pro 2a00:1450:4001:827::2004 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

7 Domains

9 Subdomains

7 IPs

2 Countries

335 kBTransfer

779 kBSize

12 Cookies

13 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

12 Cookies

2 Console Messages

Indicators

www.google.com Open in urlscan Pro
2a00:1450:4001:827::2004 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

7
IPs

2
Countries

335 kB
Transfer

779 kB
Size

12
Cookies

18 HTTP transactions
7 data transactions