zbird03211.minigame.vip Open in urlscan Pro
104.18.3.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zbird03211.minigame.vip/
Submission: On March 29 via api (March 29th 2024, 8:44:02 am UTC) from US — Scanned from US

Summary HTTP 35 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 4 domains to perform 35 HTTP transactions. The main IP is 104.18.3.128, located in and belongs to CLOUDFLARENET, US. The main domain is zbird03211.minigame.vip.
TLS certificate: Issued by RapidSSL Global TLS RSA4096 SHA256 20... on January 8th 2024. Valid for: a year.

This is the only time zbird03211.minigame.vip was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	104.18.3.128 104.18.3.128	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.65.194 142.250.65.194	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:280	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.9.155 142.250.9.155	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4002:c2c::8b	15169 (GOOGLE) (GOOGLE)
9	142.251.15.101 142.251.15.101	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4002:c0c::84	15169 (GOOGLE) (GOOGLE)
1	74.125.138.132 74.125.138.132	15169 (GOOGLE) (GOOGLE)
1	74.125.138.105 74.125.138.105	15169 (GOOGLE) (GOOGLE)
35	10

7 104.18.3.128 (None, )

ASN13335 (CLOUDFLARENET, US)

zbird03211.minigame.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.65.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:280 (United States)

ASN13335 (CLOUDFLARENET, US)

res.minigame.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.9.155 (United States)

ASN15169 (GOOGLE, US)
PTR: yq-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4002:c2c::8b (Atlanta, United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.15.101 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yl-in-f101.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4002:c0c::84 (Atlanta, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.138.132 (United States)

ASN15169 (GOOGLE, US)
PTR: yi-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.138.105 (United States)

ASN15169 (GOOGLE, US)
PTR: yi-in-f105.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 653 www.google.com — Cisco Umbrella Rank: 2	70 KB
10	minigame.vip zbird03211.minigame.vip res.minigame.vip — Cisco Umbrella Rank: 292528	235 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 162	344 KB
3	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39
35	4

	Domain	Requested by
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	pagead2.googlesyndication.com	zbird03211.minigame.vip pagead2.googlesyndication.com
7	zbird03211.minigame.vip	zbird03211.minigame.vip
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	res.minigame.vip	zbird03211.minigame.vip
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
35	7

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
play.google.com
www.minigame.vip
about.minigame.vip

Subject Issuer	Validity	Valid
*.minigame.vip RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2024-01-08` - `2025-02-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-08-20` - `2024-08-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-03-04` - `2024-05-27`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://zbird03211.minigame.vip/
Frame ID: BC894815C72EE585C4DFAC0A55FA4265
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&adk=1812271804&adf=1573534164&lmt=1711441217&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x750_l%7C500x750_r&format=0x0&url=https%3A%2F%2Fzbird03211.minigame.vip%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711701837028&bpp=4&bdt=272&idt=535&shv=r20240327&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2498023325845&frm=20&pv=2&ga_vid=2121443239.1711701838&ga_sid=1711701838&ga_hid=1431262724&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081577%2C31082198%2C44795921%2C95325424%2C95320377%2C95328825&oid=2&pvsid=583394096819042&tmod=1965025811&uas=0&nvt=1&fsapi=1&fc=1920&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=587
Frame ID: 0F3BF05AC908EA8F067033C0291531DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&h=280&adk=1290130597&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1711441217&rafmt=1&format=1200x280&url=https%3A%2F%2Fzbird03211.minigame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711701837032&bpp=2&bdt=276&idt=599&shv=r20240327&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2498023325845&frm=20&pv=1&ga_vid=2121443239.1711701838&ga_sid=1711701838&ga_hid=1431262724&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081577%2C31082198%2C44795921%2C95325424%2C95320377%2C95328825&oid=2&pvsid=583394096819042&tmod=1965025811&uas=0&nvt=1&fc=1920&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=615
Frame ID: 53883455642E7D702AF0DB31BAA2FB9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html
Frame ID: 4635F72C14B752C23009287EC186D249
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BF4D14ADCFEA32B251BD04D8240E7CE6
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2B39AE73DABFD2496271814A63AE1627
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Minigame and Have Fun

Detected technologies

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

35
Requests

97 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

10
IPs

2
Countries

649 kB
Transfer

1562 kB
Size

6
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Minigamevip-109189840518002
Title: Facebook Page

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/developer?id=MiniGame.vip
Title: Google Play

Search URL Search Domain Scan URL

URL: https://www.minigame.vip/
Title: https://www.minigame.vip

Search URL Search Domain Scan URL

URL: https://about.minigame.vip/
Title: About

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
zbird03211.minigame.vip/ 143 KB
23 KB 1532ms
955ms Document
text/html 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zbird03211.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404cd956a6f39416750a4749a9ecf1e43bc51cd962fce995c94ca11dffc7e22a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: MISS
cf-ray: 86be9339bb0739c5-YYZ
content-encoding: br
content-md5: /Gn8biGkWQbqjuv+zXAZLw==
content-type: text/html; charset=utf-8
date: Fri, 29 Mar 2024 08:43:56 GMT
expires: Fri, 29 Mar 2024 09:43:56 GMT
last-modified: Tue, 26 Mar 2024 08:20:17 GMT
server: cloudflare
vary: Accept-Encoding
x-oss-hash-crc64ecma: 11483467046273264149
x-oss-object-type: Normal
x-oss-request-id: 66067F4C5ADBFC38320A11BF
x-oss-server-time: 24
x-oss-storage-class: Standard

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 216ms
117ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Requested by

Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

e7e7b3e6ec7c728b7d1cdb76af91a20530491c404525ce6a9d08c445c4b85291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
Origin: https://zbird03211.minigame.vip
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50932
x-xss-protection: 0
server: cafe
etag: 12541846505865245960
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 29 Mar 2024 08:43:56 GMT

GET
H3 200 handlebars.runtime.min.js Show response
zbird03211.minigame.vip/static/lib/handlebars/ 20 KB
8 KB 559ms
546ms Script
application/javascript 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zbird03211.minigame.vip/static/lib/handlebars/handlebars.runtime.min.js
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7d4f2087bafa41335f248a267683d382489057856bb3c66465be2220964d749

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
content-encoding: br
x-oss-request-id: 66067F4D950CB137353771FB
cf-cache-status: MISS
content-md5: X2z1BWNKJrnwIuSjST/VMg==
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Wed, 28 Feb 2024 10:11:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
x-oss-storage-class: Standard
cf-ray: 86be933fd80c39c5-YYZ
x-oss-hash-crc64ecma: 2534428391629716180
x-oss-server-time: 5
expires: Fri, 29 Mar 2024 09:43:57 GMT

GET
H3 200 gamebox.precompiled.min.js Show response
zbird03211.minigame.vip/static/scripts/ 13 KB
2 KB 535ms
529ms Script
application/javascript 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zbird03211.minigame.vip/static/scripts/gamebox.precompiled.min.js
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f474329659302bd1c84413b3df3c1116c0543de959f2bdd0df76d9c3afdc10a

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
content-encoding: br
x-oss-request-id: 66067F4D8B941B3237B839A6
cf-cache-status: MISS
content-md5: DUlCu6XmAp03xGnNTbmPsg==
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Wed, 28 Feb 2024 10:11:02 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600
x-oss-storage-class: Standard
cf-ray: 86be9340385739c5-YYZ
x-oss-hash-crc64ecma: 13727359308223823417
x-oss-server-time: 4
expires: Fri, 29 Mar 2024 09:43:57 GMT

GET
H3 200 logo.png
zbird03211.minigame.vip/static/images/ 16 KB
16 KB 783ms
770ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zbird03211.minigame.vip/static/images/logo.png
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f22d81ca30d2f3f11b07f3fc5cc1a3baa6bbdc9775de5f27f5630ffd3259f545

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
x-oss-request-id: 66067F4D9D7A8F3033027ABA
cf-cache-status: MISS
content-md5: i+AzHroWkZ5wqNgpa9JPcw==
alt-svc: h3=":443"; ma=86400
content-length: 16270
x-oss-object-type: Normal
last-modified: Wed, 28 Feb 2024 10:11:02 GMT
server: cloudflare
etag: "8BE0331EBA16919E70A8D8296BD24F73"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 86be933fd80d39c5-YYZ
x-oss-hash-crc64ecma: 6350996011986990953
x-oss-server-time: 8
expires: Fri, 29 Mar 2024 09:43:57 GMT

GET
H3 200 email-decode.min.js Show response
zbird03211.minigame.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
837 B 42ms
23ms Script
application/javascript 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zbird03211.minigame.vip/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
server: cloudflare
etag: W/"65fd6d96-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 86be9340688039c5-YYZ
expires: Sun, 31 Mar 2024 08:43:56 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 406 KB
138 KB 196ms
128ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

9d3b862816cab1d038fec91a5376242c92675e02e1400d0ffb808afb3335ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141295
x-xss-protection: 0
server: cafe
etag: 10017967521688185663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:43:57 GMT

GET
H3 200 lazy-img.png
zbird03211.minigame.vip/static/images/ 35 KB
35 KB 772ms
769ms Image
image/png 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zbird03211.minigame.vip/static/images/lazy-img.png
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 560e288858c580c2305be9353b1074a964206aa9b5b2c4883335f14495885f6f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:58 GMT
x-oss-request-id: 66067F4DBDAC963132D8574A
cf-cache-status: MISS
content-md5: IqpcmpLDckEQn7IObr+hmQ==
alt-svc: h3=":443"; ma=86400
content-length: 35882
x-oss-object-type: Normal
last-modified: Wed, 28 Feb 2024 10:11:02 GMT
server: cloudflare
etag: "22AA5C9A92C37241109FB20E6EBFA199"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=3600
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 86be9343ab0c39c5-YYZ
x-oss-hash-crc64ecma: 1766066214863945840
x-oss-server-time: 3
expires: Fri, 29 Mar 2024 09:43:57 GMT

GET
H2 200 number-merge-10_banner.png
res.minigame.vip/gc-assets/number-merge-10/ 33 KB
33 KB 237ms
32ms Image
image/png 2606:4700::6812:280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/number-merge-10/number-merge-10_banner.png
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89b6c26b230c50b13ab30ab05f3970d5c9149705e5a015ae412de922e21114da

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
x-oss-request-id: 65F1FCAE4A4BD23233A92BA4
cf-cache-status: HIT
content-md5: OIbKxjl/CJUci/Q7K7UzrA==
age: 1136150
cf-polished: origSize=39525
alt-svc: h3=":443"; ma=86400
content-length: 34044
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Thu, 01 Feb 2024 07:30:01 GMT
server: cloudflare
etag: "3886CAC6397F08951C8BF43B2BB533AC"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 86be9344ea2b4bbd-BUF
x-oss-hash-crc64ecma: 16913653706144443018
x-oss-server-time: 5
expires: Sun, 14 Apr 2024 08:43:57 GMT

GET
H2 200 color-border_banner.png
res.minigame.vip/gc-assets/color-border/ 35 KB
36 KB 234ms
30ms Image
image/png 2606:4700::6812:280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/color-border/color-border_banner.png
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d0143d8a8045399c8a61d13e0177ca88f95530955cce714dbfeb2cd201d05bc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
x-oss-request-id: 65F1C73850660430358B2A40
cf-cache-status: HIT
content-md5: tLjpsrvjj0koaBaaGCsdBg==
age: 1136085
cf-polished: origSize=41995
alt-svc: h3=":443"; ma=86400
content-length: 36204
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 06 Feb 2024 02:39:38 GMT
server: cloudflare
etag: "B4B8E9B2BBE38F492868169A182B1D06"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 86be9344ea2a4bbd-BUF
x-oss-hash-crc64ecma: 14924753045744315533
x-oss-server-time: 5
expires: Sun, 14 Apr 2024 08:43:57 GMT

GET
H2 200 pet-salon_banner.png
res.minigame.vip/gc-assets/pet-salon/ 79 KB
80 KB 255ms
51ms Image
image/png 2606:4700::6812:280
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://res.minigame.vip/gc-assets/pet-salon/pet-salon_banner.png
Requested by: Host: zbird03211.minigame.vip
URL: https://zbird03211.minigame.vip/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:280 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d513b111c9dd1050634ee2d2e4447be3fc7940e0c03ff79262d338a434bd0ce

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:57 GMT
x-oss-request-id: 660285BA10C343383105A6FF
cf-cache-status: HIT
content-md5: T4K1XN32wEXP1AaUVaNZfQ==
age: 232203
cf-polished: origSize=90822
alt-svc: h3=":443"; ma=86400
content-length: 81328
x-oss-object-type: Normal
cf-bgj: imgq:100,h2pri
last-modified: Tue, 12 Mar 2024 08:54:07 GMT
server: cloudflare
etag: "4F82B55CDDF6C045CFD4069455A3597D"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=1382400
x-oss-storage-class: Standard
accept-ranges: bytes
cf-ray: 86be9344ea2c4bbd-BUF
x-oss-hash-crc64ecma: 1768229333642886843
x-oss-server-time: 2
expires: Sun, 14 Apr 2024 08:43:57 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0F3B 0
0 599ms
514ms Document
text/html 142.250.9.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&adk=1812271804&adf=1573534164&lmt=1711441217&plaf=1%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x750_l%7C500x750_r&format=0x0&url=https%3A%2F%2Fzbird03211.minigame.vip%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711701837028&bpp=4&bdt=272&idt=535&shv=r20240327&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2498023325845&frm=20&pv=2&ga_vid=2121443239.1711701838&ga_sid=1711701838&ga_hid=1431262724&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081577%2C31082198%2C44795921%2C95325424%2C95320377%2C95328825&oid=2&pvsid=583394096819042&tmod=1965025811&uas=0&nvt=1&fsapi=1&fc=1920&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=587

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.9.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yq-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zbird03211.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 55343
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Mar 2024 08:43:58 GMT
expires: Fri, 29 Mar 2024 08:43:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 5388 0
0 739ms
660ms Document
text/html 142.250.9.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3962242587190395&output=html&h=280&adk=1290130597&adf=3025194257&w=1200&fwrn=4&fwrnh=100&lmt=1711441217&rafmt=1&format=1200x280&url=https%3A%2F%2Fzbird03211.minigame.vip%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyMy4wLjYzMTIuODYiLG51bGwsMCxudWxsLCI2NCIsW1siR29vZ2xlIENocm9tZSIsIjEyMy4wLjYzMTIuODYiXSxbIk5vdDpBLUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjMuMC42MzEyLjg2Il1dLDBd&dt=1711701837032&bpp=2&bdt=276&idt=599&shv=r20240327&mjsv=m202403200101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2498023325845&frm=20&pv=1&ga_vid=2121443239.1711701838&ga_sid=1711701838&ga_hid=1431262724&ga_fc=0&u_tz=-600&u_his=2&u_h=600&u_w=800&u_ah=600&u_aw=800&u_cd=24&u_sd=1&dmc=8&adx=200&ady=0&biw=1600&bih=1113&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31081577%2C31082198%2C44795921%2C95325424%2C95320377%2C95328825&oid=2&pvsid=583394096819042&tmod=1965025811&uas=0&nvt=1&fc=1920&brdim=770%2C570%2C770%2C570%2C800%2C0%2C1600%2C1200%2C1600%2C1113&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=615

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.9.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yq-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zbird03211.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42640
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Mar 2024 08:43:58 GMT
expires: Fri, 29 Mar 2024 08:43:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 167 KB
56 KB 115ms
114ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

d6ef08486c722f50bf6cf7fee129c7b864ee570b36b7c450941b72ef044f64bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57624
x-xss-protection: 0
server: cafe
etag: 7753218230753276271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:43:58 GMT

GET
H2 200 ca-pub-3962242587190395 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 203ms
63ms Script
application/javascript 2607:f8b0:4002:c2c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-3962242587190395?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:c2c::8b Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81be4e83dffbd764ba6a450ead4ed0726d87c960b7925423f9fbd0c6457e4964

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OwWKw3Ami19T2l95tIYcfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-OwWKw3Ami19T2l95tIYcfw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmII1JBiOHnrNtNFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw3Hu38wNbAI_dj6dwAwAOlE3AQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 slotcar_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/ 91 KB
32 KB 121ms
120ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/slotcar_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

1fd6d3eab27ce87368e49781ceaa3db5fb6469720283176e31e17c3b46c05278

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32301
x-xss-protection: 0
server: cafe
etag: 16509496174146697432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 29 Mar 2024 08:43:58 GMT

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Fetch
text/html 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3962242587190395
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS: lga25s72-in-f2.1e100.net
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/ Frame 4635 0
0 49ms
44ms Document
text/html 142.250.9.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240327/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.9.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yq-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zbird03211.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 40919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 28 Mar 2024 21:22:00 GMT
etag: 5035419970550746386
expires: Thu, 11 Apr 2024 21:22:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxULYF93TWIL8PmFk8_06U2zK_mb_K7No0O-M6nyHPEZOXF4sgj4FKYKetiBCEt5Sq8mkZGAmG2GTjX4qORbrL83xVeLx5wwfAyIpAYq9rhV4NCCJ32-RicqvOqRWlz9AzdumcyrIg== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 80ms
76ms Script
application/javascript 2607:f8b0:4002:c2c::8b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxULYF93TWIL8PmFk8_06U2zK_mb_K7No0O-M6nyHPEZOXF4sgj4FKYKetiBCEt5Sq8mkZGAmG2GTjX4qORbrL83xVeLx5wwfAyIpAYq9rhV4NCCJ32-RicqvOqRWlz9AzdumcyrIg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzAxODM5XSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3piaXJkMDMyMTEubWluaWdhbWUudmlwLyIsbnVsbCxbWzgsIlJ5bm80RkQ5aVRFIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/am=wA/d=1/rs=AJlcJMygUW-hTmjeTqHhjIHLU9V1nfH0FA/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:c2c::8b Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a1f91d075f42434e2347918eec914473173c94bdc3ad65e23b52596c3f5fb2fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XKGukQfc_koO11JcbCk4TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-XKGukQfc_koO11JcbCk4TA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmII1JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTNcf7fzA1sAhNufJMFALWhMUM"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUlmzdTD33Klh-f6_kmuZeFy4jRNtJmfsEqZyh1bAM5_DN_mabR2c_t-HHyfmlvj9xhpw9T4aC71z_4zkXD3ueS8kl0T4GQjf6F2yJCzO-LBlOhq_iDwEFRDW67B5npRwDHl8jeew== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 59ms
57ms Script
application/javascript 142.251.15.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUlmzdTD33Klh-f6_kmuZeFy4jRNtJmfsEqZyh1bAM5_DN_mabR2c_t-HHyfmlvj9xhpw9T4aC71z_4zkXD3ueS8kl0T4GQjf6F2yJCzO-LBlOhq_iDwEFRDW67B5npRwDHl8jeew==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzAxODM5LDk1MDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbNyw5XSxudWxsLDIsbnVsbCwiZW4iXSwiaHR0cHM6Ly96YmlyZDAzMjExLm1pbmlnYW1lLnZpcC8iLG51bGwsW1s4LCJSeW5vNEZEOWlURSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

6050addabaf1780e8ebf086dde899a5ac7f7480f37450246eb376e8e49bbbd64

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MAQbBkVQpol4w41t1QG_rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-MAQbBkVQpol4w41t1QG_rQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmLw0JBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTNcf7fzA1sAi-6djoAALHHMSo"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 116ms
115ms XHR
application/json 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240327&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

726553fed233e21817b50b6599a22d007db6eb40aea6b9122e70575879400268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12354
x-xss-protection: 0

GET
H3 200 favicon.ico
zbird03211.minigame.vip/static/images/ 1 KB
1 KB 528ms
527ms Other
image/vnd.microsoft.icon 104.18.3.128
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zbird03211.minigame.vip/static/images/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.3.128 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c46759ec358f6f9bab6bb9b741882e541d0805b6633038c321338ca2ce621e2

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-encoding: br
x-oss-request-id: 66067F4F17C7103138CEED9C
cf-cache-status: MISS
content-md5: ulhZIZGQFAyYZWo762caoA==
alt-svc: h3=":443"; ma=86400
x-oss-object-type: Normal
last-modified: Wed, 28 Feb 2024 10:11:02 GMT
server: cloudflare
etag: W/"BA5859219190140C98656A3BEB671AA0"
vary: Accept-Encoding
content-type: image/vnd.microsoft.icon
cache-control: public, max-age=3600
x-oss-storage-class: Standard
cf-ray: 86be934f5c2339c5-YYZ
x-oss-hash-crc64ecma: 13837686420236040192
x-oss-server-time: 11
expires: Fri, 29 Mar 2024 09:43:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 128ms
42ms Script
text/javascript 2607:f8b0:4002:c0c::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202403200101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4002:c0c::84 Atlanta, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 29 Mar 2024 08:43:59 GMT

GET
H3 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BF4D 0
0 40ms
39ms Document
text/html 74.125.138.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.138.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yi-in-f132.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zbird03211.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 211599
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Mar 2024 21:57:20 GMT
expires: Wed, 26 Mar 2025 21:57:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 2B39 0
0 167ms
64ms Document
text/html 74.125.138.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.138.105 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

yi-in-f105.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2ydPWKRR_DKgn3BS8Lrxpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zbird03211.minigame.vip/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2ydPWKRR_DKgn3BS8Lrxpg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 29 Mar 2024 08:43:59 GMT
expires: Fri, 29 Mar 2024 08:43:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 ad- Show response
fundingchoicesmessages.google.com/f/AGSKWxX92kFftt2_g2SmapWqu7iNyJ6Dh-wZzt-nckD8P1dh9Jjq80YsVe22zPuiYKjniPGDQxjrfVCKYJYxQkIZvZgyEpsGFtemWgteUJEIkCpMVjfHF6WxFFLtl6Cm-2l62tfIEvWARj3vpRYG81Xs_qBCTSU44... 54 B
110 B 53ms
47ms Script
application/javascript 142.251.15.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX92kFftt2_g2SmapWqu7iNyJ6Dh-wZzt-nckD8P1dh9Jjq80YsVe22zPuiYKjniPGDQxjrfVCKYJYxQkIZvZgyEpsGFtemWgteUJEIkCpMVjfHF6WxFFLtl6Cm-2l62tfIEvWARj3vpRYG81Xs_qBCTSU44oSOQGAjlAyQq0hmH5HepgWqK6CGgBmB/__728_x_90_/customadsense.-ads-widget/=adcenter&.net/ad-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.Ryno4FD9iTE.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMy7cSXtGgaSzwhyAa1SgDG3tjt8eQ/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

ae6c746ba2bb706c033715d4c7e1570c7a576b32b04b58b6efd0bc052fdf3837

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dIdmHrYCONIyudRuBN2Dmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dIdmHrYCONIyudRuBN2Dmg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytDikmJw1pBiOO90h-k6ENcyPGNqBWIDjedMFkD87stLJoGvL5kkgFgLiPnWTWdVAWLD9dNZI4E45vl01hQgdkqfwRoCxD71M1jjgLj15jnW6UB8csF51otALMTDcf7fzA1sAjMWb_vDBADhCTGq"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 113ms
106ms Script
text/javascript 142.250.65.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.65.194 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s72-in-f2.1e100.net

Software

cafe /

Resource Hash

bae114b5c6e88737f9704775cf09a08b6ff71f7c8d293ec9d2da15ef50d564a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50943
x-xss-protection: 0
server: cafe
etag: 6574824879337699496
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 29 Mar 2024 08:43:59 GMT

POST
H3 204 AGSKWxUeb61j4uNxdNJ5llT3FjVgofDgY1ah2cXKvNbGGXZseEXxqioA38WbcWueF-OhPIq1NTcYvTA3pCG5HiCKoMvYnRGphYPUKc-Y9heVvgfxTJ9BvQU_nR9A2QTtPprFOWtxbyGh0w== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 160ms
60ms XHR
text/html 142.251.15.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUeb61j4uNxdNJ5llT3FjVgofDgY1ah2cXKvNbGGXZseEXxqioA38WbcWueF-OhPIq1NTcYvTA3pCG5HiCKoMvYnRGphYPUKc-Y9heVvgfxTJ9BvQU_nR9A2QTtPprFOWtxbyGh0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_rQ69-hc9FdGT-sSRi449w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-_rQ69-hc9FdGT-sSRi449w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw1ZBiqGV4xtQKxE7pM1hDgFiIh-P8v5kb2AQO_J6ynhkAyoEMww"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://zbird03211.minigame.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUeb61j4uNxdNJ5llT3FjVgofDgY1ah2cXKvNbGGXZseEXxqioA38WbcWueF-OhPIq1NTcYvTA3pCG5HiCKoMvYnRGphYPUKc-Y9heVvgfxTJ9BvQU_nR9A2QTtPprFOWtxbyGh0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pyTiDNRG_0E2y7eti1AiVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-pyTiDNRG_0E2y7eti1AiVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIh-P8v5kb2ARWLN6-jhkAx1YMaA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zbird03211.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUeb61j4uNxdNJ5llT3FjVgofDgY1ah2cXKvNbGGXZseEXxqioA38WbcWueF-OhPIq1NTcYvTA3pCG5HiCKoMvYnRGphYPUKc-Y9heVvgfxTJ9BvQU_nR9A2QTtPprFOWtxbyGh0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nfm0wDo_JlsQrj_68GtdHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: script-src 'report-sample' 'nonce-nfm0wDo_JlsQrj_68GtdHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw0ZBiqGV4xtQKxE7pM1hDgFiIh-P8v5kb2AR-fNp2mBkAy-ENJw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zbird03211.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUeb61j4uNxdNJ5llT3FjVgofDgY1ah2cXKvNbGGXZseEXxqioA38WbcWueF-OhPIq1NTcYvTA3pCG5HiCKoMvYnRGphYPUKc-Y9heVvgfxTJ9BvQU_nR9A2QTtPprFOWtxbyGh0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--6ZQ8zPAVpSQnpEXuYKu7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--6ZQ8zPAVpSQnpEXuYKu7A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw0JBiqGV4xtQKxE7pM1hDgFiIh-P8v5kb2AQ-TDp2hBkAyNMMxA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zbird03211.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxUTRXORsHc0Tdw63couZe3cME-QqAO2cxTy8fY-06R6GLmq3Za48WkBs3tmCoVaDRuGGe1JXgxmCNkaC_oub-CRpfuWZ_RpKfRet2YrDZJmORMW58G47w3jYtVuYw9Qb77GF4uaHA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 62ms
62ms Script
application/javascript 142.251.15.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUTRXORsHc0Tdw63couZe3cME-QqAO2cxTy8fY-06R6GLmq3Za48WkBs3tmCoVaDRuGGe1JXgxmCNkaC_oub-CRpfuWZ_RpKfRet2YrDZJmORMW58G47w3jYtVuYw9Qb77GF4uaHA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzExNzAxODM5LDkxNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly96YmlyZDAzMjExLm1pbmlnYW1lLnZpcC8iLG51bGwsW1s4LCJSeW5vNEZEOWlURSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

963a6a9cda3ba8022d6392d25350b18d5f85ba5739bde61b24a3af05bd8b8d08

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8Y4H9jxcQyKb7bfoEiFi5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 29 Mar 2024 08:43:59 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-8Y4H9jxcQyKb7bfoEiFi5Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjKtDikmII0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZA_O7LSyaBry-ZJIBYC4j51k1nVQFiw_XTWSOBOOb5dNYUIHZKn8EaAsQ-9TNY44C49eY51ulAfHLBedaLQCzEw3H-38wNbAIPDnWdYgYAOP020Q"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxU0yiZa5n4YyjKUfeIULVXvOx-pGHMY_ILtQUmQ-RoqqzwuSJrUR76Ym7YqfoYGQsEQla1ooOcP229Ld0L2aRo-fO1lVu6B-g_5teS3jlk9iKteqM6uP7BOGMTeFAUGVPr4tH2OHg== Show response
fundingchoicesmessages.google.com/el/ 0
29 B 56ms
55ms XHR
text/html 142.251.15.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxU0yiZa5n4YyjKUfeIULVXvOx-pGHMY_ILtQUmQ-RoqqzwuSJrUR76Ym7YqfoYGQsEQla1ooOcP229Ld0L2aRo-fO1lVu6B-g_5teS3jlk9iKteqM6uP7BOGMTeFAUGVPr4tH2OHg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6tcG04st9QswPIMia9zCVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Mar 2024 08:44:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-6tcG04st9QswPIMia9zCVg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmJw1JBiqGV4xtQKxE7pM1hDgFiIm-PCv5kb2AR2LF_LDQC6ogvN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://zbird03211.minigame.vip
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUeb61j4uNxdNJ5llT3FjVgofDgY1ah2cXKvNbGGXZseEXxqioA38WbcWueF-OhPIq1NTcYvTA3pCG5HiCKoMvYnRGphYPUKc-Y9heVvgfxTJ9BvQU_nR9A2QTtPprFOWtxbyGh0w==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.15.101 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

yl-in-f101.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FAnXbZvGMrjlFwze3CPweg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform: "Win32"
Referer: https://zbird03211.minigame.vip/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 29 Mar 2024 08:44:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-FAnXbZvGMrjlFwze3CPweg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjktDikmLw05BiqGV4xtQKxE7pM1hDgFiIm-PCv5kb2AR-zHzLAwC9pgxN"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://zbird03211.minigame.vip
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240327&jk=583394096819042&bg=!ODulO3TNAAYQOWS2MDk7ADQBe5WfOEpPXJ6n_hTmRm5XtpGolm35nDw3lC1yA7D8kfnn_A2KNd-OarPhDucDucUfmcRBAgAAAHNSAAAABGgBB34ANV-znS3b7AbTv90ngpZyx5vjLZTcwOQ_OYc24MNUAwHvRgxCqhbK7Zs_P7k0P87nS0iq8wWWmQKvW8_Xbb6-5cU3HcW85MjM9E47jAgXa3KcjOFARvWDd3Ntejv3uPaVTe11cNUjT1wImpvD-efiQzGU4Vcsv-vH7ID0LhajdSmrTL5o78Flf8ySnTbgJ4La1pztFr5ZI9xKoKzdns4jD1J-VxcRkwOQh5lq_L0VfzANj5DSLDJ_H-QUopjeXVKoRC6rZ_89a6PAFMEy3SFIUpb0OnRiwUei9JPBP9SribF9GMC14h3x2wSAxsfE1d12gnpcsbOyb86mQ85HKwRlMwe5jgeQgs90EmxjGCKKzsHU735gxm7GVyWmiR1VsdbdrLC8XJPkxJZNgF2QoRPihkMLFUeGwZ9MAq5wKID_GZ0LfoUBK7qBJdBInRG7NBJgGt4BiBObK-lL4GgUXxo8Xk_r-IZZWgXH3IX984LPRiOUiNa2DM8ffLDlpSAxrXvCJGiZ7OIC6Vi_SP4QgvzoKmDxAfiqaSn_g5_JlmB5_ucYnzuL54kzsiuck-Wp3bCTWFr2fR_CwR1xgFOJWsFDvp3Y9Uws1cIVUH1oNo9o_iKC3sL4Z_nJvOQeOBW02ewvMoGMpicHqSEXHctmjEIha2cE9lDyyFJNQc_Z58AufciDuDNRLKgPKgGuSQjirCM_tWP0NNpAQ18TSN6XHF2shoS808BQxOvVv5wB2ZvycRtnBMywxXrCP5CrDsvHSdlLCnQJd0jaBiiUDoCPFIOpIyQIs9gQ6Whd-Aqg9oKNWidDJoX6e7sBdWzDJC_w5UzMvKA_aqHEI5jMB5WuXkXUzX__QWke83OmMWpp-_pKXfHY27ef7-BQZLUYlgedbwy2aghD7Uruv946fKaXJZBKiCjvTX1QZXxtUuAPyQFeobMiPyolxf70Xps_VtzE4xVGdP1jMrQ5sKWDqexeo9Lgru0ohwBjUK-W

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.minigame.vip/	1970-01-21 04:49:57	Name: __gads Value: ID=dc4a226910dc6cba:T=1711701837:RT=1711701837:S=ALNI_MaLSl4s7d8-AWc4dyYRephxfgTM7Q
.minigame.vip/	1970-01-21 04:49:57	Name: __gpi Value: UID=00000dd6c0be98e7:T=1711701837:RT=1711701837:S=ALNI_MZndUvVEYcFsSg3Mbj4UazAYEil8Q
.minigame.vip/	1970-01-20 23:47:33	Name: __eoi Value: ID=da4e4570a0e7c6fb:T=1711701837:RT=1711701837:S=AA-AfjYCltrmWPpPXbXdFj_J5cY6
.doubleclick.net/	1970-01-21 05:04:21	Name: IDE Value: AHWqTUmmZT9oY3uBCciHbHeqJHBTJPYuq3RtduGKlMzcLDx21DZWnvCG2a_-HU7NEJg
.googleadservices.com/	1970-01-20 21:37:57	Name: ar_debug Value: 1
.minigame.vip/	1970-01-21 04:13:57	Name: FCNEC Value: %5B%5B%22AKsRol-cIySdMa_mQoIvVBskexaMnxikMhV6IdSWLOkOpPvXR0G6dyM0TdARfmTSyJ4QOJLO3krTrA88jJKzjRHfjIqO2_KNf88tjIE7c7oHFMhHmrlC82wk2bQKhbk4Wt0gQLEZOPAfxQ6734likGxYYgQkynd7TA%3D%3D%22%5D%5D

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://zbird03211.minigame.vip/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
res.minigame.vip
tpc.googlesyndication.com
www.google.com
zbird03211.minigame.vip
pagead2.googlesyndication.com
104.18.3.128
142.250.65.194
142.250.9.155
142.251.15.101
2606:4700::6812:280
2607:f8b0:4002:c0c::84
2607:f8b0:4002:c2c::8b
74.125.138.105
74.125.138.132
0d0143d8a8045399c8a61d13e0177ca88f95530955cce714dbfeb2cd201d05bc
1c46759ec358f6f9bab6bb9b741882e541d0805b6633038c321338ca2ce621e2
1fd6d3eab27ce87368e49781ceaa3db5fb6469720283176e31e17c3b46c05278
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
404cd956a6f39416750a4749a9ecf1e43bc51cd962fce995c94ca11dffc7e22a
560e288858c580c2305be9353b1074a964206aa9b5b2c4883335f14495885f6f
5f474329659302bd1c84413b3df3c1116c0543de959f2bdd0df76d9c3afdc10a
6050addabaf1780e8ebf086dde899a5ac7f7480f37450246eb376e8e49bbbd64
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
726553fed233e21817b50b6599a22d007db6eb40aea6b9122e70575879400268
7d513b111c9dd1050634ee2d2e4447be3fc7940e0c03ff79262d338a434bd0ce
81be4e83dffbd764ba6a450ead4ed0726d87c960b7925423f9fbd0c6457e4964
89b6c26b230c50b13ab30ab05f3970d5c9149705e5a015ae412de922e21114da
963a6a9cda3ba8022d6392d25350b18d5f85ba5739bde61b24a3af05bd8b8d08
9d3b862816cab1d038fec91a5376242c92675e02e1400d0ffb808afb3335ce69
a1f91d075f42434e2347918eec914473173c94bdc3ad65e23b52596c3f5fb2fa
ae6c746ba2bb706c033715d4c7e1570c7a576b32b04b58b6efd0bc052fdf3837
bae114b5c6e88737f9704775cf09a08b6ff71f7c8d293ec9d2da15ef50d564a8
d6ef08486c722f50bf6cf7fee129c7b864ee570b36b7c450941b72ef044f64bd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7d4f2087bafa41335f248a267683d382489057856bb3c66465be2220964d749
e7e7b3e6ec7c728b7d1cdb76af91a20530491c404525ce6a9d08c445c4b85291
f22d81ca30d2f3f11b07f3fc5cc1a3baa6bbdc9775de5f27f5630ffd3259f545

zbird03211.minigame.vip Open in urlscan Pro 104.18.3.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

97 %HTTPS

33 %IPv6

4 Domains

7 Subdomains

10 IPs

2 Countries

649 kBTransfer

1562 kBSize

6 Cookies

4 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zbird03211.minigame.vip Open in urlscan Pro
104.18.3.128 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

97 %
HTTPS

33 %
IPv6

4
Domains

7
Subdomains

10
IPs

2
Countries

649 kB
Transfer

1562 kB
Size

6
Cookies

35 HTTP transactions
0 data transactions