mobile-legends.net Open in urlscan Pro
2606:4700:7::a29f:8a55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://mobile-legends.net/
Effective URL:
https://mobile-legends.net/
Submission: On June 16 via manual (June 16th 2022, 2:58:05 pm UTC) from DE — Scanned from DE

Summary HTTP 151 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 21 domains to perform 151 HTTP transactions. The main IP is 2606:4700:7::a29f:8a55, located in United States and belongs to CLOUDFLARENET, US. The main domain is mobile-legends.net. The Cisco Umbrella rank of the primary domain is 417769.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 23rd 2022. Valid for: a year.

This is the only time mobile-legends.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2606:4700:7::... 2606:4700:7::a29f:8a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
15	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:e134	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1 1	3.68.169.133 3.68.169.133	16509 (AMAZON-02) (AMAZON-02)
10	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	104.92.72.137 104.92.72.137	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	23.35.228.247 23.35.228.247	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	108.128.215.255 108.128.215.255	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
151	22

36 2606:4700:7::a29f:8a55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

mobile-legends.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.68.169.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-169-133.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.72.137 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.228.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-247.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.215.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-255.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 tpc.googlesyndication.com — Cisco Umbrella Rank: 150	539 KB
36	mobile-legends.net 1 redirects mobile-legends.net — Cisco Umbrella Rank: 417769	572 KB
26	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 stats.g.doubleclick.net — Cisco Umbrella Rank: 125	166 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	315 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	6 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	1 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	212 KB
3	casalemedia.com 3 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 578	3 KB
3	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 3269 onesignal.com — Cisco Umbrella Rank: 1165	73 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 358	913 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 652	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1652	415 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2000	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1132	794 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 7295	915 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1409	296 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3403	376 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 551	759 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 861	655 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 1648	3 KB
151	21

	Domain	Requested by
36	mobile-legends.net	1 redirects mobile-legends.net
28	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com mobile-legends.net googleads.g.doubleclick.net
15	pagead2.googlesyndication.com	mobile-legends.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	cm.g.doubleclick.net	googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
7	fonts.googleapis.com	googleads.g.doubleclick.net mobile-legends.net
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
3	ssum-sec.casalemedia.com	3 redirects
2	www.google-analytics.com	mobile-legends.net www.google-analytics.com
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.onesignal.com	mobile-legends.net cdn.onesignal.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	onesignal.com	cdn.onesignal.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	d.agkn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	secure.gravatar.com	mobile-legends.net
151	27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
twitter.com
www.youtube.com
plus.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-23` - `2023-05-23`	a year	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://mobile-legends.net/
Frame ID: 27BD51CD58365AD9B34C68AC18D929AD
Requests: 61 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20190131/zrt_lookup.html
Frame ID: BBF030FA464DB3EF29786CBD50A86C96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&adk=1812271804&adf=3025194257&lmt=1655391478&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmobile-legends.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391478197&bpp=4&bdt=702&idt=313&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4346839374140&frm=20&pv=2&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=330
Frame ID: 14E514F035321710682B936731653C4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&slotname=4985434229&adk=2093943714&adf=840438976&pi=t.ma~as.4985434229&w=1200&fwrn=4&fwrnh=100&lmt=1655391478&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391478201&bpp=2&bdt=706&idt=333&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mRIBwMhE6E&p=https%3A//mobile-legends.net&dtd=338
Frame ID: 7BD7E75BE69A686E99AF09B878FE78AE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22
Frame ID: 0EA01D7031C4A0BAAD22DDD4CDD0784B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26
Frame ID: A2BE2A70EC5F840B4AA0A31EF476235B
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1
Frame ID: AC345E106089A0CB49561BEF5D3D0A74
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1
Frame ID: E8859D2F68FDF156134B743933FF8761
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 7584732AAF6FCFCBBF210C29F251BD4E
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A55F7AD370973A9D24525BC7A2026C17
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
Frame ID: E16CA499F7D6DE68EA882C0EA82FA676
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B817C12293D1957157C1A647DEA4EB85
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
Frame ID: 7C829CBAF422658E58ED56303F8E6644
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5815E7F31650DF0B8D28699508D7B69A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FC4D507DEA386F907460DC0C903A41FD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
Frame ID: DC4F7E58189AB79287224E461C0D6E66
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js
Frame ID: C85C52A2E1DFB2CDC482FDB70D54525D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77F5468B0BCD2F75259E267E0F49EC9A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00A3964B9631AA0BE0D207433074DF3F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mobile Legends

Page URL History Show full URLs

http://mobile-legends.net/ HTTP 301
https://mobile-legends.net/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Gravatar (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<[^>]+gravatar\.com/avatar/

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Page Statistics

151
Requests

95 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

1910 kB
Transfer

5193 kB
Size

25
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/mobilelegendsfan

Search URL Search Domain Scan URL

URL: https://instagram.com/mobilelegendsnet

Search URL Search Domain Scan URL

URL: https://twitter.com/mlegendsfan

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCZimn7_5JA5oNZc6YFtvPYw

Search URL Search Domain Scan URL

URL: https://plus.google.com/116816742887705141554
Title: Follow

Search URL Search Domain Scan URL

URL: https://instagram.com/mobilelegendsnet
Title: Follow

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://mobile-legends.net/ HTTP 301
https://mobile-legends.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 91

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 100

https://d.agkn.com/pixel/2175/?google_gid=CAESEKAj5Gh47-3qMsUa1Ikvq-Y&google_cver=1&google_push=ARnp8GD2tu4Jr0pUmxS_Glvp-yciG5gEd4qxjc_puX31sc4rk3V_ybc-QMv42656dmJGxT4DYVilq-soKGkc-xmH-tVvICQOxLCU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GD2tu4Jr0pUmxS_Glvp-yciG5gEd4qxjc_puX31sc4rk3V_ybc-QMv42656dmJGxT4DYVilq-soKGkc-xmH-tVvICQOxLCU&google_hm=Q0FFU0VLQWo1R2g0Ny0zcU1zVWExSWt2cS1Z

Request Chain 101

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD48dZdghKaNU-ISDSmTSe5vJEbLdn3Kf9jEUMDqW2JRRADioSa-U-9SDTcSZ7_VpOXxhrpxnXjtwEwKIAOuui_cSTDlrE&google_gid=CAESEEItGnRlZc_F2yD-annCGaw&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD48dZdghKaNU-ISDSmTSe5vJEbLdn3Kf9jEUMDqW2JRRADioSa-U-9SDTcSZ7_VpOXxhrpxnXjtwEwKIAOuui_cSTDlrE&google_gid=CAESEEItGnRlZc_F2yD-annCGaw&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTYxNDU4MDAwMDAyMDQ4NjI0NTYzNw%3D%3D&google_push=ARnp8GD48dZdghKaNU-ISDSmTSe5vJEbLdn3Kf9jEUMDqW2JRRADioSa-U-9SDTcSZ7_VpOXxhrpxnXjtwEwKIAOuui_cSTDlrE

Request Chain 104

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGvTKV7zAAYV0KpgseumQpQ&google_cver=1&google_push=ARnp8GAdzveW6q8cv_fL2F9gMbbWGONPXoT3tZY41OqXB1jfblLiJ7nSO17W-wBhUfNvyc6vgcMPP4ziPIypHKQ2IV39wAE5EDc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHUjctSS1FSkhU&google_push=ARnp8GAdzveW6q8cv_fL2F9gMbbWGONPXoT3tZY41OqXB1jfblLiJ7nSO17W-wBhUfNvyc6vgcMPP4ziPIypHKQ2IV39wAE5EDc

Request Chain 105

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0&google_cver=1&google_push=ARnp8GAcZ-5IuZaBWG-zGyw3YW3aEnlvchUrYCyZidi0dZk0KYSRTdOlLmTmhE018Y1oX7XD3ZerWTc1cgQp1h5Fn54tu9VcZzls HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0&google_push=ARnp8GAcZ-5IuZaBWG-zGyw3YW3aEnlvchUrYCyZidi0dZk0KYSRTdOlLmTmhE018Y1oX7XD3ZerWTc1cgQp1h5Fn54tu9VcZzls&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_push=ARnp8GAcZ-5IuZaBWG-zGyw3YW3aEnlvchUrYCyZidi0dZk0KYSRTdOlLmTmhE018Y1oX7XD3ZerWTc1cgQp1h5Fn54tu9VcZzls&google_cver=1&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0

Request Chain 122

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIkDtCkZylF0wxA26vO4QuE&google_cver=1&google_push=ARnp8GDHCP_NtE2lJLh_ORhWEQnh8lAOmIEilO3inbc3ldde988IFKNkvIVWdvLo9nJOCYhBwJaGGLdyQMeITf6XnLAm6adUfv0 HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDHCP_NtE2lJLh_ORhWEQnh8lAOmIEilO3inbc3ldde988IFKNkvIVWdvLo9nJOCYhBwJaGGLdyQMeITf6XnLAm6adUfv0&google_hm=pJptG522rF5dJ8pUQjzzOg

Request Chain 123

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GDzeEwXec9925YGINpBrNi8vZHW3Nux8w5pGuQ4RZ4XbvVglNt7Odd-Pfx--t7L0_MSHS2U2YFd4WcuB5ow8NyU63LLJsf0&google_gid=CAESEErLccmV8OcNFinTE5hglrE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXF0RUBBQUFCZS1pZmpOeQ&google_push=ARnp8GDzeEwXec9925YGINpBrNi8vZHW3Nux8w5pGuQ4RZ4XbvVglNt7Odd-Pfx--t7L0_MSHS2U2YFd4WcuB5ow8NyU63LLJsf0

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENQSO5OYxDTVypkmWeQ0I5w&google_cver=1&google_push=ARnp8GBCvyPf6zLHyZ-F5jjUI1X2JSewKvldnP1Fu4TDy-RT6OKOxqohVo4ikT90sLTszjpK_e3Ccxk2Pzwtjg87XJ3DLm_OYBsb HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHVUctVy05RVJQ&google_push=ARnp8GBCvyPf6zLHyZ-F5jjUI1X2JSewKvldnP1Fu4TDy-RT6OKOxqohVo4ikT90sLTszjpK_e3Ccxk2Pzwtjg87XJ3DLm_OYBsb

Request Chain 127

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJsh1d1YyLul5uT1dtWFrAY&google_cver=1&google_push=ARnp8GA3kW_d_6OqvOzOuWjIpct8X-M3B3OwMI6QIElpuDKBmuMs_GeVmvmpd7nxXX73RHe-DLlD4rOXWmUXdgSMoxa3LaqWR6E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_cver=1&google_gid=CAESEJsh1d1YyLul5uT1dtWFrAY&google_push=ARnp8GA3kW_d_6OqvOzOuWjIpct8X-M3B3OwMI6QIElpuDKBmuMs_GeVmvmpd7nxXX73RHe-DLlD4rOXWmUXdgSMoxa3LaqWR6E

151 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
mobile-legends.net/
Redirect Chain

http://mobile-legends.net/
https://mobile-legends.net/

144 KB
21 KB

446ms
412ms

Document
text/html

2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec7e91d3ef43a4f4d211b788eaaefe1d0b06d7e3da340484f6c5fa33f87e7a17

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cf-cache-status: DYNAMIC
cf-ray: 71c4669bc4789b69-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:57:57 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fj2Y4EYaGuDdUY9LPmMi5taDDl5XCd8va5jbiS5szfkkCtj2mfZVkxNISGCQTGA5%2FYvUDhUkAiGeIpjEbdiWa1tBabQTnbLcg0W6Qo0%2BMAT09J92XOpC92d5m7vw9u5nM%2Bu9iNPnZ4v%2FbpCxgtygJlA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 71c4669b6ffa9969-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Thu, 16 Jun 2022 14:57:57 GMT
Expires: Thu, 16 Jun 2022 15:57:57 GMT
Location: https://mobile-legends.net/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zzVJpSAfD3TXEv2Gt0AYaBfxRPvU5SFFN3uEMlX4XF1lJnM58Z%2BdjjB8brd0CjnWfVB6A9uWp74e4S0E%2BtDyQTvQGgKVSjwRmzNb4X9HZG0KsIYMXe164Xpqag78LzxBOmRzedYvfurQxeDHp%2BatBZo%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 24568.css
mobile-legends.net/wp-content/cache/wpfc-minified/llde3s7v/ 1 MB
124 KB 380ms
379ms Stylesheet
text/css 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/wp-content/cache/wpfc-minified/llde3s7v/24568.css
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b69cb3c485e381d782f33af1fee93150d4ec3b2b0135e0be53470ad4e4e2b715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:57 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 25 Jan 2022 15:23:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XEE7zJcAF2XpGeVADwHBVIV64%2F94bAcXwOrevTz2wDdHj7gVPZY9elbM9c8MmOR2LmGCDiTY2RVDEAUXwYxeQPpHwDkAAcqqpioY9CUf2ZTSCnqwmkwL288aP2yvoOnV8LUGkr%2FDDUbu7cCWy8MBJ%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71c4669e76189b69-FRA
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H2 200 invisible.js Show response
mobile-legends.net/cdn-cgi/challenge-platform/h/g/scripts/ 40 KB
15 KB 34ms
33ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1655380800
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b86920385e115323f25667b8929484cda6a9d6c8c4b85148ed89138f97b22a45

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:57 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTK3JywYtUU1Qa4kjEhk4oxeTrjB73wL5fQX4R7ddZbLCUgY4voIec5qrcWdniTkTGsYNw2m5fjuaiDOnseCU%2Fk1HvJTrPHWuimgYCtwr51mhimXbbVG%2BhNA6%2FEOwQMB1EMe03Y217I32EG70JdlHCc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 71c4669e861d9b69-FRA

GET
H2 200 /
secure.gravatar.com/avatar/ 3 KB
3 KB 28ms
6ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/?s=80&d=monsterid&r=g
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4269af8523d6955feed42869e36aca3d9451edbd096bc22cdbd7887f65fac34b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Thu, 16 Jun 2022 14:57:57 GMT
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/?s=80&d=monsterid&r=g>; rel="canonical"
content-length: 3163
expires: Thu, 16 Jun 2022 15:02:57 GMT

GET
H2 200 rocket-loader.min.js Show response
mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 17ms
16ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: mobile-legends.net
URL: https://mobile-legends.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 10 Jun 2022 21:22:53 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"62a3b62d-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pGhU8e8%2FGiCMDtpQ8vg9TEpQBeLRc%2FO8sVetWBR3%2FBIGozwJft98htgCJi1jHnWiH0LeKTkG%2FeMOBKzovONXm8rPDP6DR2hEHoslzsUPRIDl%2BK8Hq2p2ewIixO1LilBibwwaM3lbdD1nkmR%2BxGL5yQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 71c4669e761a9b69-FRA
expires: Sat, 18 Jun 2022 14:57:57 GMT

GET
H2 200 blank.gif
mobile-legends.net/wp-content/plugins/wp-fastest-cache-premium/pro/images/ 43 B
409 B 24ms
24ms Image
image/gif 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/plugins/wp-fastest-cache-premium/pro/images/blank.gif
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42008
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 43
last-modified: Tue, 25 Jan 2022 15:20:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m9WgooH15LoJ8Hnbw6GbpkSvT6UspFYgd9JUCOFbT8red58SOktDsZxezuV0sjC8n17W45WGvJBM4LejiTvKKtZScFqu47buiOWdoSw8hz1TQZ418buvU%2FM3doDaMGDgfaoiiNGvYMOvCE4ZlYFAKr8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c4669e76199b69-FRA
expires: Thu, 23 Jun 2022 03:17:48 GMT

GET
H2 200 mobile-legends-230.png
mobile-legends.net/wp-content/uploads/2016/12/ 3 KB
3 KB 27ms
27ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2016/12/mobile-legends-230.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dda582e94af8739cb9254008a7cc3d905bc267ad8649bdfb2f3c7db1a5133d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 36506
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 2734
last-modified: Sat, 17 Dec 2016 17:41:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TPjFoKWqKS%2FGVmT%2F8wqvbcVu97ydGzmtZxXKkH06PjjPQc3pPCgYEwYgOsZ6CdYsxeEsqUPO2kvuzjgPsaiBh7PQCq14Q5LwYXN8IMg2S4R9AhBcTq1fiLL4qeiLzkMOdzTYvbSTZ1%2FzCJbL%2F7RhKq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c4669e86249b69-FRA
expires: Thu, 23 Jun 2022 04:49:31 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
56 KB 167ms
78ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mobile-legends.net
URL: https://mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ddd01fe775583876c4c04a267de9ab09dbe3e776cf2ab7453edcea7d4f07cde4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56541
x-xss-protection: 0
server: cafe
etag: 15248580074883821226
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 14:57:58 GMT

GET
H3 200 newsmag.woff
mobile-legends.net/wp-content/themes/Newsmag/images/icons/ 14 KB
14 KB 20ms
20ms Font
font/woff 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/wp-content/themes/Newsmag/images/icons/newsmag.woff?11
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/wp-content/cache/wpfc-minified/llde3s7v/24568.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd64e79960ddd6dbe68390c8057f24777b0e87ac0ae93733094e62f9b718e3db

Request headers

Referer: https://mobile-legends.net/wp-content/cache/wpfc-minified/llde3s7v/24568.css
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:57 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51199
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13848
last-modified: Tue, 06 Dec 2016 16:44:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZoMrU27cuqNXlpjSHskiDwmk305rin%2B7XFgRHM9NgUuGDMp9ToT0DL9bBuf6yQ%2FhXJ%2FRuXOhBQocNXCn2D6usyJ%2B8%2Bv7XcHBuX7pEnkzptGlJn3XLNgZF1BoFfWiNRGqrB%2BDDGCje6paS2pP5dprZ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466a15f889950-FRA
expires: Thu, 23 Jun 2022 00:44:37 GMT

GET
H3 200 mobile-legends-272.png
mobile-legends.net/wp-content/uploads/2016/12/ 4 KB
5 KB 24ms
24ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2016/12/mobile-legends-272.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 295335d4574429f092b250971b67bc85cc9b08bde73745a39eb09b1cddcb09bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 49696
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4587
last-modified: Sat, 17 Dec 2016 17:40:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JTGzbeb2XcUEg0RbdyjqdFweTpDkXU15tk2Q761MTP%2BOq0RdOmVO6sOvM4bI3UpctYwnSvsogf1JwAi%2B1HbeDVG1icsAw8LAKlxeGZsZ0UI3AlSCiDO7IU047AF4erAJDCIkP0frXjJXqsKHkDpW6xs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466a1c8749950-FRA
expires: Thu, 23 Jun 2022 01:09:42 GMT

GET
H3 200 Mobile-Legends-Balmond-Attack-Build-537x360.jpg
mobile-legends.net/wp-content/uploads/2017/03/ 38 KB
39 KB 21ms
21ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/03/Mobile-Legends-Balmond-Attack-Build-537x360.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cf13a3c2f4ee9f0b8d43e5c4e3df09cbe9446c5c92cedbf358ae3644f6a84d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 47711
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39255
last-modified: Fri, 15 Jun 2018 16:58:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AgH%2FQUeJATddHQ3Q6Fs8iHNItQcEvPsbte%2BV%2BX0dv1SwX3opF40%2Fhtua5JEjVCNZvRtHIyYz6Yu8UWy42quVs5MxeF15ChcEgWysg%2FdT0itb6EvFj43dwOm2czV4O04b2ZUycA65rW3cM7D4H2Cvf%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466a1c88b9950-FRA
expires: Thu, 23 Jun 2022 01:42:46 GMT

GET
H3 200 Mobile-Legends-freya-238x178.jpg
mobile-legends.net/wp-content/uploads/2016/11/ 12 KB
12 KB 17ms
17ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2016/11/Mobile-Legends-freya-238x178.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e8ed2ce79785eb40aefdadb938e4313a0000c1f6b30f2cf2307c54813872994

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41656
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11999
last-modified: Thu, 08 Dec 2016 00:54:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8rdHj3IyVbRty%2Fcz2%2BEyDxDbbXYToMJUn9GImpZb5mZewIff8%2FQGKN1kqU30YBX1ATsHX3voP8C3OPETlgZg6LpgZWelYflMXj%2BJ2e%2F%2BKbvAyXMRasoL9XZz244KbPq0WJMM95YUy%2B0zL%2BuNmPH%2Bo7Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466a1c88e9950-FRA
expires: Thu, 23 Jun 2022 03:23:42 GMT

GET
H3 200 Mobile-Legends-Gatotkaca-Tank-Armor-Build-238x178.jpg
mobile-legends.net/wp-content/uploads/2017/08/ 11 KB
11 KB 31ms
31ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/08/Mobile-Legends-Gatotkaca-Tank-Armor-Build-238x178.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc04b060351d92b1885dbad33931bac929ff5dfb0c421a6fa17d548d2da1fc84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14226
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11095
last-modified: Fri, 15 Jun 2018 12:22:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peazNj97budRe29QcoRtwmKSW6G2Gp2JCxk3vFbIooNOsQRF%2Bf2VE04%2BL3u5IHM6LfYLyLvuXFK%2FCxsk%2FI9zUJsy0MmzeomNrGUtWiaCphxmH3AeMaVZg8lgsTicw0WMBrO756U%2B2ky1f6z6Zn57vZc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466a1c8919950-FRA
expires: Thu, 23 Jun 2022 11:00:52 GMT

GET
H3 200 Mobile-Legends-Wings-of-Vengeance-Features-238x178.jpg
mobile-legends.net/wp-content/uploads/2018/01/ 9 KB
10 KB 134ms
134ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2018/01/Mobile-Legends-Wings-of-Vengeance-Features-238x178.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ddefcf8f7772cfdf8e92cc8ad7f3d7fbdb9fab1f28021d909fff875f45869ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 01:52:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6V0t6sWcc8pC4Uwk7yX%2Fvhph0CNAuISflEVNCNhLYxdcytecgyG0PnBbASBWAVL2ienXL2VvCsyHUUArQUTXSHBuTC18AufqUB1HQj9MuwsllSksDsyNHD1H2RDLYBtV7a86%2FhQFA0AuHE%2FGWZOows%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1c8939950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9597
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Mobile-Legends-Estes-Look-238x178.jpg
mobile-legends.net/wp-content/uploads/2017/04/ 7 KB
8 KB 146ms
146ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/04/Mobile-Legends-Estes-Look-238x178.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e41b8103245c0c185885d9fd2589f8d95356679cee7bf5cefa6ede3d65f351d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 16:32:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0cAR%2F9jd%2FiXx%2BNQ%2BnEd28JgKmZJjOiv13Ic63DJ9VWhu6YqkrneAShtoP7e%2FOZRhiapbQnB2P6i9z%2BWGGK9B9PO9qZ%2F83P1FyA7qzCsTOfC8SVwEMS4iAetOoyKBqNOQirV52DL4sQ2vDbHNBpKtNeM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1c8969950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7397
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Mobile-Legends-Yun-Zhao-341x220.jpg
mobile-legends.net/wp-content/uploads/2016/12/ 20 KB
20 KB 195ms
195ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2016/12/Mobile-Legends-Yun-Zhao-341x220.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14d41f4a60bba3f3e250067da52d116433c93b2e9ee801990a8f3bf50cbb08db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Wed, 07 Dec 2016 09:15:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OE1V9sLhQmJg%2Bf3QNRAyTfgq0NgbRNTODJG1xfHhttgTUG5%2BMkWKsMNcErORqgbsi7zy6eJJxA4s0qMc9rToHUt%2Bw4CYXHjFye71hI5PjYdeiv%2BgFvua0S3oB5tnnBaqYHTrYJOk6yylIoqjACkZ4qI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8d39950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20152
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Mobile-Legends-Hayabusa-Assassin-Damage-Build-341x220.jpg
mobile-legends.net/wp-content/uploads/2017/08/ 17 KB
17 KB 227ms
227ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/08/Mobile-Legends-Hayabusa-Assassin-Damage-Build-341x220.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef932ba80970bb4e423f2c08f5cfa21b785dac371a270fc04c7fb5c33f431bf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 12:54:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PAJZDrTk5Kr6EQ4c5JtB69JIql6RY5QTBvTxbiiWLnz28bhMzSSJZ2MrYUQEn9fYRrMv9lKd6fA%2FQlnWIqAsWqH1xaonEKG9xRvL2OwqXSfKKCM%2By4DKv%2BspTjjRjGWiAYNzM3nkDBiNoBF6KT8Sek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8d89950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17222
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Screenshot_20170117-021559-80x60.png
mobile-legends.net/wp-content/uploads/2017/01/ 8 KB
9 KB 154ms
154ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/01/Screenshot_20170117-021559-80x60.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ecfaa565a7871a94029284458a5de7400c5119984b280f3e9f00d3ef80056f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2017 08:27:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3e%2F2%2Fkrfgp4twXdrqQ%2Bv%2FTlgMmSMaJ26zAH0j%2F0un7NKsuOWgRP5ZxpgHomcRWUvVuXnqJD0JwhxHJm0xPGRUcviD4%2FAGbfYAOXHFFl6QA53qzWLHoVLFqIatyDU8hwMa8C20Z7G1GGGfubyZ6QBI6g%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8dd9950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8464
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Mobile-Legends-New-Akai-Hybrid-Tank-Build-80x60.jpg
mobile-legends.net/wp-content/uploads/2017/09/ 2 KB
2 KB 136ms
136ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/09/Mobile-Legends-New-Akai-Hybrid-Tank-Build-80x60.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5196bf0b4359d3cc6b8fa5f989e6831556509701c8260303534c6f269ca9f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 03:26:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3bFHdRGQ9yToWnhKGaCFu4fT4KDaqdwN31QgC0yo7ZCjXH9LNqGnWrDTx%2BETt0O6Dg8A4CC7c%2B8zQ5sS9buGeqKYk39OPEJXP1NBPGe7a6nI934dGo%2FmQXXYyVmBCvwYFNDxjTDRL5dZMSXLpZROS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8de9950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1805
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 maxresdefault-1-80x60.jpg
mobile-legends.net/wp-content/uploads/2017/03/ 3 KB
3 KB 154ms
154ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/03/maxresdefault-1-80x60.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 83fc91ad69e7a898ad005337d6c79dd99afd97810def813b813327e50db2cd01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Sun, 05 Mar 2017 02:12:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H71ZL3DmVaUewvQ%2BK8iQhOw%2FcOFDOnQQWLLC8Oufi0upIAb9fi4q9dJ6sduVuwuvMvXdVMTLjkT%2BqBVR6JpA8d3bqccCDzTFQCCsePpQkcu5AiATS5SoQMTblxAd0d2qIuaxESauY%2FLiBsnFk6KgfTw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8e09950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2741
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 video-small.png
mobile-legends.net/wp-content/themes/Newsmag/images/icons/ 982 B
2 KB 160ms
159ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/themes/Newsmag/images/icons/video-small.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92240070626cdf9677e6e3b1282069977bcf5395ada82ff0748b5e40472277fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Tue, 06 Dec 2016 16:44:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A44YD71iJGu3NxMs4jzQqsXeud0eP%2B2UYft3EJAZSgwGGgtYJkUlrpwSThMSMxfoicowm1kG7B53LP6FwPbgoEIYzBE51pwqEUvVw21cY2Giwy5f41%2BqhdjPQd90rL5MHsB07cUg4CNqjIa0aAtJArE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8e39950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 982
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Screenshot_20170124-174706-2-80x60.png
mobile-legends.net/wp-content/uploads/2017/01/ 12 KB
12 KB 159ms
159ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/01/Screenshot_20170124-174706-2-80x60.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6c2b6c669503f2560724d80d2357e95ebb62789cbe51f7cc347a4bca28e1b24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Tue, 24 Jan 2017 23:50:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F3vBQ3LrjdHbrzarDybd%2BubHWURmLFgIiUa3T6EGKT%2BH4kSAiIzO%2FrfqfkMs2mXSSJQcmNh%2FN5sNeeAZlcz7%2B%2B0pG6gq3KZZ6vjY52WxsuCQEB%2FTWUhh8ZcRRGMJhZ8IJqGVF8hLO5JtBZg%2B%2Bppkoyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8e79950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12118
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Mobile-Legends-Odette-Fast-Finish-Build-80x60.jpg
mobile-legends.net/wp-content/uploads/2017/10/ 2 KB
2 KB 137ms
136ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/10/Mobile-Legends-Odette-Fast-Finish-Build-80x60.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70156e195add91b68e6d3dc026dd19b35a35142def199f47c424a38fa2a184f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 03:12:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhTnJIYk3hHpPpvXk8xL2Lj39uSBht%2FaDLC%2B9ouY3tlXT2B9ekBGD6f2krFk%2Fja2z1%2BxPhKnXKHtOFFIvp34Ff5AbvlCncTfOUnzOKQKJlZZ%2FO2OJ2WjtdOBT1OOnkIgMoIzZIk7xgmPirrOIrFXnKI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8e99950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1812
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Mobile-Legends-Odette-Damageful-Build-80x60.jpg
mobile-legends.net/wp-content/uploads/2017/10/ 2 KB
2 KB 162ms
162ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/10/Mobile-Legends-Odette-Damageful-Build-80x60.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 291f2cf26aebacb7217b7ec9a11f9b17eb5b06ff79b7519159482451d7f32b1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 03:11:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dIzgnmesSE0Vq%2BdxvdNVDrnN%2B2lEDw7NKFbB%2BC4%2B0Mynlw4AvU57iT9%2BEsIZSU1K8VkAHk%2Fiy4ZhMjiyogZqrfZ8Koc4KpPm4I%2FLsVD2GSevmefuT2SB0pu9GkECx0CuO3rbpIZmWZL77ShTUqoDWXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a1e8eb9950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1829
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 NS-TN-2-300x194.jpg
mobile-legends.net/wp-content/uploads/2017/05/ 12 KB
13 KB 198ms
198ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/05/NS-TN-2-300x194.jpg
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eff5187a0305e5f676e96bfd943b0d66db37206c232eaad5c18e4fffb68723e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 15:06:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5klMJKkYp6jBeueI%2BGc7o8WSfRPgirQzYNbE5EOkPWfVyH%2BrA0oDmFSxhoJQ%2BSClfjlv5%2F7p49GsHaVJnlkJki0ME3OYyfWk2HATNk6d8GZBZGAvv1R9LWX%2FNELbTJwB9jisOxCt8vA%2BVobP5vbeWTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a219259950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12655
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Cyclops-w-abilities-100x75.png
mobile-legends.net/wp-content/uploads/2017/03/ 14 KB
15 KB 204ms
204ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/03/Cyclops-w-abilities-100x75.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 700852fb7752b7a9f1f963382237d870275fe685e8b4c4680ea2046a21d4423a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 21:14:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bfJ8F89ZYIbZmP8s0rro8WfE5URKwyWCuys%2Bp4v%2BVHIznrKo5mvM6LOzKltSXlZyU0hI4yLoABkfvhlvbNocj66Rb8NM0HSaAWqi3quLIPaRnPl1Zasx%2B%2FIGoIgBrFntMNMfnBd265e1sGLO9xMVQuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466a219299950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 14828
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 elements.png
mobile-legends.net/wp-content/themes/Newsmag/images/sprite/ 5 KB
5 KB 21ms
21ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/themes/Newsmag/images/sprite/elements.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/wp-content/cache/wpfc-minified/llde3s7v/24568.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efee2bd910743d2b24335d1b2e10fd15147c96a7d71cb3dfe5a17ff7a62e866c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/wp-content/cache/wpfc-minified/llde3s7v/24568.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 27425
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4785
last-modified: Tue, 06 Dec 2016 16:44:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Maou8g0rZdBeITb2vxpyHCzIF5uNowELL70T7u4CLRvZNsNOCgl2TCMExEg8HhjIxvJIRSlJ6SCgwuQcZRmaZM73BPe9Tet2oGVb7sPmBLueVweTyxadeIeU1jwWInAJMlR5nzEMNhnEE0bo8nJQxYI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466a2295e9950-FRA
expires: Thu, 23 Jun 2022 07:20:52 GMT

GET
H3 200 245o6.js Show response
mobile-legends.net/wp-content/cache/wpfc-minified/3slshfy/ 265 KB
61 KB 28ms
28ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/wp-content/cache/wpfc-minified/3slshfy/245o6.js
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c2213a6f15823aefc8de2c4419556ffe072fe980530f23da1941c8e72f9dd1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 41981
cf-polished: origSize=281088
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 15:25:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qXCLjEn4EYO8sFQq1n3d2iuz4PiNtEpqp0fp6kP8CDV6A2dEStlea9tdqvmRjsIPxHEOe3XGIMzQ9Wn%2F%2B%2Bd84ya8kkGRC6%2ForALm%2FMBGn70ENqWO1aQ1CRUaYttclnETrgdTgnMdpQkKWGYAUkLnwrc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 71c466a2396e9950-FRA
expires: Thu, 23 Jun 2022 03:18:16 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 54ms
20ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71c466a26ba89b46-FRA
date: Thu, 16 Jun 2022 14:57:58 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3373
etag: W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 19 Jun 2022 14:57:58 GMT

GET
H3 200 24568.js Show response
mobile-legends.net/wp-content/cache/wpfc-minified/8kx4ul71/ 5 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/wp-content/cache/wpfc-minified/8kx4ul71/24568.js
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78ff89c58b2207da3226176fe4fc23024182166c11702462fe0069d82deedbca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14226
cf-polished: origSize=4932
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 15:23:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tdiRhU%2FNapqrRkogQ3odxBBAiWsM3TUHRMHcRvrjlVZkPCUFQcfAbXqLlnjE%2B6MmKmUZq8gAJIbdS%2BnFM45Zhsg%2F65kV760mcxo%2FKAHDAvYjV2qVTeF36M%2B9lxBLmExncSV8H1brD9qAgLAenx%2FIak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 71c466a239709950-FRA
expires: Thu, 23 Jun 2022 11:00:52 GMT

GET
H3 200 24547.js Show response
mobile-legends.net/wp-content/cache/wpfc-minified/35qlfeg/ 104 KB
38 KB 23ms
23ms Script
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/wp-content/cache/wpfc-minified/35qlfeg/24547.js
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9009232666d8ff6e92a3688cb5aa7b0ac0025c8bb54a2167f3f275af7855c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 51201
cf-polished: origSize=106757
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 15:22:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4jKB5%2FLn27yXcSG%2FWhnlc7BYf%2FaVqbmjq4wggfkpg0l%2BhMtmRg2DKfWqVviWFHzIyxJd365ZgO9eAL1qzG29i9zySARF9caJlDyv1gdDWdpN6zb25xrHE%2B7xJNU%2FmBWsMLyxI3yWk4c5VRAnRAO4%2B8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
cf-ray: 71c466a239719950-FRA
expires: Thu, 23 Jun 2022 00:44:37 GMT

GET
H3 200 pica.js
mobile-legends.net/cdn-cgi/challenge-platform/h/g/scripts/ 23 KB
9 KB 20ms
20ms Other
application/javascript 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 732a25eb1f2f95240b2894860aa334e17ac5e3d0222dd9b9893f144c392571ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofSBhjFu2O4pmaKGPHorc%2BDbRZnWDGf2LYVySpVgeczLXs%2FLgt90myPZx%2FVZJgwGodV72lGfHTjops%2Bpl7ANcq4DeFU3kKkQeFzw9IyuvNW2uq66OAN3ZC5WCoG4%2F2Gj9V8i%2FSZwP4uHeooI5hmQX7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 71c466a239739950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 340 KB
120 KB 151ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8059077088189797&plah=mobile-legends.net&bust=31068061

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a86c7185cd0ef64233c298f3a91d4a71e7d0b85452c582c2d50241780d9172f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122729
x-xss-protection: 0
server: cafe
etag: 17540244847406121700
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 14:57:58 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220614/r20190131/ Frame BBF0 10 KB
5 KB 126ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220614/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43310
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 02:56:08 GMT
etag: 8616628553774171045
expires: Thu, 30 Jun 2022 02:56:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 71c4669bc4789b69 Show response
mobile-legends.net/cdn-cgi/challenge-platform/h/g/cv/result/ 2 B
729 B 36ms
36ms XHR
text/plain 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mobile-legends.net/cdn-cgi/challenge-platform/h/g/cv/result/71c4669bc4789b69
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/cdn-cgi/challenge-platform/h/g/scripts/invisible.js?ts=1655380800
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://mobile-legends.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CWnx73REEzAA7cZHH6mxKlJ6Y5Cs3Q4dGaHksi3mAyT6YDoSneX6jAKisyTaV5aO12Ixi5xuS%2B7jDdU0mZLgSBWWeFWwYdisSrW05TkTkco1mEn66mw25CEEBVYx%2BCDm0nl6qD9OYY75228P3vV0%2FgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 71c466a48d959950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
655 B 130ms
42ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mobile-legends.net&callback=_gfp_s_&client=ca-pub-8059077088189797

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8059077088189797&plah=mobile-legends.net&bust=31068061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a3aa39d5d6a794eae0ab9fea00708a616dc5cce2b4ddcaccc6f2e2c3f1a73d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 210
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
793 B 135ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mobile-legends.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
550 B 141ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobile-legends.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:57:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 14E5 223 KB
53 KB 581ms
500ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&adk=1812271804&adf=3025194257&lmt=1655391478&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmobile-legends.net%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391478197&bpp=4&bdt=702&idt=313&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4346839374140&frm=20&pv=2&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4199cbe6d489c44ee57d274f72e39143cbf238da2c3025db26b4196f7e96e0fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 54352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:57:59 GMT
expires: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7BD7 90 KB
31 KB 937ms
867ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&slotname=4985434229&adk=2093943714&adf=840438976&pi=t.ma~as.4985434229&w=1200&fwrn=4&fwrnh=100&lmt=1655391478&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391478201&bpp=2&bdt=706&idt=333&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mRIBwMhE6E&p=https%3A//mobile-legends.net&dtd=338

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dc3b431b1432e00a58bdc075d1f9e4bed885cd19cf7fcb2958f40e5339d099aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31601
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:57:59 GMT
expires: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 148 KB
53 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/reactive_library_fy2021.js?bust=31068061

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19c1990c2236fcf95c56097d51c1f36ae55db5f5c3f2b97172c359e1c52d6cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54076
x-xss-protection: 0
server: cafe
etag: 10135417262157568679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mobile-legends.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 129ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mobile-legends.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0EA0 94 KB
33 KB 765ms
764ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b8f5be236d1622b366f75375016cb696d3a83a50ce5f74507b44604fe5eefc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33807
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:57:59 GMT
expires: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A2BE 95 KB
33 KB 588ms
588ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bfb6ced08eeb3510a1d3690562be37e5720c14cc988c6d8d152bee7f4eea2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33984
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:57:59 GMT
expires: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/ Frame AC34 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 17:40:23 GMT
etag: 8616628553774171045
expires: Wed, 29 Jun 2022 17:40:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/ Frame E885 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 76656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 15 Jun 2022 17:40:23 GMT
etag: 8616628553774171045
expires: Wed, 29 Jun 2022 17:40:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame AC34 4 KB
1 KB 155ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AC34 205 B
742 B 145ms
40ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 13:56:09 GMT
x-content-type-options: nosniff
age: 3710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Jun 2023 13:56:09 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AC34 604 B
696 B 146ms
41ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:45:36 GMT
x-content-type-options: nosniff
age: 743
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 16 Jun 2023 14:45:36 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/elements/html/ Frame AC34 19 KB
9 KB 156ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

180f72b1a462888e9c99697f73b7b547588d82d1d06ed4e06ad1d517a3d6ed90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8237
x-xss-protection: 0
server: cafe
etag: 879581559784644231
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:56:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E885 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CaPh39kSrYr2eJ5HxtgfimZoI2tuYuWreprSl7g_J74rM6RsQASCkq7IiYJXikIKgB6AB5dLptgLIAQKoAwHIA8kEqgTZAU_QDEtIThnTUM3cZ9CKC07Esz4I4PBITSYAwwS4QvjKS3j5PBiwUEOzAcw8Y3xUrkUvq2MPSYlrpoM1IIEFi3j-xRa5ZKglyn61sKnVNLbHeYiwfhVekxdJpnLDuD6sn6kR8YzuNTRCkLnaHpaVZeC0Fr090iydSW6q-LV-1AfxOKDIiFO62mL_qrFPObjXGap_N8M08oayWbqmSogZ4h97a_aCDTF_OMB03kwDV8O3PFgVTCNSc5hEVtVJL5eZi4q6l9foPCtYEjxC7SMWfV8p4OWK89BpHO_ABI-5j_b1A5IFBAgEGAGSBQQIBRgEoAYCgAeDrZbJAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEENj6FdIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MDU5MDc3MDg4MTg5Nzk3GAA&sigh=Hydb_DzGdVM&uach_m=[UACH]

Requested by

Host: mobile-legends.net
URL: https://mobile-legends.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/ Frame E885 21 KB
9 KB 150ms
45ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:54:11 GMT

GET
H2 200 4527481927214710849
tpc.googlesyndication.com/simgad/ Frame E885 43 KB
44 KB 183ms
79ms Image
image/png 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4527481927214710849?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnzVxQUG7ChpVcL-00_Pmnk-Cjy4Q

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f4eb6b9b4e9495283abedd1611199f6ebb43a01b8ced67865fcf4c25d7ad0af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:51:55 GMT
x-content-type-options: nosniff
age: 194764
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44225
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 13:22:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Jun 2023 08:51:55 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame E885 3 KB
1 KB 181ms
78ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:56:18 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E885 137 KB
43 KB 156ms
49ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame E885 17 KB
7 KB 155ms
52ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:53:51 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame E885 31 KB
13 KB 218ms
115ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:14:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2587
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12864
x-xss-protection: 0
server: cafe
etag: 4287797001720200766
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:14:52 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7584 8 KB
893 B 132ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:42:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 7584 2 KB
902 B 166ms
84ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/ Frame 7584 21 KB
8 KB 122ms
42ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:54:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 7584 3 KB
1 KB 162ms
84ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:56:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7584 137 KB
42 KB 138ms
57ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 7584 17 KB
7 KB 117ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:53:51 GMT

GET
H3 200 6609dd9ea225b203b979e97d717528a7.js Show response
www.gstatic.com/mysidia/ Frame 7584 32 KB
13 KB 123ms
41ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 10:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 02:25:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 10:10:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7BD7 8 KB
893 B 104ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&slotname=4985434229&adk=2093943714&adf=840438976&pi=t.ma~as.4985434229&w=1200&fwrn=4&fwrnh=100&lmt=1655391478&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391478201&bpp=2&bdt=706&idt=333&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mRIBwMhE6E&p=https%3A//mobile-legends.net&dtd=338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:30:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 7BD7 2 KB
902 B 144ms
84ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/ Frame 7BD7 21 KB
8 KB 110ms
51ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:54:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 7BD7 3 KB
1 KB 91ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:56:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7BD7 137 KB
42 KB 146ms
85ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 7BD7 17 KB
7 KB 116ms
57ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:53:51 GMT

GET
H3 200 6609dd9ea225b203b979e97d717528a7.js Show response
www.gstatic.com/mysidia/ Frame 7BD7 32 KB
13 KB 96ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 10:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 02:25:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 10:10:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A55F 143 B
163 B 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:46:05 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7BD7 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CoAYk9kSrYsqnKuyno9kP88SwgA3fwePHau2nnPWYD9_iu-XaDxABIKSrsiJgleKQgqAHoAHl5dPuAsgBCakCBkYNWsejjT6oAwHIA8sEqgTYAU_QcDeDHLpMFnpO71vNwff73azajFa0Ze1vacF2cTOLQus4DXBDQfwZbihxfPVfKlz5DHG_mpnsn_lxfxJaH3TD4C19njdvhfYe-hKEVQLT27B1_25vWcdLDdCA2CToaNdPI_S7LTGibdnLPA8HEXu_VcU3blAP9x6YPHL0yJVhHrhA4BnaWCnQLfJCwhmwxDAH2bGSP3j3oeCaOGCdldrVRg_8RyuWg8K11viRaJCCxdS5zii8CRt9QeWB5ZtO-opY9GlmFTpmah_CfxcfeK8AcyCzJnkY08AE3LTe0-oDkgUECAQYAZIFBAgFGASgBi6AB4OarJEBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQocdF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E4gn2BMM0BUBgBcBshccChoIABIUcHViLTgwNTkwNzcwODgxODk3OTcYAA&sigh=DrFvqS-DHMY&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&slotname=4985434229&adk=2093943714&adf=840438976&pi=t.ma~as.4985434229&w=1200&fwrn=4&fwrnh=100&lmt=1655391478&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391478201&bpp=2&bdt=706&idt=333&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=216&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mRIBwMhE6E&p=https%3A//mobile-legends.net&dtd=338
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4797477659654308693/ Frame 7BD7 21 KB
21 KB 113ms
65ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4797477659654308693/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c9518fa93a21492d7bca3ca1f1c86dc4ba79fafd7a54ac3fd5a2f7fe1299ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 03:22:37 GMT
x-content-type-options: nosniff
age: 214522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21568
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 11:59:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Jun 2023 03:22:37 GMT

GET
DATA 200
OK truncated
/ Frame 7BD7 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7BD7 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E885 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7e33cbb147f4a7f925826327030311f4aeb0f59a33acedf8a1d31bf97c74b37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A55F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

85ms
84ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:57:59 GMT
expires: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:57:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js Show response
pagead2.googlesyndication.com/bg/ Frame E16C 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 11:24:04 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B817 143 B
163 B 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 714
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:46:05 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7BD7 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63824cc2a3a10ca498970045c092b90ab334c64a7d50123d9b2c679e694836ff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 7BD7 28 KB
28 KB 128ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 66065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:36:54 GMT

GET
H3 200 WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C82 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99235
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 11:24:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A2BE 8 KB
893 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:37:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:57:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame A2BE 2 KB
902 B 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/ Frame A2BE 21 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:54:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame A2BE 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:56:18 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2BE 137 KB
42 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:57:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:57:59 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame A2BE 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 248
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:53:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A2BE 0
0 127ms
48ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMXZMNw2MCFt604Y3O9BNFU3sBkC-C34MdVuEII4OmQb-fpSE3cT01QYyE6m7NJBtZvtexOXPiz39VdXyTg9klhkaaqA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 6609dd9ea225b203b979e97d717528a7.js Show response
www.gstatic.com/mysidia/ Frame A2BE 32 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 10:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17257
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 02:25:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 10:10:22 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B817
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

103ms
102ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220614/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:58:00 GMT
expires: Thu, 16 Jun 2022 14:58:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 16 Jun 2022 14:57:59 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A2BE 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIVgH90SrYoeYEu-fqMwPmuuhoAiJj9PQav2phP30D8-3vs-IChABIKSrsiJgleKQgqAHoAGEjJm8AsgBCagDAcgDywSqBNQBT9A5HWbHbSx0mFfG7UC1VmA19i7csF9c-wTQhiqny2XFujNIiM8FJshq0pHPlDR0ZzokdDtp-PC3BtO5FvlupLCqLklp7_6ZUUGLmxlKe2_Yv0ZNRfUrm3cp4tqX-KNdzZGDzUcsXUaVMQhLNLmgeR9hFkPM7SpQ7C7ar5bmmhzXSv4ZdAU1bOQyf0Q4joNONnUO7WJxPxh8gajkYUevubl7KLZRk2lfUP2uh-iS-NWlnQmNVzpPJbZcxiO-kL7p46CIGiJrn2Pa8hJD2uru6Xg7pybABKTv_8OGBJIFBAgEGAGSBQQIBRgEoAYugAe7j_67AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEM21PNIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItODA1OTA3NzA4ODE4OTc5NxgA&sigh=c3rbaJEpfzY&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 16 Jun 2022 14:57:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13830140998134320633/ Frame A2BE 28 KB
28 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13830140998134320633/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e10eac1cac40b20c0b2019a72564ab76bf2eae0828cd9fe80359d6e52d83b5af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 14:02:06 GMT
x-content-type-options: nosniff
age: 89753
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28511
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 16:01:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 15 Jun 2023 14:02:06 GMT

GET
DATA 200
OK truncated
/ Frame A2BE 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A2BE 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5815 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32655
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 17 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A2BE 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e20c089ad4d3052ed483c70bbd881a905ef4b22fe6bb07b3959ba0df07e750b0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame A2BE 28 KB
28 KB 124ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 66066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:36:54 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5815 35 B
465 B 25ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEI5lzO1R895XOeFIXGJtPI8&google_cver=1&google_push=ARnp8GA3qUdcG-LOreoIHK8DdWhFXRpbu_atEWvKBL45tyTyWVmjhfYcTu5eQUoBT_x7pi_oqvLQYVOzbYWmMjo_fUSzWvT6CqqM

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:57:59 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKAj5Gh47-3qMsUa1Ikvq-Y&google_cver=1&google_push=ARnp8GD2tu4Jr0pUmxS_Glvp-yciG5gEd4qxjc_puX31sc4rk3V_ybc-QMv42656dmJGxT4DYVilq-soKGkc-xmH-tVvICQOxLCU
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GD2tu4Jr0pUmxS_Glvp-yciG5gEd4qxjc_puX31sc4rk3V_ybc-QMv42656dmJGxT4DYVilq-soKGkc-xmH-tVvICQOxLCU&google_hm=Q0FFU0VLQWo1R2g0Ny0zc...

170 B
232 B

61ms
44ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GD2tu4Jr0pUmxS_Glvp-yciG5gEd4qxjc_puX31sc4rk3V_ybc-QMv42656dmJGxT4DYVilq-soKGkc-xmH-tVvICQOxLCU&google_hm=Q0FFU0VLQWo1R2g0Ny0zcU1zVWExSWt2cS1Z

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:57:59 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ARnp8GD2tu4Jr0pUmxS_Glvp-yciG5gEd4qxjc_puX31sc4rk3V_ybc-QMv42656dmJGxT4DYVilq-soKGkc-xmH-tVvICQOxLCU&google_hm=Q0FFU0VLQWo1R2g0Ny0zcU1zVWExSWt2cS1Z
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD48dZd...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GD48dZd...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTYxNDU4MDAwMDAyMDQ4NjI0NTYzNw%3D%3D&google_push=ARnp8GD48dZdghKaNU-ISDSmTSe5vJEbLdn3Kf9jEUMDqW2JRRADioSa-U-9SDTcSZ7_Vp...

170 B
188 B

42ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTYxNDU4MDAwMDAyMDQ4NjI0NTYzNw%3D%3D&google_push=ARnp8GD48dZdghKaNU-ISDSmTSe5vJEbLdn3Kf9jEUMDqW2JRRADioSa-U-9SDTcSZ7_VpOXxhrpxnXjtwEwKIAOuui_cSTDlrE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MTYxNDU4MDAwMDAyMDQ4NjI0NTYzNw%3D%3D&google_push=ARnp8GD48dZdghKaNU-ISDSmTSe5vJEbLdn3Kf9jEUMDqW2JRRADioSa-U-9SDTcSZ7_VpOXxhrpxnXjtwEwKIAOuui_cSTDlrE
pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 5815 43 B
351 B 160ms
49ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJ8SgoqMP4nUHgzFzGb1WOs&google_cver=1&google_push=ARnp8GDvNSP-S8ZlOTQS_P2EG6R8UIka_VcEu5GG755DARvW2-zbytzi-R-ht5cpJ2HkEdDkv-aInF7h3a7FRBhtT7YDQjfKQZVe
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:57:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: imb3a707qjpvpc4csc21dnf0g36c8clp

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5815 0
166 B 405ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMIVlAfR7FfbMFWDxADUNkg&google_cver=1&google_push=ARnp8GA3VPkvQhIezqngvFGoCwdkPYA6dJJiLLAo-6DhIr9BcCX_C6p3fzS7q2dwWJJkie5rzRO6HsgZCQBjmKH1IErjjAVw9_k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=28778636&adf=2410121672&pi=t.aa~a.1027649946~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1200x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1693&idt=0&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280%2C1021x280&nras=3&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2549&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=VBHlsGhRu2&p=https%3A//mobile-legends.net&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGvTKV7zAAYV0KpgseumQpQ&google_cver=1&google_push=ARnp8GAdzveW6q8cv_fL2F9gMbbWGONPXoT3tZY41OqXB1jfblLiJ7nSO17W-wBhUfNvyc6vgcM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHUjctSS1FSkhU&google_push=ARnp8GAdzveW6q8cv_fL2F9gMbbWGONPXoT3tZY41OqXB1jfblLiJ7nSO17W-wBhUfNvyc6vgcMPP4ziPIypHKQ2IV39wAE5EDc

170 B
329 B

76ms
42ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHUjctSS1FSkhU&google_push=ARnp8GAdzveW6q8cv_fL2F9gMbbWGONPXoT3tZY41OqXB1jfblLiJ7nSO17W-wBhUfNvyc6vgcMPP4ziPIypHKQ2IV39wAE5EDc

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHUjctSS1FSkhU&google_push=ARnp8GAdzveW6q8cv_fL2F9gMbbWGONPXoT3tZY41OqXB1jfblLiJ7nSO17W-wBhUfNvyc6vgcMPP4ziPIypHKQ2IV39wAE5EDc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 5815
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0&google_push=AR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_push=ARnp8GAcZ-5IuZaBWG-zGyw3YW3aEnlvchUrYCyZidi0dZk0KYSRTdOlLmTmhE018Y1oX7XD3ZerWTc1cgQp1h5Fn5...

170 B
232 B

74ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_push=ARnp8GAcZ-5IuZaBWG-zGyw3YW3aEnlvchUrYCyZidi0dZk0KYSRTdOlLmTmhE018Y1oX7XD3ZerWTc1cgQp1h5Fn54tu9VcZzls&google_cver=1&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:58:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_push=ARnp8GAcZ-5IuZaBWG-zGyw3YW3aEnlvchUrYCyZidi0dZk0KYSRTdOlLmTmhE018Y1oX7XD3ZerWTc1cgQp1h5Fn54tu9VcZzls&google_cver=1&google_gid=CAESEFkDFcsQx45I9DYdNFhsII0
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 5815 0
232 B 134ms
40ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kd_1J1XU6GXrIUS_ndpQDT3IKWUbExCIxgBKYcn2jcIdOliozyH1HQlkGnBGGV3TGoWRB-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 css
fonts.googleapis.com/ Frame 0EA0 8 KB
893 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:35:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 0EA0 2 KB
902 B 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:55:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:55:39 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/ Frame 0EA0 21 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:54:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 228
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:54:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 0EA0 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:56:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:56:18 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0EA0 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CYCRK90SrYpiAEtWWqMwP_syu4Abd4sTLaOGp55TOD9e6waeeHBABIKSrsiJgleKQgqAHoAHO5s_-A8gBCakC53oDX7ZysT6oAwHIA8sEqgTYAU_QzwyQenfjwyh5Rp-k_nL1-QH9KTY5oN7aCLsNvDGIHYlE1q4SI_0rKdddO1HMgF8zrvZdjjt3YDv_RjyQLCVsq99KUm1Fxsw5r28wXWm_QYKOzXCU25jGqxDPWC3E2L2IYlkDgpvmmfe3UZjXpt2lfsrauCEJXYOmpO0yGFYFMzUqqw5UtgJbNTq-aYGmQHFe9vN1xfKgKUjZOy08aCXoJY2rj4Nog_bw3iqtz5k1iUXj54VcA-1OQvxK1M5Hb_PHPNnnGFgSaPEgtCVVm7tFUyPYB-FWecAEj-SM_O0DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5qZsAGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCchAzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgTiCfYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItODA1OTA3NzA4ODE4OTc5NxgA&sigh=vWRV-X-SgEg&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 16 Jun 2022 14:58:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EA0 137 KB
42 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/ Frame 0EA0 17 KB
7 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220614/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:53:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 30 Jun 2022 14:53:51 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0EA0 0
0 47ms
47ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMufx7PSgU2qe_IfySAe-7FHwCvkUlg2sZaR9Xd3aKvhloB7OKTwGe8G6JwKHSofE4onXwasSNYVUorNz7hU-HBOmBgg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 6609dd9ea225b203b979e97d717528a7.js Show response
www.gstatic.com/mysidia/ Frame 0EA0 32 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 10:10:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17258
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 02:25:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Sep 2022 10:10:22 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13907415909637804965/ Frame 0EA0 18 KB
18 KB 40ms
40ms Image
image/jpeg 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13907415909637804965/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f844e81ccca9d04f2e5c524901d016d92ed8e256cd69765a97d0d059ec7072d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 13:03:09 GMT
x-content-type-options: nosniff
age: 438891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18127
x-xss-protection: 0
last-modified: Mon, 14 Feb 2022 10:34:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 11 Jun 2023 13:03:09 GMT

GET
DATA 200
OK truncated
/ Frame 0EA0 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0EA0 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FC4D 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Fri, 17 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js Show response
pagead2.googlesyndication.com/bg/ Frame DC4F 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 11:24:04 GMT

GET
DATA 200
OK truncated
/ Frame 0EA0 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54bb41632eef124f2512d34527c4b3cd3ae1cdd9059080331ba95a5a64b4e81d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC4D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIkDtCkZylF0wxA26vO4QuE&google_cver=1&google_push=ARnp8GDHCP_NtE2lJLh_ORhWEQnh8lAOmIEilO3inbc3ldde988IFKNkvI...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDHCP_NtE2lJLh_ORhWEQnh8lAOmIEilO3inbc3ldde988IFKNkvIVWdvLo9nJOCYhBwJaGGLdyQMeITf6XnLAm6adUfv0&google_hm=pJptG522rF5dJ...

170 B
188 B

106ms
47ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDHCP_NtE2lJLh_ORhWEQnh8lAOmIEilO3inbc3ldde988IFKNkvIVWdvLo9nJOCYhBwJaGGLdyQMeITf6XnLAm6adUfv0&google_hm=pJptG522rF5dJ8pUQjzzOg

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GDHCP_NtE2lJLh_ORhWEQnh8lAOmIEilO3inbc3ldde988IFKNkvIVWdvLo9nJOCYhBwJaGGLdyQMeITf6XnLAm6adUfv0&google_hm=pJptG522rF5dJ8pUQjzzOg
pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC4D
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GDzeEwXec9925YGINpBrNi8vZHW3Nux8w5pGuQ...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXF0RUBBQUFCZS1pZmpOeQ&google_push=ARnp8GDzeEwXec9925YGINpBrNi8vZHW3Nux8w5pGuQ4RZ4XbvVglNt7Odd-Pfx--t7L0_MSHS2U2YFd4WcuB5ow8NyU63LLJsf0

170 B
188 B

44ms
43ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXF0RUBBQUFCZS1pZmpOeQ&google_push=ARnp8GDzeEwXec9925YGINpBrNi8vZHW3Nux8w5pGuQ4RZ4XbvVglNt7Odd-Pfx--t7L0_MSHS2U2YFd4WcuB5ow8NyU63LLJsf0

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXF0RUBBQUFCZS1pZmpOeQ&google_push=ARnp8GDzeEwXec9925YGINpBrNi8vZHW3Nux8w5pGuQ4RZ4XbvVglNt7Odd-Pfx--t7L0_MSHS2U2YFd4WcuB5ow8NyU63LLJsf0
Date: Thu, 16 Jun 2022 14:58:00 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3 200 dds
rtb.openx.net/sync/ Frame FC4D 43 B
64 B 86ms
51ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJJOSk9yuAsnDy8qTZ9S8bI&google_cver=1&google_push=ARnp8GCViyAk87a2zbKEx5fQ72gezClkOAPwx7C_RheQEJcPw45Ts_jZ9wM-AytwQYFlMUuWdA5BuHNGbBHanpitzeqcQAdBNb0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:57:59 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: ug58fo5thrjjbl2mbq0m30r3gli80ug1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FC4D 0
41 B 239ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECNJrWRrmO5I9IevtFzxQfc&google_cver=1&google_push=ARnp8GBoBnK43XKPwa3lucwxAlPWq-NQOB9RPzhQvo7DOQwRM-W0HkzvLZV-AqO9jNaq7AAQMsuNhNdXGo18_RfgZsp1EzJZtfqq
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC4D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENQSO5OYxDTVypkmWeQ0I5w&google_cver=1&google_push=ARnp8GBCvyPf6zLHyZ-F5jjUI1X2JSewKvldnP1Fu4TDy-RT6OKOxqohVo4ikT90sLTszjpK_e3...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHVUctVy05RVJQ&google_push=ARnp8GBCvyPf6zLHyZ-F5jjUI1X2JSewKvldnP1Fu4TDy-RT6OKOxqohVo4ikT90sLTszjpK_e3Ccxk2Pzwtjg87XJ3DLm_OYBsb

170 B
188 B

104ms
46ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHVUctVy05RVJQ&google_push=ARnp8GBCvyPf6zLHyZ-F5jjUI1X2JSewKvldnP1Fu4TDy-RT6OKOxqohVo4ikT90sLTszjpK_e3Ccxk2Pzwtjg87XJ3DLm_OYBsb

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRINUNHVUctVy05RVJQ&google_push=ARnp8GBCvyPf6zLHyZ-F5jjUI1X2JSewKvldnP1Fu4TDy-RT6OKOxqohVo4ikT90sLTszjpK_e3Ccxk2Pzwtjg87XJ3DLm_OYBsb
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC4D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJsh1d1YyLul5uT1dtWFrAY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_cver=1&google_gid=CAESEJsh1d1YyLul5uT1dtWFrAY&google_push=ARnp8GA3kW_d_6OqvOzOuWjIpct8X-M3B3OwM...

170 B
188 B

97ms
46ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_cver=1&google_gid=CAESEJsh1d1YyLul5uT1dtWFrAY&google_push=ARnp8GA3kW_d_6OqvOzOuWjIpct8X-M3B3OwMI6QIElpuDKBmuMs_GeVmvmpd7nxXX73RHe-DLlD4rOXWmUXdgSMoxa3LaqWR6E

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Jun 2022 14:58:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqtE96zuQmlf4BbEtCXDsgAABFgAAAAB&google_cver=1&google_gid=CAESEJsh1d1YyLul5uT1dtWFrAY&google_push=ARnp8GA3kW_d_6OqvOzOuWjIpct8X-M3B3OwMI6QIElpuDKBmuMs_GeVmvmpd7nxXX73RHe-DLlD4rOXWmUXdgSMoxa3LaqWR6E
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame FC4D 43 B
296 B 207ms
21ms Image
image/gif 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEDFRR7DJyLqqBRU0HKslLes&google_cver=1&google_push=ARnp8GBPXpL4GCP53dNB3dn4W0n2WRmFwpPEwLb0da8GvINjmBNuyTYDeiEtle8-ysrINI8iAJPOln_woZX5eU39Hen5cX_WI7bY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8059077088189797&output=html&h=280&adk=1603967233&adf=1704324951&pi=t.aa~a.1585979361~rp.1&w=1021&fwrn=4&fwrnh=100&lmt=1655391479&rafmt=1&to=qs&pwprc=7242257891&psa=0&format=1021x280&url=https%3A%2F%2Fmobile-legends.net%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655391479188&bpp=1&bdt=1694&idt=-M&shv=r20220614&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D5808bf2f6e11f743-22a23954b3cd00d9%3AT%3D1655391478%3ART%3D1655391478%3AS%3DALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng&prev_fmts=0x0%2C1200x280&nras=2&correlator=4346839374140&frm=20&pv=1&ga_vid=383676460.1655391479&ga_sid=1655391479&ga_hid=1131572939&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=2028&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31067768%2C31068061&oid=2&pvsid=2231877498687665&tmod=44769597&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=DWqxMNAXeG&p=https%3A//mobile-legends.net&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FC4D 0
12 B 114ms
46ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JZFfbGO6iUjx0egBwADfu0cqh97rxHYDLycV6AXJTH1lnlr_HYCVWhLg326soZ_LaQbcA0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 0EA0 28 KB
28 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 66066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Jun 2023 20:36:54 GMT

GET
H3 200 WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js Show response
pagead2.googlesyndication.com/bg/ Frame C85C 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 11:24:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mobile-legends.net
URL: https://mobile-legends.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 533
date: Thu, 16 Jun 2022 14:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 16 Jun 2022 16:49:07 GMT

GET
H3 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 283 KB
68 KB 36ms
26ms Script
application/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by: Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

cf-ray: 71c466af9df89b3f-FRA
date: Thu, 16 Jun 2022 14:58:00 GMT
via: 1.1 google
cf-cache-status: HIT
server: cloudflare
age: 3376
etag: W/"0e269028feac530d16f00d8dad8ece74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 19 Jun 2022 14:58:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 10 KB
754 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&ver=5.1.13

Requested by

Host: mobile-legends.net
URL: https://mobile-legends.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:31:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H3 200 css
fonts.googleapis.com/ 12 KB
869 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C700%2C700italic%2C400italic%2C300italic&ver=5.1.13

Requested by

Host: mobile-legends.net
URL: https://mobile-legends.net/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Jun 2022 14:29:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 16 Jun 2022 14:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Jun 2022 14:58:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 149ms
69ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220614&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

979cb5e98176f9335be3f9361c7cef3b6f830f5a6b3b5907fd169c68a7db9cf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Jun 2022 14:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10764
x-xss-protection: 0

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 40ms
39ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&ver=5.1.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 268882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 51ms
51ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&ver=5.1.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 268882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 62ms
62ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C600%2C700&ver=5.1.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 268882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 69ms
69ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C700%2C700italic%2C400italic%2C300italic&ver=5.1.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:07:55 GMT
x-content-type-options: nosniff
age: 244205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 19:07:55 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 75ms
75ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C700%2C700italic%2C400italic%2C300italic&ver=5.1.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:01:08 GMT
x-content-type-options: nosniff
age: 255412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 16:01:08 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 82ms
82ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C300%2C700%2C700italic%2C400italic%2C300italic&ver=5.1.13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mobile-legends.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:45:42 GMT
x-content-type-options: nosniff
age: 195138
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 08:45:42 GMT

GET
H2 200 web Show response
onesignal.com/api/v1/sync/d97d85bc-3aa7-4cc7-acb4-74bb30751c37/ 3 KB
2 KB 83ms
76ms Script
text/javascript 2606:4700::6812:e134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onesignal.com/api/v1/sync/d97d85bc-3aa7-4cc7-acb4-74bb30751c37/web?callback=__jp0

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85a7db3bcc77bfff5367cab41217601c2eef463a86c33c79b7aa0b165459c6d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: MISS
x-permitted-cross-domain-policies: none
status: 200 OK
x-envoy-upstream-service-time: 42
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 7a88b2c1-ec65-4dd3-b9b5-a64ba7321fd8
x-runtime: 0.040820
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"85a7db3bcc77bfff5367cab41217601c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-download-options: noopen
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600
cf-ray: 71c466b09f209b46-FRA
access-control-allow-headers: SDK-Version
expires: Thu, 16 Jun 2022 15:58:00 GMT

GET
H3 200 video-small.png
mobile-legends.net/wp-content/themes/Newsmag/images/icons/ 982 B
2 KB 73ms
73ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/themes/Newsmag/images/icons/video-small.png
Requested by: Host: mobile-legends.net
URL: https://mobile-legends.net/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92240070626cdf9677e6e3b1282069977bcf5395ada82ff0748b5e40472277fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 982
last-modified: Tue, 06 Dec 2016 16:44:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3E7any98%2FwBtdu34FcjEpgwDwKsTpR5qKp1f9TiRygVk5iAqAq9iGwk6dJAyJPWwGb2IpioVYWYfaACa1sTidUy3Xi2j3fHu8zcTieJ7hndMtcffwYXIDZCxsQZ%2Fw4D%2BWZnglQlpgxSLqZxkWpooYzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
accept-ranges: bytes
cf-ray: 71c466b09ae19950-FRA
expires: Thu, 23 Jun 2022 14:57:58 GMT

GET
H3 200 Screenshot_20170117-021559-300x194.png
mobile-legends.net/wp-content/uploads/2017/01/ 75 KB
76 KB 219ms
219ms Image
image/png 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/01/Screenshot_20170117-021559-300x194.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bca9a6db0357b31b76aa9b3950e8c993529924821eaf12aa1d204553b53f3b48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
cf-cache-status: MISS
last-modified: Tue, 17 Jan 2017 08:27:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TgnDWX6t%2F3mmUXN0nGOrbheJ%2BhE%2FsYyT3awl8HkpFssomOhAC07bVP6mPMOB0ha9kJEQ0Sl0yY0MiGU3VbBFNOdaiDuNBYz5A3eXrMBczHKni087u3j7NQUIO63ghbLWmG553fjI7AwzU0tMsiI8DX0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466b0aafa9950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77259
expires: Thu, 23 Jun 2022 14:58:00 GMT

GET
H3 200 maxresdefault-7-100x75.jpg
mobile-legends.net/wp-content/uploads/2016/12/ 4 KB
5 KB 143ms
143ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2016/12/maxresdefault-7-100x75.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 292b092507f25825ec83592a5bdb022adf7eb4f980fc6a4c3b5d35cdbbcb24a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
cf-cache-status: MISS
last-modified: Sat, 31 Dec 2016 05:23:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpkxUYxsylkjbR2k%2BtcB9jUZWS3pPEE7f0sbORViLqG%2BDcvXbheOkA4DzX%2Bbvn5teHY%2FZbvLaMTF0qX%2FwwcnclIodCujw4POKw0uNd8AN4tgWNc3JB6SuyMfyOv47t7VVCKVBUJv9vl%2Bq%2BJZJ4q9gqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466b0ab009950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4578
expires: Thu, 23 Jun 2022 14:58:00 GMT

GET
H3 200 Mobile-Legends-Hayabusa-100x75.jpg
mobile-legends.net/wp-content/uploads/2016/12/ 3 KB
4 KB 65ms
64ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2016/12/Mobile-Legends-Hayabusa-100x75.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fcc5e7080b3374a31f81c0da3d66390f16e4bccd4132f099b526b5229e2e7d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
cf-cache-status: MISS
last-modified: Thu, 08 Dec 2016 00:50:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7an5xHvzP8uz5KGhR32N9vXyz7YkqVk%2Fzu2hkriIF5q1zvMxpuu%2BgqvsuURgopaPmK%2BiEmLXXGLqyvhi8UNgdRvQEDD%2Bd22bY%2FGdlwE%2BJuNEmMaXE29KPcVQIOpB6DkYjX2vpEW%2BIqzETIxGIjulnxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466b0ab029950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3173
expires: Thu, 23 Jun 2022 14:58:00 GMT

GET
H3 200 T5-W-100x75.jpg
mobile-legends.net/wp-content/uploads/2017/06/ 3 KB
4 KB 148ms
148ms Image
image/jpeg 2606:4700:7::a29f:8a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mobile-legends.net/wp-content/uploads/2017/06/T5-W-100x75.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:7::a29f:8a55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b52467438ced72ad7b8af58f6669b803a978da43044695cf2053b66a938670f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
cf-cache-status: MISS
last-modified: Fri, 15 Jun 2018 14:56:51 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PAfAw70hlPbjbVY8pe2MrdrsfLr2%2FIknN7suizQ6agPv9Jz3CqyWr6M3u14TW4ZulzVbnQA6zv42YSHkjX0o%2Bmd27LqUH746JhlF38%2BEFcOx80uMFP95OhO7zxydPmqnUcwplZkdT4X8oeweNTwAmqc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 71c466b0ab049950-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3539
expires: Thu, 23 Jun 2022 14:58:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 203ms
203ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 14:58:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 131ms
49ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1131572939&t=pageview&_s=1&dl=https%3A%2F%2Fmobile-legends.net%2F&ul=en-us&de=UTF-8&dt=Mobile%20Legends&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1521019725&gjid=1347935226&cid=383676460.1655391479&tid=UA-87758634-1&_gid=2112416618.1655391480&_r=1&_slc=1&z=270215428

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobile-legends.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://mobile-legends.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 69ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87758634-1&cid=383676460.1655391479&jid=1521019725&gjid=1347935226&_gid=2112416618.1655391480&_u=IAhAAEAAAAAAAC~&z=822788216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mobile-legends.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Jun 2022 14:58:00 GMT
content-type: text/plain
access-control-allow-origin: https://mobile-legends.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77F5 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 336
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:52:24 GMT
expires: Fri, 16 Jun 2023 14:52:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 00A3 783 B
536 B 51ms
50ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

af82202b4ca52e67d0e4bbb8f7ab261bcde47860f588c7bf680c65091fad7806

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XFH_fNWOZMjtflujjuiZ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mobile-legends.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-XFH_fNWOZMjtflujjuiZ3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 16 Jun 2022 14:58:00 GMT
expires: Thu, 16 Jun 2022 14:58:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E885 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskxJckvisFbv1NysUM3e2nnCvvWZ9YfVqcM1bwRnuEayGgdBrbs708UZbV1rQF8g70hR1dEnzCBfHmH_bl21o2b5PZTjHOSHHpkzeMTY0pk3M56RJ8Ek2rMqJk4XE&sai=AMfl-YRZZJiuutK5AiV1Bw3dmLymEljesVm5eXjLDetYwCPrXQ-MnAIFBLAf3VU3HeYYscigRX22VdAdpDc6&sig=Cg0ArKJSzKGtp3FqMnqCEAE&id=lidar2&mcvt=1003&p=0,0,124,1005&mtos=125,797,1003,1140,1140&tos=125,672,206,137,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655391479261&rpt=296&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js Show response
pagead2.googlesyndication.com/bg/ Frame 77F5 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/WNU-PBcfckz-ZJNp77gnGR6umJykUHtANN-D9hj8G6g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 11:24:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99236
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13746
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 11:24:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 00A3 0
0 88ms
87ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220614&jk=2231877498687665&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7BD7 42 B
64 B 74ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxGbSjFt52aKVIdihcaMGJu9D94X3nlUFIg91zaqS5rBrC_EeVocUJw0R64uf7VN7KLvOyLCMRIV8a93bcVzPWWnojv2IMkiQhx031CvL9lA8433-XHEBhL7Hs8B7XZLL1hRa5YQ&sai=AMfl-YQ5_cs-jq6_cGGSPS74z0drtLbLUbO1MhHBNsQ94cUbuUVaEouer7cpl76bLhsI_-6jqk8b_mUQGRMv&sig=Cg0ArKJSzH0ZwIb69t2ZEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2093943714&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655391478540&rpt=1217&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Jun 2022 14:58:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77F5 0
9 B 39ms
39ms Image
text/plain 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pj9oDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 16 Jun 2022 14:58:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 111ms
110ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220614&jk=2231877498687665&bg=!OTqlOn7NAAbASn8N4Eo7ACkAdvg8Wua6qH6MfWcoGhpLoCDI7gsUfEp0OdE206djr0yXUubkMmeeYwIAAABDUgAAAAdoAQcKAOidqlhSxSUL5o3z15BauVDOcD4ERMX0P-MznwoJKQ_147C0BXizGN29fhYXK9fh8eHFhoWs5r-X3op9g5Yz7S94H0XphUIx3QyDckFjUw7y9dlHU_BsXXpn2xPULFMLVwOATbSpjCOnHVWmnKqYwfYsGt6ww1jSNB_Oipxj3-3bkoRnjFl7VKMoyZugKp256gCABnhCNMpnCideAGSPzjT9QjYIFfzcLRHPj8cFp47zhL_CgKrigzfehh3w8ndsNmbuWnbFmDJPSI6h61C8bFZYo6xad4mmXotGrpWLulMQYPz-rRg103rmmQKZidIxr0LZyM82aRNGAJnM1_ZIemx51qevTXO0IKzdfp6keTy7P4zzKwPFbwBC6x_PM2bOh2A8mWZPatDga-DYISrEn_yTWq3IlrIfHxGubTnDmkvh7SwDzpnBs7f82FecsYOkwsc6wstDBHZmKRRVg0Sxk9KYNwweaoN2-80KfXGo_Pk_6OGOuRULyFbVIhw9UJIr_O4GP2z3Z9l2HWh4ZUvpu8HKBAVCjSXbT5extTBaK-7OPx2kDV2gZwBgz15onrgmtXfjSr9MlSgpdGU2vMk23uN54OVYW0cozyvBvHlRH47wyluh5lxUt_862wyQyvrD_I82cszQhjWCAq3Db_0d1qXCUHWQUVh18crKnu1YndaGNbxaTdV73tuxuFGhnned5kNSXmA41JmfHzSv0vVff-IsZJxUAQYv82JCW9FydOoHEoaPBWXYgYbMoXrllMrWN9FPaOYl31P1Zpvwl4I9J1EuPSIfnx_D-W43_FLjhoF8pQcmr89UnC8Alc9wMJeRFZJ72AkURub5KF5Td_srUFeIaqNzXfctvmueTEVGrrDZQ1B1J9YnekDfD27hIb9LuPqcYPE7v3DH0HYk1d4VxHJ4ylICsLM_u6AqZTonPAlDzJGFtfBWX9NiMnMZI19i6NhbGZrcbROJxgbOdiF_htwWng83JUD-wFrnV0O7-xP7vmv1OJJXGReVdCjC5TN0hmlrMG1Q4Q_i-YW4QF-kiTVPOwX_8gqE5J2L7yjN3jom1S0x6epsvK0hwgYJo5nQVHRy6tVKQKHHsfRHVPm3fPDBQXHVf7TKMBk0NTjo5F7ITzS962uPsaXFpHs_ndFCT27aoOjjZTvq1xFw8xS4cRp57x6crwgvdtwVYYj1FTJZqZoAolg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://mobile-legends.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mobile-legends.net/	1970-01-20 03:49:53	Name: __cf_bm Value: a4.VKFYUG6rbXr9t6D5XTgNQp1zJc5ZKWyMbtPTmVok-1655391478-0-AY1DE35mbMQQXZp2MOCjFKSib2xgjmfaU9SfoV1phUlDMMUfpY1egUEAzAEho30yywSs3t7XV+8A9bNL0EIFahjVwyBbv3mD6mr/bJyXRKvsTebRrpvqSM6VgeqRJXH4WQ==
.mobile-legends.net/	1970-01-20 13:11:27	Name: __gads Value: ID=5808bf2f6e11f743-22a23954b3cd00d9:T=1655391478:RT=1655391478:S=ALNI_MZjVLQx_WOv5wcYatBKoCDu9uz9ng
.doubleclick.net/	1970-01-20 03:49:55	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 13:11:27	Name: IDE Value: AHWqTUmHythuACPpjG4qf1D3E0vmHb_IC28IyM5gguX8Mm00Q7BZrA-q7Q9WNzPi43I
.quantserve.com/	1970-01-20 05:59:27	Name: d Value: EAwBCQGyJoEA
.quantserve.com/	1970-01-20 13:20:05	Name: mc Value: 62ab44f7-f0675-0abf9-71300
.casalemedia.com/	1970-01-20 12:35:27	Name: CMID Value: YqtE96zuQmlf4BbEtCXDsgAA
.casalemedia.com/	1970-01-20 05:59:27	Name: CMPS Value: 3269
.casalemedia.com/	1970-01-20 05:59:27	Name: CMPRO Value: 1112
.casalemedia.com/	1970-01-20 03:51:17	Name: CMST Value: YqtE+GKrRPgA
.agkn.com/	1970-01-20 12:35:27	Name: ab Value: 0001%3AGSiCDHZZHkgvuod731DaWY3OMyMSt9sP
.agkn.com/	1970-01-20 12:35:27	Name: u Value: C\|0CEAqPgF4Kj4BeAAAAAAAAQ13AQCAAQpAAAAAAA
.innovid.com/	1970-01-20 05:59:27	Name: uuid Value: 3609fc30-9a55-45fc-b49a-a71951835b0c-20220616 10:58:00
.mobile-legends.net/	1970-01-20 21:21:03	Name: _ga Value: GA1.2.383676460.1655391479
.mobile-legends.net/	1970-01-20 03:51:17	Name: _gid Value: GA1.2.2112416618.1655391480
.mobile-legends.net/	1970-01-20 03:49:51	Name: _gat Value: 1
.e.dlx.addthis.com/	1970-01-20 13:20:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:20:05	Name: na_id Value: 2022061614580000020486245637
.addthis.com/	1970-01-20 13:20:05	Name: na_tc Value: Y
.addthis.com/	1970-01-20 13:20:05	Name: uid Value: 62ab44f8eef0cbbf
.addthis.com/	1970-01-20 13:20:05	Name: ouid Value: 62ab44f80001aaa8d64722e38b8e40f8fd1bb96614c84c033bbb
.dlx.addthis.com/	1970-01-20 04:33:03	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:33:03	Name: na_sr Value: 20220616
.dlx.addthis.com/	1970-01-20 03:49:51	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:33:03	Name: na_sc_e Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
cdn.onesignal.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image6.pubmatic.com
mobile-legends.net
onesignal.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
secure.gravatar.com
ssum-sec.casalemedia.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
104.92.72.137
108.128.215.255
142.250.186.130
142.250.186.66
185.64.190.78
23.35.228.247
2606:4700:7::a29f:8a55
2606:4700::6812:e134
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:803::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9a
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8101:37a8:11c6:83f7:6fb7
3.68.169.133
35.227.252.103
69.173.144.165
01ecfaa565a7871a94029284458a5de7400c5119984b280f3e9f00d3ef80056f
0b52467438ced72ad7b8af58f6669b803a978da43044695cf2053b66a938670f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5196bf0b4359d3cc6b8fa5f989e6831556509701c8260303534c6f269ca9f7
14d41f4a60bba3f3e250067da52d116433c93b2e9ee801990a8f3bf50cbb08db
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180f72b1a462888e9c99697f73b7b547588d82d1d06ed4e06ad1d517a3d6ed90
19c1990c2236fcf95c56097d51c1f36ae55db5f5c3f2b97172c359e1c52d6cda
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
291f2cf26aebacb7217b7ec9a11f9b17eb5b06ff79b7519159482451d7f32b1e
292b092507f25825ec83592a5bdb022adf7eb4f980fc6a4c3b5d35cdbbcb24a1
295335d4574429f092b250971b67bc85cc9b08bde73745a39eb09b1cddcb09bf
2b8f5be236d1622b366f75375016cb696d3a83a50ce5f74507b44604fe5eefc3
2c2213a6f15823aefc8de2c4419556ffe072fe980530f23da1941c8e72f9dd1a
3e41b8103245c0c185885d9fd2589f8d95356679cee7bf5cefa6ede3d65f351d
4199cbe6d489c44ee57d274f72e39143cbf238da2c3025db26b4196f7e96e0fa
4269af8523d6955feed42869e36aca3d9451edbd096bc22cdbd7887f65fac34b
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4a86c7185cd0ef64233c298f3a91d4a71e7d0b85452c582c2d50241780d9172f
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4ddefcf8f7772cfdf8e92cc8ad7f3d7fbdb9fab1f28021d909fff875f45869ba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f4eb6b9b4e9495283abedd1611199f6ebb43a01b8ced67865fcf4c25d7ad0af
54bb41632eef124f2512d34527c4b3cd3ae1cdd9059080331ba95a5a64b4e81d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58d53e3c171f724cfe649369efb827191eae989ca4507b4034df83f618fc1ba8
591709b12d91ff9bbca46087e12e52534d03f15fcc7c22abff519d8ea359a308
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c9518fa93a21492d7bca3ca1f1c86dc4ba79fafd7a54ac3fd5a2f7fe1299ef7
5cf13a3c2f4ee9f0b8d43e5c4e3df09cbe9446c5c92cedbf358ae3644f6a84d0
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63824cc2a3a10ca498970045c092b90ab334c64a7d50123d9b2c679e694836ff
6b646046bdeb2be0b6b891bdbaf638b9ffa022cd42dc7907d04a431471cb60a7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dda582e94af8739cb9254008a7cc3d905bc267ad8649bdfb2f3c7db1a5133d1
700852fb7752b7a9f1f963382237d870275fe685e8b4c4680ea2046a21d4423a
70156e195add91b68e6d3dc026dd19b35a35142def199f47c424a38fa2a184f4
732a25eb1f2f95240b2894860aa334e17ac5e3d0222dd9b9893f144c392571ed
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
78ff89c58b2207da3226176fe4fc23024182166c11702462fe0069d82deedbca
7fcc5e7080b3374a31f81c0da3d66390f16e4bccd4132f099b526b5229e2e7d7
83fc91ad69e7a898ad005337d6c79dd99afd97810def813b813327e50db2cd01
85a7db3bcc77bfff5367cab41217601c2eef463a86c33c79b7aa0b165459c6d2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bfb6ced08eeb3510a1d3690562be37e5720c14cc988c6d8d152bee7f4eea2c4
92240070626cdf9677e6e3b1282069977bcf5395ada82ff0748b5e40472277fa
979cb5e98176f9335be3f9361c7cef3b6f830f5a6b3b5907fd169c68a7db9cf9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e8ed2ce79785eb40aefdadb938e4313a0000c1f6b30f2cf2307c54813872994
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3aa39d5d6a794eae0ab9fea00708a616dc5cce2b4ddcaccc6f2e2c3f1a73d50
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af82202b4ca52e67d0e4bbb8f7ab261bcde47860f588c7bf680c65091fad7806
b69cb3c485e381d782f33af1fee93150d4ec3b2b0135e0be53470ad4e4e2b715
b86920385e115323f25667b8929484cda6a9d6c8c4b85148ed89138f97b22a45
bb5677bcd61703e98d4e275bee546ffa99a970f913b699a727398802da8d4c3d
bc04b060351d92b1885dbad33931bac929ff5dfb0c421a6fa17d548d2da1fc84
bca9a6db0357b31b76aa9b3950e8c993529924821eaf12aa1d204553b53f3b48
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c6c2b6c669503f2560724d80d2357e95ebb62789cbe51f7cc347a4bca28e1b24
c9009232666d8ff6e92a3688cb5aa7b0ac0025c8bb54a2167f3f275af7855c62
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e33cbb147f4a7f925826327030311f4aeb0f59a33acedf8a1d31bf97c74b37
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dc3b431b1432e00a58bdc075d1f9e4bed885cd19cf7fcb2958f40e5339d099aa
dd64e79960ddd6dbe68390c8057f24777b0e87ac0ae93733094e62f9b718e3db
ddd01fe775583876c4c04a267de9ab09dbe3e776cf2ab7453edcea7d4f07cde4
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e10eac1cac40b20c0b2019a72564ab76bf2eae0828cd9fe80359d6e52d83b5af
e20c089ad4d3052ed483c70bbd881a905ef4b22fe6bb07b3959ba0df07e750b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7e91d3ef43a4f4d211b788eaaefe1d0b06d7e3da340484f6c5fa33f87e7a17
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef932ba80970bb4e423f2c08f5cfa21b785dac371a270fc04c7fb5c33f431bf2
efee2bd910743d2b24335d1b2e10fd15147c96a7d71cb3dfe5a17ff7a62e866c
eff5187a0305e5f676e96bfd943b0d66db37206c232eaad5c18e4fffb68723e8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f844e81ccca9d04f2e5c524901d016d92ed8e256cd69765a97d0d059ec7072d2

mobile-legends.net Open in urlscan Pro 2606:4700:7::a29f:8a55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

151 Requests

95 %HTTPS

65 %IPv6

21 Domains

27 Subdomains

22 IPs

5 Countries

1910 kBTransfer

5193 kBSize

25 Cookies

6 Outgoing links

Page URL History

Redirected requests

151 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mobile-legends.net Open in urlscan Pro
2606:4700:7::a29f:8a55 Public Scan

Screenshot
Live screenshot

Full Image

151
Requests

95 %
HTTPS

65 %
IPv6

21
Domains

27
Subdomains

22
IPs

5
Countries

1910 kB
Transfer

5193 kB
Size

25
Cookies

151 HTTP transactions
10 data transactions