newsquest.top Open in urlscan Pro
2606:4700:3035::6815:2d78 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newsquest.top/
Submission: On June 24 via api (June 24th 2024, 8:08:16 am UTC) from BE — Scanned from DE

Summary HTTP 64 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 7 domains to perform 64 HTTP transactions. The main IP is 2606:4700:3035::6815:2d78, located in United States and belongs to CLOUDFLARENET, US. The main domain is newsquest.top.
TLS certificate: Issued by GTS CA 1P5 on May 25th 2024. Valid for: 3 months.

This is the only time newsquest.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2606:4700:303... 2606:4700:3035::6815:2d78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
28	2606:4700::68... 2606:4700::6812:d20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
64	10

13 2606:4700:3035::6815:2d78 (United States)

ASN13335 (CLOUDFLARENET, US)

newsquest.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2606:4700::6812:d20 (United States)

ASN13335 (CLOUDFLARENET, US)

data.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
icons.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.gamescdn.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	gamescdn.top data.gamescdn.top — Cisco Umbrella Rank: 347759 icons.gamescdn.top — Cisco Umbrella Rank: 471242 img.gamescdn.top — Cisco Umbrella Rank: 338466	921 KB
13	newsquest.top newsquest.top	43 KB
9	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 137 b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	85 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 486	104 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 235	175 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2355
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	204 KB
64	7

	Domain	Requested by
20	img.gamescdn.top
13	newsquest.top	newsquest.top
7	icons.gamescdn.top
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net newsquest.top
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com newsquest.top
3	securepubads.g.doubleclick.net	newsquest.top securepubads.g.doubleclick.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.googletagmanager.com	newsquest.top www.googletagmanager.com
1	b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	data.gamescdn.top	newsquest.top
64	11

This site contains no links.

Subject Issuer	Validity	Valid
newsquest.top GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
gamescdn.top GTS CA 1P5	`2024-05-13` - `2024-08-11`	3 months	crt.sh
tpc.googlesyndication.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
misc-sni.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://newsquest.top/
Frame ID: 637944002539815723FDBA234B6CC4DB
Requests: 52 HTTP requests in this frame

Frame: https://b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1FEC6C76B123A0FCEE6B62A4A37DD264
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DC2025F9001F0926F27CD2BDAAE00BB5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs
Frame ID: 8B58BF5D2CB79494EC08A115E4BADE28
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Play Free H5 Games On Mobile

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

64
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

11
Subdomains

10
IPs

2
Countries

1532 kB
Transfer

2697 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
newsquest.top/ 4 KB
2 KB 191ms
45ms Document
text/html 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e545ef37c9c9e13c9e6133408ba48781f2666ea1c1659ef4182b121289118c8e

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 898b3a83ec3565ab-FRA
content-encoding: br
content-type: text/html
date: Mon, 24 Jun 2024 08:08:12 GMT
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F2LkhHYriYd5I5hJ%2FEZicIYFNS6HMfdHY9FcWVTml0FM9qa8rafatWhiI6OGLimGuxDqwaLtWvxB5Bhl2pnwSWp2h5SSRcI96lI4mNrVXA5zUPSJTOeojno1tPZsLhaKAAJWvOEoq%2BTXoxqx"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 style.css
newsquest.top/css/ 6 KB
2 KB 57ms
56ms Stylesheet
text/css 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/css/style.css
Requested by: Host: newsquest.top
URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae82a23eae8bcd2b838c8f1442851d94b6253a466068f7751314703aa3ab0c96

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6662c846-18ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDL9YFoFRaNbU8dSoXZuu4hxKV3U6XQhL8twmF7iRGPGb0%2BVnUpfcEbaQQz7MQfSTZbmjMy3kXsnJ5jyLh%2BvtDjy6d8LdJmqrqCq8zqxp4HVZxJbg%2FUXfKvuzZvCBjojPjSOGGyWIgoRKVvH"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 898b3a843c9c65ab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 self.css
newsquest.top/css/ 47 KB
11 KB 79ms
79ms Stylesheet
text/css 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/css/self.css
Requested by: Host: newsquest.top
URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62687ad5ddc03c24a77c0b9fd8b7100fb3a42bdb44e711386cef70ef7bf0628

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=66399
etag: W/"6662c846-1035f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0FFqKkN479bbhAjJKWZY4eln%2FiGbS2jAK4EXJOrIr2xA6sIH5FlX4m7dop02StDZu1DwwyM7AmZcIqkNw%2FzBpTqpZxYsc2342SDteyOFMkd0sYpymTit3sD9G8kzL6NDHuuHLctwpINn1NP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 898b3a843ca165ab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 iconfont.css
newsquest.top/css/ 553 B
735 B 100ms
100ms Stylesheet
text/css 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/css/iconfont.css
Requested by: Host: newsquest.top
URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f116dab807b0851d1ed064614bb23ccb0ae6eca2ffe0e55772338f74523e6d04

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=688
etag: W/"6662c846-2b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8xEQcB%2BKB6qPRqf0H0kx2jkbhSOFcH7c8lsr45FcTbrpd5U2vl92XnZj0gwamqBpQhaIO39xs8r5Jx4e4qA3aR3viMN75q3Lr87MsyJLPWhlmGPFew3ivNZZ9mu4W9PJXMDOmxBhAi8uxbeu"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 898b3a843ca465ab-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 logo.png
newsquest.top/img/ 3 KB
4 KB 89ms
88ms Image
image/png 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsquest.top/img/logo.png
Requested by: Host: newsquest.top
URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8025c32525a089cfce8ee11f50467463a2c023c0732869158e8b7436241aafe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662c846-dd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2PeyJtBYJ6xo8Q%2Bt3hIaDYk%2BKu7bR3tgzz%2BG9Tf3hNoPOc4lKfRiRbtXpvWZMg2CvHHTK1QY158hyNZiJz2oUiFEY0fhDHMmh1Dw3MsQabJYXk5ltspypFxbsAds4QbW8OeoTyzG5QylgW0S"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a843ca865ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3537

GET
H3 200 history_ic.png
newsquest.top/img/ 2 KB
2 KB 63ms
63ms Image
image/png 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsquest.top/img/history_ic.png
Requested by: Host: newsquest.top
URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48679aa4e044572045a5b00006dd7da050406d75f3c258f14430fbcd21143e5d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662c846-698"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HIWwwINxEyZn3H26%2BCTLxrSU6Mvqhx7gmipBQJuEEe5vhn92HvqZpylEcjbycMHIQBGOZXgpmTxwfbomvgptuX8bchhHb0Vb%2F3EEQ7I909URuj6ul7bcBNyPeO7%2FWvFuLMGnA7jz8RKh0dqJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a843cad65ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1688

GET
H3 200 classification_ic.png
newsquest.top/img/ 2 KB
2 KB 53ms
52ms Image
image/png 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsquest.top/img/classification_ic.png
Requested by: Host: newsquest.top
URL: https://newsquest.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a0512b57267dd637fd3637f518536a65269ed841532253abd6a04b58698b98e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662c846-752"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CiS5mUAXewb6LY%2Bk00R%2BMxcMRdbm7E%2FNIK404xAz2lVVPldVmbOAc8hi1r07EycxaXcY%2BUUYH9ohsQJhBhwM7V3E8DLud2P7jd7N2auuYMVNojIga9%2BS4WXq5eOuBEA%2BjEnkoJhlUM321fy6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a846ce265ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1874

GET
H3 200 email-decode.min.js Show response
newsquest.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 38ms
37ms Script
application/javascript 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsquest.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: newsquest.top
URL: https://newsquest.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jun 2024 08:39:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66729944-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVv1FE9D21VX%2FtsiqjqOyiy0AwuS0UuPbduqggIQmIqbNCMDrC9jQ7yXymw0rpqT9GY6sHXE5iRJbOhBrkLvYJH9QE0%2FwaZsW%2BAWRMiducXtlEMuHdRLIpwFgi%2BDNewQFJC0jhRi0INcR9p8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 898b3a846ce865ab-FRA
expires: Wed, 26 Jun 2024 08:08:12 GMT

GET
H3 200 rocket-loader.min.js Show response
newsquest.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 26ms
25ms Script
application/javascript 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newsquest.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: newsquest.top
URL: https://newsquest.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Jun 2024 08:39:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66729944-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gWylazubaIh%2Fsyiv2gYr93ORDjdGXwrTnrWcaV51jxP4M8UT8EzlCjYUNzCgIZL1vyAWPUCxBYu4qskPmLZRefqyEG91udT3bMFG7ba7ETkTeldOH%2FoYxkFqPdnL2o6ObGU5peXaGK0UD1JQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 898b3a846ceb65ab-FRA
expires: Wed, 26 Jun 2024 08:08:12 GMT

GET
H3 200 iconfont.woff2
newsquest.top/font/ 1 KB
1 KB 60ms
60ms Font
font/woff2 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/font/iconfont.woff2?t=1675872004004
Requested by: Host: newsquest.top
URL: https://newsquest.top/css/iconfont.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2c1c288a0340f9a2b10517d1eece34605ff15ceb0ac8fe3e48d9ad6d9bd7712

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/css/iconfont.css
Origin: https://newsquest.top
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: MISS
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662c846-414"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TXx7R7Rrsg8PRt52DRJqZ9e3O2hqszvZeTZasB9LHExdkItc%2BJYcqQVlGMKdRzxn2usg8Qp9Uaz40I9JHmQNpQnOWkEbtdjA60IKhHsPiFgYkVdBUGMbXkgCt6cP4G7sph%2B9tmwB9nAe7lRh"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a84fd8665ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1044

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
31 KB 125ms
63ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: newsquest.top
URL: https://newsquest.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

648dc93b9587b6b324be4109a401dff1b85ff761edf38ed7c0730399501ed15e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31424
x-xss-protection: 0
server: cafe
etag: 411 / 19898 / m202406170101 / config-hash: 994685364493883849
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 24 Jun 2024 08:08:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
102 KB 108ms
52ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TLG9XVNK4K

Requested by

Host: newsquest.top
URL: https://newsquest.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c68708fa65288914cc1d322aa91e119951c0b54f1e399f0d1273cb13b62e1ab5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103980
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:08:12 GMT

GET
H3 200 index.js Show response
newsquest.top/js/ 3 KB
2 KB 54ms
52ms Script
application/javascript 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/js/index.js
Requested by: Host: newsquest.top
URL: https://newsquest.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f61a853557ac40a223423fa858324b554d58228618b27d54911c9eed4a9e730

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=3773
etag: W/"6662c846-ebd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FX2r1rfzdfAXxVwkbljKBNCwmDr48vVyubCGkWZ%2Bfw%2B2gcyg0pRjD6v8YsoEJU0DuZoEaZ0sEevi243WHO0fIBN2OiCGr8E%2Beh1T%2B0RiZTZDrNKb%2B1a1tc8f24WBs7C9VrC5Pku1P%2FKqFet%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 898b3a84fd8965ab-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 data.js Show response
data.gamescdn.top/ 39 KB
13 KB 128ms
59ms Script
application/javascript 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://data.gamescdn.top/data.js
Requested by: Host: newsquest.top
URL: https://newsquest.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a65ee93ffa344cf0b694aacc403ae99b020261f064daa363c014818e25e516c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 28 May 2024 08:08:46 GMT
server: cloudflare
age: 1476
cf-polished: origSize=40246
etag: W/"6655910e-9d36"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 898b3a856829bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H3 200 favicon.ico
newsquest.top/ 8 KB
8 KB 53ms
53ms Other
image/x-icon 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newsquest.top/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f05490fcc6a6c26a819b8df6bcc729e38270270dc28528a2147764e9900aeb1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6662c846-1fae"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6ftDCt1e2efzcUUyu42yqX6ZK%2B5iQBwnhCK2iRDhA77XalxpMFzWfdkAZXf1SmVKLPOJhJvh5eclzF%2BT0%2ByuC6zpT9laTppdUkY%2FNmm%2BHQzmvP3QVlFttdrZyQu%2FyrODk3Vc9Ja9nYlowFTk"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=31536000
cf-ray: 898b3a856e0265ab-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 casual.svg
icons.gamescdn.top/ 1 KB
727 B 70ms
48ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/casual.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 6127
etag: W/"63ece745-5d6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a85e924bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 arcade.svg
icons.gamescdn.top/ 2 KB
856 B 72ms
51ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/arcade.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b972da1f9da0a7237139330c766844fb6b62defe8795c06e8549842aaa0d67e6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 285
etag: W/"63ece745-76f"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a85e927bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 shooting.svg
icons.gamescdn.top/ 2 KB
888 B 71ms
50ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/shooting.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab6d62afefb8b82d4dc908c6ae42f243484be1f61a6edda9861264531fed55be

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 4835
etag: W/"63ece745-745"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a85e922bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Hypercasual.svg
icons.gamescdn.top/ 1 KB
713 B 70ms
49ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/Hypercasual.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 4569
etag: W/"63ece745-5d6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a85e91bbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 puzzle.svg
icons.gamescdn.top/ 1 KB
821 B 68ms
47ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/puzzle.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 651ed70430e4737f1f0e1a434885775eff39dd4c2ca12aabfef27c8420d57118

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 6994
etag: W/"63ece745-5da"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a85e920bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 racing.svg
icons.gamescdn.top/ 2 KB
878 B 73ms
51ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/racing.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dcaeddd646fbacc2222460871c640fd6aaf14665e48707b9c7d0175c93b13b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 915
etag: W/"63ece745-60c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a85e92fbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 action.svg
icons.gamescdn.top/ 2 KB
894 B 51ms
29ms Image
image/svg+xml 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://icons.gamescdn.top/action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e48674b241f95ad53f6658a3f4250964ad6d79634b4143c27776e2d111990e93

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 15 Feb 2023 14:08:05 GMT
server: cloudflare
age: 6409
etag: W/"63ece745-8ad"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 898b3a86a9f9bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H3 200 placeholder-img.png
newsquest.top/img/ 2 KB
2 KB 119ms
118ms Image
image/png 2606:4700:3035::6815:2d78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://newsquest.top/img/placeholder-img.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::6815:2d78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0fb24e282c657fd30c55b9a2ed2a2aaba374b26c5f66633c0c40d25f525fe439

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 07 Jun 2024 08:43:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6662c846-603"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MvdinHBOO%2Fma5oZjkQ4A%2F%2FynsUia6qh712u6Ovz5pBdNUdSnG%2FzkiB7ylGx8jKYo8fUGpQ7j619AkTailWhTImJSkjiyhjyCe2O99Wo%2ByLNnTsMqCZQkBRCjTZSRVspCloGkgbZJi%2FQG06Rg"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a85ce9f65ab-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1539

GET
H2 200 Music-Battle.jpg
img.gamescdn.top/ 63 KB
63 KB 115ms
109ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Music-Battle.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc2cbe70c20c9b9f5818c2c3b368a049f4fa51a8306b3e3f01da43ccaccf751d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 5600
cf-polished: origFmt=png, origSize=69220
content-disposition: inline; filename="Music-Battle.webp"
content-length: 64364
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-10e64"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a85e92cbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Crazy_Road.png
img.gamescdn.top/ 29 KB
29 KB 115ms
109ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Crazy_Road.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c2a3b6c612eda0febd631b89f3ddafb22412ffdf0d24ab8c2cefff8f3780769

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 5042
cf-polished: origFmt=png, origSize=32525
content-disposition: inline; filename="Crazy_Road.webp"
content-length: 29560
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-7f0d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a85f930bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 BattleRoYale.png
img.gamescdn.top/ 17 KB
17 KB 64ms
58ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/BattleRoYale.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b0211f452286c4865aa28dc2c99b5e98aa39c440ee47085d416341223a6f198

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 4008
cf-polished: origFmt=png, origSize=18864
content-disposition: inline; filename="BattleRoYale.webp"
content-length: 17160
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-49b0"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a85e928bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Jewels-Blitz-4.jpg
img.gamescdn.top/ 71 KB
71 KB 67ms
62ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Jewels-Blitz-4.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51538c63bce715ec9cfba6b522b936ff5dfe181c885592a21f320b73b0eb80f0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 1292
cf-polished: origFmt=png, origSize=82220
content-disposition: inline; filename="Jewels-Blitz-4.webp"
content-length: 72672
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-1412c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a85e92bbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 HangManDily.png
img.gamescdn.top/ 28 KB
28 KB 59ms
37ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/HangManDily.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a48797d8b2daa2166d7ea9e2ba886fca97d05c2c02327e45b7b4fc0f302578d9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 6201
cf-polished: origFmt=png, origSize=29202
content-disposition: inline; filename="HangManDily.webp"
content-length: 28220
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-7212"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86a9fcbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Stack-Ball.jpg
img.gamescdn.top/ 59 KB
59 KB 52ms
21ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Stack-Ball.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e633b9d914cee8d41b3cf6fdc59a841e21cebc7bc71e9a9df59edef010c2e9d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 7099
cf-polished: origFmt=png, origSize=69931
content-disposition: inline; filename="Stack-Ball.webp"
content-length: 60158
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-1112b"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86a9ffbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Emoji_game.jpg
img.gamescdn.top/ 49 KB
49 KB 53ms
25ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Emoji_game.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3f4f76ea628bc9269e2cb32a1a0991b99f815386886a1807d7d8759dcb958f4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 3674
cf-polished: origFmt=png, origSize=56452
content-disposition: inline; filename="Emoji_game.webp"
content-length: 49716
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-dc84"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86aa00bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 PetCrush.jpg
img.gamescdn.top/ 77 KB
77 KB 39ms
35ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/PetCrush.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31e188d15c7d4e9fa6dcab3829556173f4b0371eb6edb984a33ad0c769ea227a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 1563
cf-polished: origFmt=png, origSize=89177
content-disposition: inline; filename="PetCrush.webp"
content-length: 78652
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-15c59"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86ba1cbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Fruit-Rush.png
img.gamescdn.top/ 57 KB
57 KB 61ms
59ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Fruit-Rush.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca4d84dac4855206581b2cb1d7a34a2258afbd67a764489707c4f9a4b1eb656f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 6347
cf-polished: origFmt=png, origSize=65661
content-disposition: inline; filename="Fruit-Rush.webp"
content-length: 57946
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-1007d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86ca1ebbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Ludo-Mani-Game.jpg
img.gamescdn.top/ 54 KB
55 KB 62ms
60ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Ludo-Mani-Game.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce0f333f122a4451cd379d6cc3f78ef3af35c224d569c736b3abb65208b4239

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 2919
cf-polished: origFmt=png, origSize=64698
content-disposition: inline; filename="Ludo-Mani-Game.webp"
content-length: 55696
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-fcba"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86ca1fbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Traffic_Run_Online.jpg
img.gamescdn.top/ 13 KB
14 KB 44ms
44ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Traffic_Run_Online.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba68f73ce1744395d8fbcfadc123bf3537e2349420a150abc9de099d56c98f3a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 1409
cf-polished: origFmt=png, origSize=17666
content-disposition: inline; filename="Traffic_Run_Online.webp"
content-length: 13766
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-4502"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86da4bbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Troll_Thief_Stickman_Puzzle.png
img.gamescdn.top/ 37 KB
37 KB 53ms
52ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Troll_Thief_Stickman_Puzzle.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37a53061b16f46ad02476bcd1b08942ce09d6cbec149d634b11140092b3e90a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 2073
cf-polished: origFmt=png, origSize=41455
content-disposition: inline; filename="Troll_Thief_Stickman_Puzzle.webp"
content-length: 37620
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-a1ef"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a86fa70bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 knockballs.png
img.gamescdn.top/ 58 KB
58 KB 41ms
37ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/knockballs.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcd79e6f7982036d6e7c03913c90351ea1faf2cb69728f4bb209ec0c62079e68

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 5277
cf-polished: origFmt=png, origSize=68434
content-disposition: inline; filename="knockballs.webp"
content-length: 59064
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-10b52"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a871a90bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Police_Panda_Robot.jpg
img.gamescdn.top/ 57 KB
57 KB 45ms
41ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Police_Panda_Robot.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6969e1605dc678cf9c6209b29dba93e7a4cfb37ec970f4f7aa4bac725329e78c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 4718
cf-polished: origFmt=png, origSize=65278
content-disposition: inline; filename="Police_Panda_Robot.webp"
content-length: 58018
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-fefe"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a872aa9bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Shoot-Bubble-Extreme.jpg
img.gamescdn.top/ 62 KB
62 KB 36ms
34ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Shoot-Bubble-Extreme.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6716bc005d3f2034f51de1ff39aebbfb50d9fcd095b9bdc3069d86fffbd3df1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 5277
cf-polished: origFmt=png, origSize=74088
content-disposition: inline; filename="Shoot-Bubble-Extreme.webp"
content-length: 63356
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-12168"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a872ab6bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 LikeADino.png
img.gamescdn.top/ 19 KB
19 KB 40ms
39ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/LikeADino.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63aa4d4eef76cd00eada9abc86dd331f815e92e16d3623e8df1ff2fdd81b2582

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 526
cf-polished: origFmt=png, origSize=19724
content-disposition: inline; filename="LikeADino.webp"
content-length: 19226
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-4d0c"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a872abdbbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 water_flow.jpg
img.gamescdn.top/ 38 KB
38 KB 38ms
37ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/water_flow.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76b90f088fce82dbabb7a243c1fa6cb32572b731402dd8f3b0f517ab4c753a97

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 4152
cf-polished: origFmt=png, origSize=43721
content-disposition: inline; filename="water_flow.webp"
content-length: 38936
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-aac9"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a872ac3bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Hard_Worker.png
img.gamescdn.top/ 14 KB
14 KB 38ms
37ms Image
image/png 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Hard_Worker.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 647e36a6f5f05bfde9a4bf85482666b0a2856a0576254f1ff554579ee58b9bf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 May 2024 00:39:07 GMT
server: cloudflare
age: 3559
cf-polished: status=format_not_supported
etag: "665527ab-371e"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a873adfbbec-FRA
content-length: 14110
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Paper_Cut_Boy.png
img.gamescdn.top/ 73 KB
73 KB 40ms
40ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Paper_Cut_Boy.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e0672cd2c0b6a0e8d52e1cb0215691436278738f95e656b91735ebfd47775a2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 818
cf-polished: origFmt=png, origSize=79873
content-disposition: inline; filename="Paper_Cut_Boy.webp"
content-length: 74262
cf-bgj: imgq:100,h2pri
last-modified: Tue, 28 May 2024 00:39:07 GMT
server: cloudflare
etag: "665527ab-13801"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a874af5bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H2 200 Knife_Hit_Up.jpg
img.gamescdn.top/ 27 KB
27 KB 40ms
36ms Image
image/webp 2606:4700::6812:d20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.gamescdn.top/Knife_Hit_Up.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1440c5260c962595faa48821eb9ff7818c20f030c1dfbf1cf70725d484e2475e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
cf-cache-status: HIT
age: 5263
cf-polished: origFmt=png, origSize=30518
content-disposition: inline; filename="Knife_Hit_Up.webp"
content-length: 27206
cf-bgj: imgq:100,h2pri
last-modified: Sat, 16 Mar 2024 12:48:16 GMT
server: cloudflare
etag: "65f59510-7736"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 898b3a876b26bbec-FRA
expires: Tue, 24 Jun 2025 08:08:12 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/ 463 KB
144 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 03:58:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14989
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 147664
x-xss-protection: 0
server: cafe
etag: 1926151935331161023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 24 Jun 2025 03:58:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 219 B
124 B 170ms
73ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=newsquest.top

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a5a8081676d4f2dfe04202f88ed2362d2d57a6f98929872988510480171c741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 99
x-xss-protection: 0
expires: Mon, 24 Jun 2024 08:08:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 127ms
31ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-TLG9XVNK4K&gtm=45je46j0v9187050384za200&_p=1719216492364&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2064045482.1719216492&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719216492&sct=1&seg=0&dl=https%3A%2F%2Fnewsquest.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=552&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLG9XVNK4K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:08:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsquest.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 100ms
79ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TLG9XVNK4K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1e804788c1ae6868e55922f7abd49a5d7c821fd3f53f31096423084b8a05d81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 104648
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 24 Jun 2024 08:08:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 17 KB
13 KB 115ms
67ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

30b547ef2efccbc69f99dd6a46236fa1352963b27c34bfcc9a1f024b7b4a3153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12913
x-xss-protection: 0

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 44 KB
11 KB 577ms
537ms Fetch
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=2130421953154726&correlator=4416668373869054&eid=44809527%2C31083339%2C31084741%2C31083951%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fif&ltd_cs=1&iu_parts=22839306403%2Cnewsquest.top-b%2Cnewsquest.top-300x250-01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1719216492653&lmt=1717749830&adxs=650&adys=95&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fnewsquest.top%2F&vis=1&psz=1600x292&msz=1600x250&fws=0&ohw=0&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1719216492188&idt=426&adks=1631608837&frm=20&eoidce=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e5e50a6f3a5f1691e07fe8520664e8dce335c44e8caff6df128f17d27e4006c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11272
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://newsquest.top
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1FEC 0
0 126ms
31ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 08:08:12 GMT
expires: Mon, 24 Jun 2024 08:08:12 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 32ms
29ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DWX6Q6TDMK&gtm=45je46j0v9117603054za200zb9187050384&_p=1719216492364&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2064045482.1719216492&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1719216492&sct=1&seg=0&dl=https%3A%2F%2Fnewsquest.top%2F&dt=Play%20Free%20H5%20Games%20On%20Mobile&en=page_view&_fv=1&_ss=1&_ee=1&tfd=744&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:08:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://newsquest.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 117ms
34ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 08:08:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 24 Jun 2024 08:08:12 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DC20 0
0 73ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
age: 8053
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 24 Jun 2024 05:53:59 GMT
expires: Tue, 24 Jun 2025 05:53:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012405231944000/ Frame 8B58 196 KB
56 KB 107ms
21ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:26 GMT
age: 421667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56221
x-xss-protection: 0
server: sffe
etag: "4f8c718905502572"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:26 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8B58 15 KB
5 KB 151ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:24 GMT
age: 421669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5215
x-xss-protection: 0
server: sffe
etag: "520f632e10627ab5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8B58 95 KB
28 KB 140ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:24 GMT
age: 421669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29049
x-xss-protection: 0
server: sffe
etag: "d2ee33e5ff8fd311"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8B58 5 KB
2 KB 153ms
68ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:26 GMT
age: 421667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1909
x-xss-protection: 0
server: sffe
etag: "bfb34e064e92ea30"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:26 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012405231944000/v0/ Frame 8B58 40 KB
13 KB 153ms
69ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405231944000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 19 Jun 2024 11:00:26 GMT
age: 421667
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12965
x-xss-protection: 0
server: sffe
etag: "35ded0b44597563f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 19 Jun 2025 11:00:26 GMT

GET
DATA 200
OK truncated
/ Frame 8B58 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b838d010390daf28714708b1e24e5c8d88421f5b0fe1f40b62da847e07afec37

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14014297056523371309
tpc.googlesyndication.com/daca_images/simgad/ Frame 8B58 51 KB
52 KB 23ms
22ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14014297056523371309

Requested by

Host: newsquest.top
URL: https://newsquest.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8fa4981f5cf4d07baacba506f3568270abdbc9f9b3db9e8808e3caddaa8722d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Wed, 18 Jun 2025 14:50:12 GMT
date: Tue, 18 Jun 2024 14:50:12 GMT
x-content-type-options: nosniff
age: 494281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52701
x-xss-protection: 0
last-modified: Thu, 06 Jun 2024 13:23:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 en.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8B58 2 KB
2 KB 68ms
23ms Image
image/png 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: newsquest.top
URL: https://newsquest.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 15:05:50 GMT
x-content-type-options: nosniff
server: cafe
age: 61343
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2502
x-xss-protection: 0
expires: Mon, 24 Jun 2024 15:05:50 GMT

GET
H3 200 icon.png
pagead2.googlesyndication.com/pagead/images/adchoices/ Frame 8B58 295 B
319 B 66ms
23ms Image
image/png 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: newsquest.top
URL: https://newsquest.top/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 14:52:35 GMT
x-content-type-options: nosniff
server: cafe
age: 62138
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Mon, 24 Jun 2024 14:52:35 GMT

GET adview
pagead2.googlesyndication.com/pagead/ Frame 8B58 0
0

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8B58 42 B
65 B 174ms
174ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSdt_q0-6n0BU14FCKg958SyRPUViPTAUH-H8a5iNLW9lzUSiDSzbuBXLrjJIiiOdBASlFyJE9TC7xK1VjkadqIhUm31ldDu9a5b95-CCO_7jE0wBJaAiZSEB-A4l3I5CrKkDSJJBwiJj8iPh3z8FkHp3_R8p00V_Y9xLupZs&sig=Cg0ArKJSzIUfhrO7Dfe3EAE&id=ampim&o=650,95&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=249&tls=1249&g=100&h=100&tt=1249&r=v&avms=ampa&uap=Win32&uapv=10.0.0&uaa=x86&uam=&uafv=126.0.6478.114&uab=64&uafvl=%5B%7B%22brand%22%3A%22Not%2FA)Brand%22%2C%22version%22%3A%228.0.0.0%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22126.0.6478.114%22%7D%2C%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22126.0.6478.114%22%7D%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://newsquest.top/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 24 Jun 2024 08:08:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/adview?ai=CRIy_bCl5ZtKJLcyH_NUP9uqESJfQsbR48qOF9fkSv-EeEAEg2ZOslwFglaKfgrAHoAGcr_uoAsgBAuACAKgDAcgDCKoEkQJP0PzW8_Bs9G6EqKQVxJN8NKvJGUy0gS9GN2p5om82XYQgibcud0nS6N-1LrLB-OPRaLyuIkU8ocb4vFgQHgLAJb-J_Rbd9dEykhWyUj9kZj_NJVZDojZI4RskBFbftv7SUacrFKchEul6pAVkwixD6mQSKhO79qNZc4MrKPXKBoSsqnFeSvtWXS5Qh4t-7yWx7KiPQFncorNhr4kFJNwi7dXLk8Fo59LFBO4__chIXQ0bORJWN_TXswqEyqjGXTCTzGv98yp6oMJONfPCTjPcPvlS1F6JP2LRCu2UGsOhdXKPgwpxNq-JTc3qCBcwb5kx5z1p215vVGwbo7I2QJ_H4DKbE48oRtSkWm6CzGoZHCHABKfY1q_hBOAEAYgF5KCRx0-SBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB9m2sQKoB9XJG6gHpr4bqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH98KxAtgHAfIHBRDXxsAF0ggqCJHhgHAQARgdMgfri4Dgv4ANOggAgICAgICUKEi9_cE6WMvM3MLk84YDmgn5AWh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vP2RlbGF5ZWRzaWdudXA9dHJ1ZSZueF9zb3VyY2U9YWR4X2Fkd29yZHNkaXNwbGF5Lmh3X3diX3VmXy0uY2MtZGVfZW4uZy1taXguYS1taXguYXUtYWZmaW5fZ2FtZXJzLm9wdC1wdXJjaGFzZTIuY29tLW5ld2FjLmNyLWh3X3N0X2xlZ2FjeWxvb3QyMDMuY24tMzAwXzI1MC5scC1kZWxheWVkLmR0LWRpc3BsYXkuY2lkLTIxMzU1NTgxNTQwLmFnaWQtMTYzNTc3MTc5MTc1LmNzZC0wNjA2MjQuLYAKA8gLAeINEwjglN3C5POGAxXMA78EHXY1AQnYEw3QFQGYFgGAFwGyFx8KHQgAEhRwdWItNzc2MjQ5NjgxNjQ1MjM3NBjQrYwBshgJEgKwUxgCIgEA6BgB&sigh=9bOJvZEZTb0&uach_m=%5B%5D&ase=2&nis=6&cbvp=2

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406170101&jk=2130421953154726&bg=!19Sl1JvNAAb64txl2uI7ADQBe5WfOD3UkAd-juu1lwXgfGhZMNqRWzPYW-o51KmywMJQXk4BbVDdeKJhWqkyLiEDjUajAgAAAExSAAAAAmgBB34ANiIr6bCLyklTgcACJIG5ijReHrDacs3EQq0rfyczgf4vqr7T7RH_a-PVRvI9FyQvhafrKorxwZkCuJj3B5ALVAIMXGF4iMSNPbT30iXe5FAzBa1X-6zQ-u9_TvHMmb6JHImYgn8fBFU_HShql6bG7mMG-tGP2LrbMBHyYpH3VdZ2op7Ds0dODparj171oW12FNVgi9tdqjRREmU6DMVdrurY8AEA78PtmgG-bCQ8T3GN9tYHvj51o3AWASbIJx-zx3I-gODYo7zb4pVtuXvj75b9HFywFdngLYiTt8f6OrlhEagd9dizHdieoCbYNpeWGpTlsjBQ-mDmiiMd98DuOGRJWNPCTJfxv3ZBIjOs2EWVUtzQpTyi0n3yk2f-ZOqG_ryMgATTYcUEGvKrEgcVSDDknbimwmapNiGi1I3ab29erdaAhkLLZH1dcZAuzRYyjQtpK17VZQmpjY_FGaI_5vZeEcXbgB84NOOXZKv867aCDqaJheUlQWp2aoFWF2WoPX-y2JSxFSVqgz43icQw7HK0BKK88ZZeWFfVScC53WVzWKUF0kXu2JlY5iwasECz35f3qgYu0jZrGYDRr7ua5wJpOnByfMhGjqenNy8NkN85e4SFYY1cQSb2TYd_5QiXqUJdEYpKYiZW6BFjIiuOnWGDcqtEgx9FJOrxBZtn3guRBxdTr4IK69zY671c8Qvev5HYMpSO0R2aWwVDIp5K98OkhmO_uXVQzgQzqzswjk6mX2id2McNob37vuSP9mIq_YYhoEkpo52QIDkEJdS5Kib1MgD7hvzr4t7FDKE0ZwIACPmx9Va3s6sh2a5idyYVIp1i-UE_f2t6EhKFuh0PPvAtLWugz4Y2NSm1Vp8A9VeixQxWq-zUZ3dxeE5gKAmbOq1SaE1odrRTLRoywmHmyH5N5u7bXbkjnkNKqBahA9gOjeiAntcPdDpUKW7d4C53NaWsSQx04v0AbGyLfA2F1xyHRgiUQP2jJ5d3szHtN3vHbg

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.newsquest.top/	1970-01-21 07:09:36	Name: _ga Value: GA1.1.2064045482.1719216492
.newsquest.top/	1970-01-21 07:09:36	Name: _ga_TLG9XVNK4K Value: GS1.1.1719216492.1.0.1719216492.0.0.0
.newsquest.top/	1970-01-21 07:09:36	Name: _ga_DWX6Q6TDMK Value: GS1.1.1719216492.1.0.1719216492.0.0.0
.newsquest.top/	1970-01-21 01:52:48	Name: __eoi Value: ID=ab5b831aeb2a7c03:T=1719216492:RT=1719216492:S=AA-Afjagfi688qPPTdKVw1EMxw4r

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b971e62f2d59f1dd5c717790d13c5ac8.safeframe.googlesyndication.com
cdn.ampproject.org
data.gamescdn.top
icons.gamescdn.top
img.gamescdn.top
newsquest.top
pagead2.googlesyndication.com
region1.google-analytics.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagmanager.com
pagead2.googlesyndication.com
2001:4860:4802:34::36
2606:4700:3035::6815:2d78
2606:4700::6812:d20
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2008
0fb24e282c657fd30c55b9a2ed2a2aaba374b26c5f66633c0c40d25f525fe439
1440c5260c962595faa48821eb9ff7818c20f030c1dfbf1cf70725d484e2475e
1a0512b57267dd637fd3637f518536a65269ed841532253abd6a04b58698b98e
1a45780e45a6bd202925017e88874504340d358954255f856b9dda2d1b91a76a
1c2a3b6c612eda0febd631b89f3ddafb22412ffdf0d24ab8c2cefff8f3780769
1ce0f333f122a4451cd379d6cc3f78ef3af35c224d569c736b3abb65208b4239
1e804788c1ae6868e55922f7abd49a5d7c821fd3f53f31096423084b8a05d81b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30b547ef2efccbc69f99dd6a46236fa1352963b27c34bfcc9a1f024b7b4a3153
31e188d15c7d4e9fa6dcab3829556173f4b0371eb6edb984a33ad0c769ea227a
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a53061b16f46ad02476bcd1b08942ce09d6cbec149d634b11140092b3e90a9
3d7f525f2da6e73de996f39ecc0d200f1a6c8e2555dbc5d9022e677f2be3d9f9
48679aa4e044572045a5b00006dd7da050406d75f3c258f14430fbcd21143e5d
4dcaeddd646fbacc2222460871c640fd6aaf14665e48707b9c7d0175c93b13b6
4e633b9d914cee8d41b3cf6fdc59a841e21cebc7bc71e9a9df59edef010c2e9d
51538c63bce715ec9cfba6b522b936ff5dfe181c885592a21f320b73b0eb80f0
5474849a40cebcdaf1d26ef7b09c19033284aa51a6ac0ebdb95ac7736cc59c22
5a65ee93ffa344cf0b694aacc403ae99b020261f064daa363c014818e25e516c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63aa4d4eef76cd00eada9abc86dd331f815e92e16d3623e8df1ff2fdd81b2582
647e36a6f5f05bfde9a4bf85482666b0a2856a0576254f1ff554579ee58b9bf5
648dc93b9587b6b324be4109a401dff1b85ff761edf38ed7c0730399501ed15e
651ed70430e4737f1f0e1a434885775eff39dd4c2ca12aabfef27c8420d57118
6969e1605dc678cf9c6209b29dba93e7a4cfb37ec970f4f7aa4bac725329e78c
76b90f088fce82dbabb7a243c1fa6cb32572b731402dd8f3b0f517ab4c753a97
7e5e50a6f3a5f1691e07fe8520664e8dce335c44e8caff6df128f17d27e4006c
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f
8a5a8081676d4f2dfe04202f88ed2362d2d57a6f98929872988510480171c741
8b0211f452286c4865aa28dc2c99b5e98aa39c440ee47085d416341223a6f198
8f61a853557ac40a223423fa858324b554d58228618b27d54911c9eed4a9e730
8fa4981f5cf4d07baacba506f3568270abdbc9f9b3db9e8808e3caddaa8722d2
9e0672cd2c0b6a0e8d52e1cb0215691436278738f95e656b91735ebfd47775a2
9f05490fcc6a6c26a819b8df6bcc729e38270270dc28528a2147764e9900aeb1
a48797d8b2daa2166d7ea9e2ba886fca97d05c2c02327e45b7b4fc0f302578d9
ab6d62afefb8b82d4dc908c6ae42f243484be1f61a6edda9861264531fed55be
ae82a23eae8bcd2b838c8f1442851d94b6253a466068f7751314703aa3ab0c96
b003c20bcde948b63be4c022ab5c4d83c1a639f6ac2d658839fdcc2a955670f6
b6716bc005d3f2034f51de1ff39aebbfb50d9fcd095b9bdc3069d86fffbd3df1
b838d010390daf28714708b1e24e5c8d88421f5b0fe1f40b62da847e07afec37
b972da1f9da0a7237139330c766844fb6b62defe8795c06e8549842aaa0d67e6
ba68f73ce1744395d8fbcfadc123bf3537e2349420a150abc9de099d56c98f3a
c62687ad5ddc03c24a77c0b9fd8b7100fb3a42bdb44e711386cef70ef7bf0628
c68708fa65288914cc1d322aa91e119951c0b54f1e399f0d1273cb13b62e1ab5
c8025c32525a089cfce8ee11f50467463a2c023c0732869158e8b7436241aafe
ca4d84dac4855206581b2cb1d7a34a2258afbd67a764489707c4f9a4b1eb656f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3ef0328b9e699304f321dac58d3f7aaeae3203bfdb04f1c3c85990d4b5d1b70
e2c1c288a0340f9a2b10517d1eece34605ff15ceb0ac8fe3e48d9ad6d9bd7712
e3f4f76ea628bc9269e2cb32a1a0991b99f815386886a1807d7d8759dcb958f4
e48674b241f95ad53f6658a3f4250964ad6d79634b4143c27776e2d111990e93
e545ef37c9c9e13c9e6133408ba48781f2666ea1c1659ef4182b121289118c8e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f116dab807b0851d1ed064614bb23ccb0ae6eca2ffe0e55772338f74523e6d04
f6254fb3bab91044c5237f2337add838f4aa853f30b4dae6725b61acd95d6b33
fc2cbe70c20c9b9f5818c2c3b368a049f4fa51a8306b3e3f01da43ccaccf751d
fcd79e6f7982036d6e7c03913c90351ea1faf2cb69728f4bb209ec0c62079e68

newsquest.top Open in urlscan Pro 2606:4700:3035::6815:2d78 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

64 Requests

97 %HTTPS

100 %IPv6

7 Domains

11 Subdomains

10 IPs

2 Countries

1532 kBTransfer

2697 kBSize

4 Cookies

0 Outgoing links

Redirected requests

64 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

newsquest.top Open in urlscan Pro
2606:4700:3035::6815:2d78 Public Scan

Screenshot
Live screenshot

Full Image

64
Requests

97 %
HTTPS

100 %
IPv6

7
Domains

11
Subdomains

10
IPs

2
Countries

1532 kB
Transfer

2697 kB
Size

4
Cookies

64 HTTP transactions
1 data transactions