test-venus-games.flyershares.com Open in urlscan Pro
13.226.210.29 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://test-venus-games.flyershares.com/
Submission: On February 24 via api (February 24th 2023, 5:20:21 pm UTC) from US — Scanned from US

Summary HTTP 85 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 1 countries across 9 domains to perform 85 HTTP transactions. The main IP is 13.226.210.29, located in United States and belongs to AMAZON-02, US. The main domain is test-venus-games.flyershares.com.

This is the only time test-venus-games.flyershares.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	13.226.210.29 13.226.210.29	16509 (AMAZON-02) (AMAZON-02)
8	2607:f8b0:400... 2607:f8b0:4006:80d::2002	15169 (GOOGLE) (GOOGLE)
13	13.226.225.50 13.226.225.50	16509 (AMAZON-02) (AMAZON-02)
6	2607:f8b0:400... 2607:f8b0:4006:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
6	23.195.100.26 23.195.100.26	16625 (AKAMAI-AS) (AKAMAI-AS)
10	23.64.60.21 23.64.60.21	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2607:f8b0:400... 2607:f8b0:4006:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::3 2620:100:a001::3	19750 (AS-CRITEO) (AS-CRITEO)
1	2620:100:a001... 2620:100:a001::24	19750 (AS-CRITEO) (AS-CRITEO)
10	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.147 74.119.119.147	19750 (AS-CRITEO) (AS-CRITEO)
5	2620:100:a001::a 2620:100:a001::a	19750 (AS-CRITEO) (AS-CRITEO)
2	2620:100:a001... 2620:100:a001::16	19750 (AS-CRITEO) (AS-CRITEO)
2 2	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:80e::2004	15169 (GOOGLE) (GOOGLE)
85	18

6 13.226.210.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-210-29.lax50.r.cloudfront.net

test-venus-games.flyershares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 13.226.225.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-225-50.lax50.r.cloudfront.net

venus-games.flyershares.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4006:81c::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.195.100.26 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-26.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.64.60.21 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-60-21.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lg3.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hblg.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:80e::2001 (Nutley, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2002 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::3 (United States)

ASN19750 (AS-CRITEO, US)

rtb.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::24 (United States)

ASN19750 (AS-CRITEO, US)

ads.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)

cat.va.us.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2620:100:a001::a (United States)

ASN19750 (AS-CRITEO, US)

pix.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::16 (United States)

ASN19750 (AS-CRITEO, US)

csm.us.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80e::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	flyershares.com test-venus-games.flyershares.com venus-games.flyershares.com	2 MB
17	criteo.net static.criteo.net — Cisco Umbrella Rank: 625 pix.us.criteo.net — Cisco Umbrella Rank: 2546 csm.us.criteo.net — Cisco Umbrella Rank: 2543	132 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 140	286 KB
16	media.net contextual.media.net — Cisco Umbrella Rank: 563 warp.media.net — Cisco Umbrella Rank: 2437 lg3.media.net — Cisco Umbrella Rank: 4898 hblg.media.net — Cisco Umbrella Rank: 1799 cs.media.net — Cisco Umbrella Rank: 1359	363 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	43 KB
3	criteo.com rtb.va.us.criteo.com — Cisco Umbrella Rank: 5643 ads.us.criteo.com — Cisco Umbrella Rank: 2463 cat.va.us.criteo.com — Cisco Umbrella Rank: 2680	48 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	145 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 73 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 855	603 B
85	9

	Domain	Requested by
13	venus-games.flyershares.com	test-venus-games.flyershares.com
10	static.criteo.net	ads.us.criteo.com static.criteo.net
9	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	test-venus-games.flyershares.com pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com
6	contextual.media.net	googleads.g.doubleclick.net contextual.media.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com test-venus-games.flyershares.com
6	test-venus-games.flyershares.com	test-venus-games.flyershares.com
5	pix.us.criteo.net	ads.us.criteo.com
4	lg3.media.net	googleads.g.doubleclick.net contextual.media.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	cs.media.net	contextual.media.net
2	cm.g.doubleclick.net	2 redirects
2	hblg.media.net	googleads.g.doubleclick.net
2	csm.us.criteo.net	ads.us.criteo.com
2	warp.media.net	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	cat.va.us.criteo.com	ads.us.criteo.com
1	ads.us.criteo.com	googleads.g.doubleclick.net
1	rtb.va.us.criteo.com	test-venus-games.flyershares.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
85	21

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.flyershares.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.va.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-21` - `2023-05-23`	3 months	crt.sh
*.us.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-16` - `2023-05-14`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
*.us.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-16` - `2023-04-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://test-venus-games.flyershares.com/
Frame ID: 7F6412A1FA7CD7021C464DB4A9DCE2BF
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html
Frame ID: 1A0FBC06AD37005A632418E4E9F81F92
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3976351782814206&output=html&adk=1812271804&adf=3025194257&lmt=1660718543&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=http%3A%2F%2Ftest-venus-games.flyershares.com%2F&ea=0&pra=5&wgl=1&dt=1677259211889&bpp=11&bdt=421&idt=454&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=396785752589&frm=20&pv=2&ga_vid=424976620.1677259212&ga_sid=1677259212&ga_hid=2138164429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071643%2C31072348%2C31071264%2C31071662&oid=2&pvsid=3468662302418180&tmod=1029348085&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=499
Frame ID: 981B2AC78635A692257ECE3582CAC082
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: E2D5BB42C64EB3A9427112AB5371127D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A6555FDA16A729817C13F60B24A5DDF
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
Frame ID: 18FCD50CAE56BD0BE1F97C1F28E39137
Requests: 8 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_jxzAAG7NwITw6UAA7njPDSg_EQqabB7vDPow&u=%7CoFWf7V8hO0xFGDALwcZQdW%2BKyhP2qZHiY3nu9Vn%2Bc5g%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEadMnLNV8y2A8kf5ODhOBKZ0orjBUbz1qQfGj3y-TxGR2JhVrlZ3N0mkkIqfcKTXWq4pTfX9Z86aKj1lvroxe9XNYO1VyfC_TiiK1-HpmKCx6TwtzR72QekmH2WhLvx6dGq_X3wz-SRY5twW1mXvgYzCp_WseazidU9jqOZhTvomBSAONgAUfqOkaBOZSVR9ZTv29J3x0hwQjv5dy8zWi_8ZII4D4rDmhhK4DqvJfpj7UI0f-WQUE2qAX5IgbhKxruKR7QSAES7voZp59SnmHDnbQxMzFmFO1kBLsWcSOxd4swaENMhE78pTBZET8QHNzB5QysD92dSo962q0kimi36fpY7HYtP2rgAM1_F3BBDr2Fp_ab8I0awAOVy7nAY0heRzLRcBGxPLd6xEOo20CX06S52oY51wODtDdndCR-0UWD1fRSq3rcYLPcytAFa3Kq6J26xv7O9FB2M3RePonaNGPDZayfPzNxGp_xav0MDrbd-Nl8cLy-zKRBUfpCLSAfp8Q9hQicz0iOrhiiw44DzbZRxI9y9aWMt_OS_BQCj4siQwwDWhkVD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXy0SzPH4Y9zZG5SdvPIPjM-7iAecge-wXOLDuM6jAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NzYzNTE3ODI4MTQyMDbIAQmoAwGqBN0BT9BPgxWiMjX_OfkkVrT8YpKwUdTcjA3va5pMc8lxN62RO3XQRxguEI0YWPMbYdbDOPs_rDgbGaoqTKZjKcPnGmBn_nx0p7UzXCJHo9qnYhEUfJMHa5J1cHqkWZJwl5UjXsCpglGE0qSIsy6mFJ37mhGexIHzL8WqyYR_PFRjbyb1uVaEgjbAETXyDhIH0dTHgyy8P0JU_y4CfwPIi0fC5bxJQRZ9hl85iNf7mwC1jK2m9fI2X0iGzGFO-1gCm5cClvjDVdeSlLiMA_F-BqvrW1R2fFHKrNAJn67R1vKABrSd4fT59uj0RKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2hUCyR8YDVTUtt-iGyJJRa471SmQ%26client%3Dca-pub-3976351782814206%26adurl%3D
Frame ID: 70AF32A3152305ADFFE18B2F8E73FEFB
Requests: 19 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&nse=5&vi=1677259213496334474&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xxgzaqBg&bcpf=B4x8fOnRrolnfOur8xgzaqBg&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01700795180t202302241720&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&htmlsrc=1&isid=294&allsc=FL
Frame ID: F0E81F7D81F37E327A15E2E1EC0A0D52
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&nse=5&vi=1677259213799845019&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xxgzaqBg&bcpf=B4xxg8fOnRrolnfOur8zaqBg&bdrId=294&bid=339599&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01700795180t202302241720&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&htmlsrc=1&isid=294&allsc=FL
Frame ID: 10CD87959E0A91088A939479C35966F3
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: C1EC69370B907ECBCC2F221ABFB8ACC6
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 970026235C21DE4055DEA0DF63E8A2BC
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FCE3BC8D090FF72A04DC1C378BD4A560
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C4342EB4F3ED621B1EEB2DC4AED6B60D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Game Box

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

85
Requests

91 %
HTTPS

67 %
IPv6

9
Domains

21
Subdomains

18
IPs

1
Countries

2560 kB
Transfer

4116 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwMjYwODE0MTUyNDQyNDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1

Request Chain 72

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwMjYwODE0MTUyNDQyNDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1

85 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
test-venus-games.flyershares.com/ 8 KB
2 KB 634ms
420ms Document
text/html 13.226.210.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://test-venus-games.flyershares.com/
Protocol: HTTP/1.1
Server: 13.226.210.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-210-29.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bed081d2136712bd74fc55233dbe07a42b5ce1427df1685385326294b663e59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 24 Feb 2023 17:20:12 GMT
ETag: W/"c28a27050cdad30c6659953ae856aec7"
Last-Modified: Wed, 17 Aug 2022 06:42:23 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 cd236f377f553d8e8fa1282f0470b626.cloudfront.net (CloudFront)
X-Amz-Cf-Id: Zvyj-KXFCUCvQN9Y91H835QEB9JYMm-J73SRWIktscC5Tf2_h3Dm6Q==
X-Amz-Cf-Pop: LAX50-C1
X-Cache: Miss from cloudfront

GET
H/1.1 404
Not Found base.css
test-venus-games.flyershares.com/css/ 0
0 469ms
467ms Stylesheet
text/html 13.226.210.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://test-venus-games.flyershares.com/css/base.css
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: HTTP/1.1
Server: 13.226.210.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-210-29.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 17:20:11 GMT
x-amz-error-code: NoSuchKey
Content-Encoding: gzip
Via: 1.1 cd236f377f553d8e8fa1282f0470b626.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LAX50-C1
Transfer-Encoding: chunked
x-amz-error-message: The specified key does not exist.
X-Cache: Error from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2022 06:42:23 GMT
Server: AmazonS3
ETag: W/"c28a27050cdad30c6659953ae856aec7"
Vary: Accept-Encoding
x-amz-error-detail-Key: css/base.css
Content-Type: text/html
X-Amz-Cf-Id: 1h0SMntXWdcrth3JhhC4fm9ecfIDFoNV-gYiq7S_ILwQJCZ6jYoEeg==

GET
H/1.1 200
OK index.css
test-venus-games.flyershares.com/css/ 10 KB
3 KB 524ms
422ms Stylesheet
text/css 13.226.210.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://test-venus-games.flyershares.com/css/index.css
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: HTTP/1.1
Server: 13.226.210.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-210-29.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89bbd001b50160a29f8992974f4de5cfa7677e4936cb4075d26575a994ef0952

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 17:20:12 GMT
Content-Encoding: gzip
Via: 1.1 41ac07659069c54169d3a2beee4d9f76.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Aug 2022 06:42:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: LAX50-C1
ETag: W/"cb710f2e9925df25b62b264302eba614"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
X-Cache: Miss from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: vT3AXA6-S3uKdrNv63Sj9nsfBjzfQ126O4tf74eewRSZrvWEr2OBuA==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 258ms
106ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3976351782814206

Requested by

Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0be2f747353abfdc4c43b6adf52150d3fee6121e6d06750af3b74b7a6b0c1dbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Origin: http://test-venus-games.flyershares.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49337
x-xss-protection: 0
server: cafe
etag: 7907197961355516375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 17:20:11 GMT

GET
H/1.1 200
OK heard_view_top.jpeg
test-venus-games.flyershares.com/img/ 80 KB
80 KB 577ms
479ms Image
image/jpeg 13.226.210.29
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://test-venus-games.flyershares.com/img/heard_view_top.jpeg
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: HTTP/1.1
Server: 13.226.210.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-210-29.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d4873f5a10703244d8023f9d3b7e9f8e9a2119d10952401ebde017c58f20a1d

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 17:20:12 GMT
Via: 1.1 d0098d94547a75389bf63cafa9fa7462.cloudfront.net (CloudFront)
Last-Modified: Wed, 17 Aug 2022 06:42:23 GMT
Server: AmazonS3
X-Amz-Cf-Pop: LAX50-C1
ETag: "e5cede13fcb5ff28221054da516b8939"
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Connection: keep-alive
Content-Length: 81412
X-Amz-Cf-Id: vC5fesUGgDf08ZeDjCAMYGWxZ7-JDCDJsa8hmTtX-QqOoSQoIL9aAA==

GET
H2 200 icon_app.png
venus-games.flyershares.com/8ball/ 444 KB
445 KB 787ms
412ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/8ball/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b522fd8e29ae54a3b42c4c80647686f448741d4d2d7279b8518e87aada8ca9e

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Thu, 18 Aug 2022 03:33:26 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "911c5a7180472cf56102e39b213d15bb"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 455050
x-amz-cf-id: QZsx9c_3GfylaLIg_rO-2F7ar3pP5J9WWEQlGlSH6fwHvklyLjEtPg==

GET
H2 200 icon_app.png
venus-games.flyershares.com/8ball_pro/ 55 KB
56 KB 603ms
228ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/8ball_pro/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 687a67b2dfd577d42ad5cc2d9bf9cb93189e604210611669d525194dce4ccd2c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:54:12 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "10ec358b7e3f4b682dea03f756822e47"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 56812
x-amz-cf-id: 6rShxujuP2bN8Jvj8uZBM3tGXg7FTWdwqtej5R0LoA8Z8oZzm7ODwQ==

GET
H2 200 icon_app.jpg
venus-games.flyershares.com/Dunk_Shot/ 14 KB
15 KB 931ms
557ms Image
image/jpeg 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Dunk_Shot/icon_app.jpg
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99667cbc6af4446dc09a8cea227a1834303ec37891931ee8884e9c18798bd08c

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Mon, 22 Aug 2022 08:59:06 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "5c2086ad0d036337cf53c6762526b3c5"
x-cache: Hit from cloudfront
content-type: image/jpeg
content-length: 14650
x-amz-cf-id: d-HozhPqVr0EzpHVb7h6PmTHndBAxKEPW0jiny7YWHJ_odfAt-FUvA==

GET
H2 200 icon_app.png
venus-games.flyershares.com/FootBall/ 162 KB
162 KB 486ms
112ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/FootBall/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d916ce74fd827d280f43f3d415a4f9b31b7b900efc31aed9d4448fcfd7d23747

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:53:50 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "784129b0a9ec3a48ddf8ef100ded023f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 165594
x-amz-cf-id: 02MUCZxjjI4LvZaqjdwvqbL_LniJvtUsT4t_TI07CVVcD4rZnoW7aA==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Football_Table/ 57 KB
58 KB 689ms
315ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Football_Table/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f8f155c5a6bdc5920ea4f837594cd5b897e9a446961e59a5430b4ed43ac5ae9

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:01 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:52:54 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "44f795e0e8b2192ad03438cadc5207e2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 58855
x-amz-cf-id: n5fowx0-YF_qyynnqVwe1cIdp_KbZyopCvdsrFC94P8PNShLFAkM3A==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Idle_Zoo/ 111 KB
111 KB 912ms
539ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Idle_Zoo/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4ee16135b08dd0597292ad77ea9169c65bae83347e3a899124cfbdb6ca4f5311

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:01 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:54:28 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "0ccf012617367bffd03d984f4ce5ae68"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 113602
x-amz-cf-id: WP8pcOw4S3AfAYjVCvczxPkgIXsuGkwmlBU9Trf6nSh1C23INQu9Hw==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Galaxywarriors/ 106 KB
106 KB 503ms
501ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Galaxywarriors/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 091221dc361a250f5592841cf9cf00efdb51a7ad2526dac1cc88828de23fbee3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:01 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:53:21 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "773243a3afb36bcbc11db3eb3f3ee63e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 108111
x-amz-cf-id: Oig-wVr_vi_BoPwH8EZRWh9_bjdxHNU8Rv7DEQAQCVuk_izws5a3Sw==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Jelly_bomb/ 164 KB
165 KB 492ms
490ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Jelly_bomb/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3d70bd12d14ab789e142caae2d0fcc2e74e8fc8e2c1038925978b20cf3585470

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:01 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:54:43 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49210
etag: "66f3986aa1d910c32c5b6ee609324e4b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 167915
x-amz-cf-id: LYJ1cYA3fx6KrV1K_azfNjLTtl8ZHZHZ_OOvr6v5GlA6bz3tUQWoAw==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Domino_Battle/ 46 KB
46 KB 517ms
515ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Domino_Battle/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bafbf12e8686a98054bc57a5e8b7eb27c1cfc3a103944878a141ab66b21ed3bb

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:51:42 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49211
etag: "9347397dc182428def5a948b977cacf3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 46683
x-amz-cf-id: IEaoi2ZeO5QGvFvK09ZDuP0grxtIwSfnFuYox4w5TU7Akag86-t_ig==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Stone_Merge/ 47 KB
47 KB 519ms
517ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Stone_Merge/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 711dbbc8d1a3448016603b50900ea239e5172a1ed44980e1f3e0c77710b4dfe6

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:55:31 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49211
etag: "2be1a4ca6cbbda4e88003e401264fda9"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 48239
x-amz-cf-id: Jii2PGFbLLAF_6obRRfbwkvjlXaGi0bdRUAeZEscbgyFXkr7Ku927A==

GET
H2 200 icon_app.png
venus-games.flyershares.com/RainbowJump/ 179 KB
180 KB 520ms
518ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/RainbowJump/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6695936c4757615b4d0f3d8432212e1125fa1634ee70c7db5ec281a33982f353

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:55:21 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49211
etag: "8965b7418319b49a99519b58eb7ae281"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 183755
x-amz-cf-id: TIBGDE1juWXzzw8_KlDSpRZnJuI_5My1E3cEfsnSq2nR2FXxaHziBQ==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Geometricball/ 42 KB
43 KB 518ms
516ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Geometricball/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1e4dbff1c9c997c63392fd4214673882dc04f2641a2a4322b48a91ecfb5ec1f3

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:53:49 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49211
etag: "0d85439eec70c64d24d510ece0b0361e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
content-length: 43282
x-amz-cf-id: nQrxVOcHGF0X9uLDFlgsS0zGX2tFeXvul7OuBDpdsB6XeCXFyq5JoQ==

GET
H2 200 icon_app.png
venus-games.flyershares.com/Merge_2048/ 22 KB
23 KB 518ms
517ms Image
image/png 13.226.225.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://venus-games.flyershares.com/Merge_2048/icon_app.png
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.225.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-225-50.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9bc085c0ed56a4135764461a164acca1563af62abcb2b2913fd11e44094f06da

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:40:02 GMT
via: 1.1 8922c76dde274383aa69ec6605e6fb58.cloudfront.net (CloudFront)
last-modified: Fri, 17 Jun 2022 10:54:59 GMT
server: AmazonS3
x-amz-cf-pop: LAX50-C2
age: 49211
etag: "24d5d9ae30385d6516dfeab37f10272d"
x-cache: Hit from cloudfront
content-type: image/png
content-length: 22794
x-amz-cf-id: LOO5sNN8c_MJI_woG3zzzvMUdXzgdFzG-Tzz8k1ITSasWtqNQglCJQ==

GET
H/1.1 404
Not Found xframe-min-1.0.js
test-venus-games.flyershares.com/js/ 0
0 509ms
414ms Script
text/html 13.226.210.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://test-venus-games.flyershares.com/js/xframe-min-1.0.js
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: HTTP/1.1
Server: 13.226.210.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-210-29.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 17:20:11 GMT
x-amz-error-code: NoSuchKey
Content-Encoding: gzip
Via: 1.1 41ac07659069c54169d3a2beee4d9f76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LAX50-C1
Transfer-Encoding: chunked
x-amz-error-message: The specified key does not exist.
X-Cache: Error from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2022 06:42:23 GMT
Server: AmazonS3
ETag: W/"c28a27050cdad30c6659953ae856aec7"
Vary: Accept-Encoding
x-amz-error-detail-Key: js/xframe-min-1.0.js
Content-Type: text/html
X-Amz-Cf-Id: ZwIqbQzwuopgfXq1-_D_J8cwcgsGVr48MZJx0Eg9BmHa3R5FoOCuHA==

GET
H/1.1 404
Not Found base.js
test-venus-games.flyershares.com/js/ 0
0 504ms
409ms Script
text/html 13.226.210.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://test-venus-games.flyershares.com/js/base.js
Requested by: Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/
Protocol: HTTP/1.1
Server: 13.226.210.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-210-29.lax50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 24 Feb 2023 17:20:11 GMT
x-amz-error-code: NoSuchKey
Content-Encoding: gzip
Via: 1.1 b837267595110a1135bf4fb036d71e1e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LAX50-C1
Transfer-Encoding: chunked
x-amz-error-message: The specified key does not exist.
X-Cache: Error from cloudfront
Connection: keep-alive
Last-Modified: Wed, 17 Aug 2022 06:42:23 GMT
Server: AmazonS3
ETag: W/"c28a27050cdad30c6659953ae856aec7"
Vary: Accept-Encoding
x-amz-error-detail-Key: js/base.js
Content-Type: text/html
X-Amz-Cf-Id: NZ77i14jJ1VtUmQslU04NPcIBpcD8jX3hWry8o2moF_BoWeyu-DcZQ==

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 365 KB
120 KB 272ms
140ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3976351782814206

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d406c2499361ef01cef5ec8080cc790dc40b652a6d5c7bf8394ed4d181c27300

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122918
x-xss-protection: 0
server: cafe
etag: 1910215726132071384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 17:20:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/ Frame 1A0F 10 KB
5 KB 215ms
64ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3976351782814206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:16:31 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 16:16:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 397 B
603 B 243ms
88ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=test-venus-games.flyershares.com&callback=_gfp_s_&client=ca-pub-3976351782814206

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f48d37efbe6b8af7304b5604c04401229a75ab58d198f3a6991fe826615b292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 232ms
86ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=test-venus-games.flyershares.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 981B 152 KB
26 KB 370ms
368ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3976351782814206&output=html&adk=1812271804&adf=3025194257&lmt=1660718543&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x810_l%7C164x810_r&format=0x0&url=http%3A%2F%2Ftest-venus-games.flyershares.com%2F&ea=0&pra=5&wgl=1&dt=1677259211889&bpp=11&bdt=421&idt=454&shv=r20230222&mjsv=m202302130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=396785752589&frm=20&pv=2&ga_vid=424976620.1677259212&ga_sid=1677259212&ga_hid=2138164429&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31071643%2C31072348%2C31071264%2C31071662&oid=2&pvsid=3468662302418180&tmod=1029348085&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=499

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39ffad4878b20dca9f2a3d58542c8b1ff0a119f3a375d711dfd93b04e258e5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 26172
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 17:20:12 GMT
expires: Fri, 24 Feb 2023 17:20:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/ 150 KB
51 KB 102ms
101ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd7349aae312bc35faad727443a7f8203fc98603c8ee34acf5847bfe974e5252

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52032
x-xss-protection: 0
server: cafe
etag: 6216717472470171456
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 24 Feb 2023 17:20:12 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 88ms
85ms Script
application/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=test-venus-games.flyershares.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame E2D5 10 KB
4 KB 83ms
80ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:16:33 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 16:16:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 3A65 10 KB
4 KB 83ms
81ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:16:33 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 16:16:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/ Frame 18FC 10 KB
4 KB 85ms
68ms Document
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 3820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:16:33 GMT
etag: 10353107486223812946
expires: Fri, 10 Mar 2023 16:16:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame E2D5 243 KB
81 KB 266ms
96ms Script
text/javascript 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2c5d89f381031ab686a9e75514af55ef799ac845324a06bcdef52fa35ab6121b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-mnt-h: 22-psdv
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 24 Feb 2023 17:20:13 GMT
server: Apache
etag: "e802458ea12b66291318de6b3508d6d0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-g05m
timing-allow-origin: *
expires: Fri, 24 Feb 2023 17:25:13 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame E2D5 61 KB
62 KB 406ms
215ms Script
application/javascript 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Fri, 24 Feb 2023 17:20:13 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=12697
access-control-allow-credentials: true
content-length: 62892
expires: Fri, 24 Feb 2023 20:51:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame E2D5 3 KB
1 KB 323ms
141ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:16:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame E2D5 20 KB
9 KB 246ms
65ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:16:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E2D5 158 KB
49 KB 279ms
98ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 17:20:13 GMT

GET
H2 200 nmedianet.js Show response
contextual.media.net/ Frame 3A65 243 KB
81 KB 198ms
94ms Script
text/javascript 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

76dc3f86e787cdcf593d8d0c15b4fe674dea9e0babe6e5bafb6d400e408b8258

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-mnt-h: 22-psdv
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 24 Feb 2023 17:20:13 GMT
server: Apache
etag: "e802458ea12b66291318de6b3508d6d0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: max-age=300
x-mnt-w: 22-g05m
timing-allow-origin: *
expires: Fri, 24 Feb 2023 17:25:13 GMT

GET
H2 200 adperformance.js Show response
warp.media.net/rtb/resource/ Frame 3A65 61 KB
62 KB 203ms
77ms Script
application/javascript 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=604800
date: Fri, 24 Feb 2023 17:20:13 GMT
server: nginx
content-type: application/javascript;charset=ISO-8859-1
cache-control: max-age=12697
access-control-allow-credentials: true
content-length: 62892
expires: Fri, 24 Feb 2023 20:51:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 3A65 3 KB
1 KB 261ms
144ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:16:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 3A65 20 KB
8 KB 189ms
73ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:16:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A65 158 KB
48 KB 310ms
194ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 17:20:13 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 18FC 0
0 98ms
97ms Fetch
text/html 2607:f8b0:4006:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAJH9zPH4Y9zZG5SdvPIPjM-7iAecge-wXOLDuM6jAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NzYzNTE3ODI4MTQyMDbIAQmoAwGqBNoBT9BPgxWiMjX_OfkkVrT8YpKwUdTcjA3va5pMc8lxN62RO3XQRxguEI0YWPMbYdbDOPs_rDgbGaoqTKZjKcPnGmBn_nx0p7UzXCJHo9qnYhEUfJMHa5J1cHqkWZJwl5UjXsCpglGE0qSIsy6mFJ37mhGexIHzL8WqyYR_PFRjbyb1uVaEgjbAETXyDhIH0dTHgyy8P0JU_y4CfwPIi0fC5bxJQRZ9hl85iNf7mwC1jK2m9fI2XwqE7PPlCdECWB5vGhO53BQlqJCFLem6nViR0p3IYn3SBQaYn22ABrSd4fT59uj0RKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM5NzYzNTE3ODI4MTQyMDYYAA&sigh=vyM4hkBm6bo&uach_m=[UACH]&cid=CAQSGwDUE5ymgRExeTYPzy8mUFz3U9pjNnybBiQkABgB

Requested by

Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 24 Feb 2023 17:20:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 24 Feb 2023 17:20:13 GMT

GET
H2 200 notify
rtb.va.us.criteo.com/google/auction/ Frame 18FC 0
0 205ms
66ms Fetch 2620:100:a001::3
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kOK0C836RO0HfOIinRcCAAAAw-kSKtVEhm8Qy_H4Y5jw8wLlf8SNzLsAABIAAAoOQVFVQkNnWUJDZ0VCQ2c&wp=Y_jxzAAG7NwITw6UAA7njPDSg_EQqabB7vDPow

Requested by

Host: test-venus-games.flyershares.com
URL: http://test-venus-games.flyershares.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 334508
content-length: 0

GET
H2 200 afr.php Show response
ads.us.criteo.com/delivery/r/ Frame 70AF 147 KB
48 KB 250ms
121ms Document
text/html 2620:100:a001::24
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.us.criteo.com/delivery/r/afr.php?z=Y_jxzAAG7NwITw6UAA7njPDSg_EQqabB7vDPow&u=%7CoFWf7V8hO0xFGDALwcZQdW%2BKyhP2qZHiY3nu9Vn%2Bc5g%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEadMnLNV8y2A8kf5ODhOBKZ0orjBUbz1qQfGj3y-TxGR2JhVrlZ3N0mkkIqfcKTXWq4pTfX9Z86aKj1lvroxe9XNYO1VyfC_TiiK1-HpmKCx6TwtzR72QekmH2WhLvx6dGq_X3wz-SRY5twW1mXvgYzCp_WseazidU9jqOZhTvomBSAONgAUfqOkaBOZSVR9ZTv29J3x0hwQjv5dy8zWi_8ZII4D4rDmhhK4DqvJfpj7UI0f-WQUE2qAX5IgbhKxruKR7QSAES7voZp59SnmHDnbQxMzFmFO1kBLsWcSOxd4swaENMhE78pTBZET8QHNzB5QysD92dSo962q0kimi36fpY7HYtP2rgAM1_F3BBDr2Fp_ab8I0awAOVy7nAY0heRzLRcBGxPLd6xEOo20CX06S52oY51wODtDdndCR-0UWD1fRSq3rcYLPcytAFa3Kq6J26xv7O9FB2M3RePonaNGPDZayfPzNxGp_xav0MDrbd-Nl8cLy-zKRBUfpCLSAfp8Q9hQicz0iOrhiiw44DzbZRxI9y9aWMt_OS_BQCj4siQwwDWhkVD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXy0SzPH4Y9zZG5SdvPIPjM-7iAecge-wXOLDuM6jAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NzYzNTE3ODI4MTQyMDbIAQmoAwGqBN0BT9BPgxWiMjX_OfkkVrT8YpKwUdTcjA3va5pMc8lxN62RO3XQRxguEI0YWPMbYdbDOPs_rDgbGaoqTKZjKcPnGmBn_nx0p7UzXCJHo9qnYhEUfJMHa5J1cHqkWZJwl5UjXsCpglGE0qSIsy6mFJ37mhGexIHzL8WqyYR_PFRjbyb1uVaEgjbAETXyDhIH0dTHgyy8P0JU_y4CfwPIi0fC5bxJQRZ9hl85iNf7mwC1jK2m9fI2X0iGzGFO-1gCm5cClvjDVdeSlLiMA_F-BqvrW1R2fFHKrNAJn67R1vKABrSd4fT59uj0RKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2hUCyR8YDVTUtt-iGyJJRa471SmQ%26client%3Dca-pub-3976351782814206%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

94ca256a5ba1a7c43b798c7da06cd0fa57fa4a4777946ee08e48eb9e94bc19fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 17:20:13 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=EuMqliT37KaBiIyA5o5bTnhTSivPknl0B5X73VH_o9GgIWpWoumU4Rm4Z5cIzPbLnr6BbYkSMVKb7Yu6U532OoCm-IYkPP2BiKPJMp_lptxKspLJAoz_cqQWoWiC2eDN-QZdSlHk9qr0ig4BI1XqOBOdVaLT2n7AlcC498kavTQNv24--6rWd_Yx9GTTsLqWXezAUca6_7mV1Iw3kZKSuK9POyp1HQqJgzo2NuMzm83pSoFC5X43zZ65iNSDdBjlj-BUFw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 56102957
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 18FC 3 KB
1 KB 241ms
143ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:16:34 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/ Frame 18FC 20 KB
8 KB 182ms
85ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230223/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 16:16:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3819
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 16:16:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18FC 158 KB
48 KB 338ms
242ms Script
text/javascript 2607:f8b0:4006:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 17:20:13 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 70AF 2 KB
1 KB 234ms
67ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=Y_jxzAAG7NwITw6UAA7njPDSg_EQqabB7vDPow&u=%7CoFWf7V8hO0xFGDALwcZQdW%2BKyhP2qZHiY3nu9Vn%2Bc5g%3D%7C&c1=mOd7Dh6zPV-mqNyBk81vPVXtbSVbSPnc5nk0tvTEzNz0heMthhKNqBnL5X5j5iE4S-151UGSHEadMnLNV8y2A8kf5ODhOBKZ0orjBUbz1qQfGj3y-TxGR2JhVrlZ3N0mkkIqfcKTXWq4pTfX9Z86aKj1lvroxe9XNYO1VyfC_TiiK1-HpmKCx6TwtzR72QekmH2WhLvx6dGq_X3wz-SRY5twW1mXvgYzCp_WseazidU9jqOZhTvomBSAONgAUfqOkaBOZSVR9ZTv29J3x0hwQjv5dy8zWi_8ZII4D4rDmhhK4DqvJfpj7UI0f-WQUE2qAX5IgbhKxruKR7QSAES7voZp59SnmHDnbQxMzFmFO1kBLsWcSOxd4swaENMhE78pTBZET8QHNzB5QysD92dSo962q0kimi36fpY7HYtP2rgAM1_F3BBDr2Fp_ab8I0awAOVy7nAY0heRzLRcBGxPLd6xEOo20CX06S52oY51wODtDdndCR-0UWD1fRSq3rcYLPcytAFa3Kq6J26xv7O9FB2M3RePonaNGPDZayfPzNxGp_xav0MDrbd-Nl8cLy-zKRBUfpCLSAfp8Q9hQicz0iOrhiiw44DzbZRxI9y9aWMt_OS_BQCj4siQwwDWhkVD&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXy0SzPH4Y9zZG5SdvPIPjM-7iAecge-wXOLDuM6jAcCNtwEQASAAYMmGgIDco8QQggEXY2EtcHViLTM5NzYzNTE3ODI4MTQyMDbIAQmoAwGqBN0BT9BPgxWiMjX_OfkkVrT8YpKwUdTcjA3va5pMc8lxN62RO3XQRxguEI0YWPMbYdbDOPs_rDgbGaoqTKZjKcPnGmBn_nx0p7UzXCJHo9qnYhEUfJMHa5J1cHqkWZJwl5UjXsCpglGE0qSIsy6mFJ37mhGexIHzL8WqyYR_PFRjbyb1uVaEgjbAETXyDhIH0dTHgyy8P0JU_y4CfwPIi0fC5bxJQRZ9hl85iNf7mwC1jK2m9fI2X0iGzGFO-1gCm5cClvjDVdeSlLiMA_F-BqvrW1R2fFHKrNAJn67R1vKABrSd4fT59uj0RKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2hUCyR8YDVTUtt-iGyJJRa471SmQ%26client%3Dca-pub-3976351782814206%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 70AF 2 KB
1 KB 236ms
69ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 70AF 308 B
636 B 238ms
71ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 70AF 293 B
621 B 236ms
70ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 lg.php
cat.va.us.criteo.com/delivery/ Frame 70AF 43 B
348 B 240ms
74ms Image
image/gif 74.119.119.147
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=mzFg6SYbK_YeYFbqgj_79JZpw3kmfdlWcFt-km5_X_KalFNamvyPEtglacbVPmKailKu5s8PqtChpz7lFq93AwR_T8uRoi6f7RA849Kqz757XVA3FLToxclEvuZWKUZATRArxeb2WERVpqN32dC7Fvwrq-NmODjs0fShVkiwpfWoQuloG7DTY3CU4_wKuraRO3ItK2Lw2x-sbeT_jubfh04yJxBi7uAGASFWM3qa1pQvNotkgm4Lf4oYxs357qEwKreNoCkjB8d7GgX7uUhdF1MmiJkpXO1AFgkWM2U8lrp0Akyp741hRysJOK-eaYBVyrJCBfOxqaFgjaBWWAHCc4ANHUPPsola0EepjoUMINKGTdZ2xhlinmVDglcUHI7sW07aOxYIC7xmP_w7tpCDnAOErjmbyUmC48SMr42rUHdTHC41

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2458138
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 18FC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7548a9a33f2d5b232708c31b094d15fdf0e93202419345c69c7de996c193bff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 roboto-400.css
static.criteo.net/design/googlefont/roboto/ Frame 70AF 2 KB
842 B 165ms
72ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 roboto-700.css
static.criteo.net/design/googlefont/roboto/ Frame 70AF 2 KB
841 B 162ms
71ms Stylesheet
text/css 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-700.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13d-807"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 70AF 12 KB
6 KB 67ms
64ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 70AF 11 KB
11 KB 630ms
132ms Image
image/png 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=244&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F51260%2F210618%2F4770f180cd6042459c9198ca285a12ff_logo_dark.png&v=3&w=464&s=JnV3dTTjNlMZIE_AUE8AUgTA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

48770cd984063034a739c1cd98bc27486c84ed081525cb786663336c7adce424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28726255
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10962
expires: Tue, 23 Jan 2024 04:51:09 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 70AF 74 KB
74 KB 653ms
156ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?h=1200&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F51260%2F210618%2Fd610506d08b745c18ad88ca57901205a_img_horizontal_1.jpg&v=3&w=1200&s=rv-IWstHae07CkwiJsBYJaAQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

0bd2eb895934feed16c230a548055e227d3c577aaa9e41ca8e731a10e709418c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28049799
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 75356
expires: Mon, 15 Jan 2024 08:56:53 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 70AF 6 KB
6 KB 565ms
69ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fimages.menswearhouse.com%2Fis%2Fimage%2FTMW%2FMWTSP19_WED_PSL_FML_TOD_TUX_BLK_MAIN%3Fwid%3D600%26hei%3D600&v=3&w=800&s=5E9tq-JtImlGHS4gr1c5XXyH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

b4e8c5493285ef7d6a4d9da05d13f89db67dd60f0e94324b7d9f69e7774e6bcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5714
expires: Fri, 24 Feb 2023 17:20:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 70AF 6 KB
6 KB 560ms
71ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fimages.menswearhouse.com%2Fis%2Fimage%2FTMW%2FMWTSP19_WED_PSL_FML_1919_MAIN%3Fwid%3D600%26hei%3D600&v=3&w=800&s=K1obXf2a_wvvA-uTNEICutfn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

8bdd89e6e6c7572be4c2ca8421d64c8368eebbd51f636bde6fb24ec435862094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5938
expires: Fri, 24 Feb 2023 17:20:14 GMT

GET
H2 200 img
pix.us.criteo.net/img/ Frame 70AF 5 KB
6 KB 608ms
120ms Image
image/webp 2620:100:a001::a
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=51260&q=80&r=0&u=http%3A%2F%2Fimages.menswearhouse.com%2Fis%2Fimage%2FTMW%2FMWTSP19_WED_PSL_FML_1859_MAIN%3Fwid%3D600%26hei%3D600&v=3&w=800&s=VXJxrd2XEhIjlYf2anTNb86x&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::a , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

7cbfb6aa8bf9bb095edc62de787d5f462fe40e27d8eca2e30789d059768a8443

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5580
expires: Fri, 24 Feb 2023 17:20:14 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 70AF 0
128 B 549ms
59ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.us.criteo.net/all?cppv=3&cpp=EuMqliT37KaBiIyA5o5bTnhTSivPknl0B5X73VH_o9GgIWpWoumU4Rm4Z5cIzPbLnr6BbYkSMVKb7Yu6U532OoCm-IYkPP2BiKPJMp_lptxKspLJAoz_cqQWoWiC2eDN-QZdSlHk9qr0ig4BI1XqOBOdVaLT2n7AlcC498kavTQNv24--6rWd_Yx9GTTsLqWXezAUca6_7mV1Iw3kZKSuK9POyp1HQqJgzo2NuMzm83pSoFC5X43zZ65iNSDdBjlj-BUFw&sds=2&rev=84699&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Feb 2023 17:20:13 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 70AF 2 KB
1 KB 59ms
57ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 70AF 2 KB
1 KB 70ms
68ms Image
image/svg+xml 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ads.us.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:13 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:13 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame F0E8 72 KB
27 KB 128ms
127ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&nse=5&vi=1677259213496334474&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xxgzaqBg&bcpf=B4x8fOnRrolnfOur8xgzaqBg&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01700795180t202302241720&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&htmlsrc=1&isid=294&allsc=FL

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

1aa153c588443a2e11a9d2a1ced44483e0c89c4d2bab1d7a28f9733e90529828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 27487
content-type: text/html
date: Fri, 24 Feb 2023 17:20:14 GMT
expires: Fri, 24 Feb 2023 17:20:14 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-ku4b

GET
H2 200 bping.php
lg3.media.net/ Frame 3A65 35 B
185 B 111ms
69ms Image
image/gif 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=745&&vgd_cdv=880&vgd_cage=1&gdpr=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=225021408&vi=1677259213496334474&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785050&r=1677259213770&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22OmeJL%22%7D&vgd_bid=337998&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1677259213161453998&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_itype_id=17&vgd_pgid=p01700795180t202302241720&vgd_pgids=1&vgd_uspa=0&hvsid=00001677259213766006462152441772&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 24 Feb 2023 17:20:13 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 24 Feb 2023 17:20:13 GMT

GET
H2 200 smtr Show response
contextual.media.net/ Frame 10CD 74 KB
28 KB 239ms
238ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&nse=5&vi=1677259213799845019&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xxgzaqBg&bcpf=B4xxg8fOnRrolnfOur8zaqBg&bdrId=294&bid=339599&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01700795180t202302241720&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&htmlsrc=1&isid=294&allsc=FL

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU5RJ1PV

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Resource Hash

3732adc4771e3260a81955d9432c12e5df66f0814b1ad54b2ea455d012780251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 28156
content-type: text/html
date: Fri, 24 Feb 2023 17:20:14 GMT
expires: Fri, 24 Feb 2023 17:20:14 GMT
pragma: no-cache
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-sc-h: 22-j2pb

GET
H2 200 bping.php
lg3.media.net/ Frame E2D5 35 B
185 B 68ms
68ms Image
image/gif 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lg3.media.net/bping.php?vgd_len=745&&vgd_cdv=880&vgd_cage=1&gdpr=0&prid=8PRVCXX19&cid=8CU5RJ1PV&crid=225021408&vi=1677259213799845019&ugd=4&lf=6&cc=US&sc=FL&lper=100&wsip=170785050&r=1677259213850&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22OmeJL%22%7D&vgd_bid=339599&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=9009&vgd_rakh=1677259213164024980&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_itype_id=17&vgd_pgid=p01700795180t202302241720&vgd_pgids=1&vgd_uspa=0&hvsid=00001677259213846006462152444103&gdpr=0&vgd_l2type=scs_newfl&vgd_end=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 24 Feb 2023 17:20:13 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 24 Feb 2023 17:20:13 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C1EC 26 KB
9 KB 115ms
114ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d6b720541f945be088ad31885efec50cd2441b29f43b38fd87e2facb813a9886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9324
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 17:20:14 GMT
expires: Sun, 26 Feb 2023 17:20:14 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame 3A65 35 B
199 B 119ms
80ms Image
image/gif 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5133&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=COOqZEOnR4MjmHjNniJNeQ&vid=COOqZEOnR4MjmHjNniJNeQ&dn=test-venus-games.flyershares.com&rawDn=test-venus-games.flyershares.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=dover&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-745f5fc68-k9cn7.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=202&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddcQWbGfYNTiMopX_m4RqVbqljAlDI4hDNImYAv0IQGRqsVwP1a2LaaH4gCewCb8AZAE&pexid=ADX-pub-3976351782814206&geoll=false&is_ortb=false&s_ip=172.217.36.138&s_city=atlanta&commit_id=9ad974a0&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-24+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&rtttime=127&pvid=294&prvAccId=225021408&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=25826487203259_500557588_11621109112941&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.400&cbdp=0.224&og_cbdp=0.400&ogbdp=0.4&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.224&dt=O&dbf=1&epc=225021408&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-225021408-8-12&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=91&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1677259212667&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.4&dmm_erpm=true&dmm_ogerpm=false&bcrid=8032948058480&strg=HARMONY&stagid=aswift_0_host&vls=0&scrid=8032948058480&mang=1&pvdTmax=169&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=1&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=160x600&mx_bsProfileRa=-1&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=fQt4PGeR-wS1&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=bcb607dcfa234aa8819ac0fa71526e52&rtime=28.0&wsip=mowx-lite-59cc94fc87-7c2xr&ltime=37.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D1&adtypes=0&adblk=1812271804&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=cid_abk_div&mowxReqId=bcb607dcfa234aa8819ac0fa71526e52_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&dfpDiv=aswift_0_host&feedback_id=COOqZEOnR4MjmHjNniJNeQ&supplyTagId=1812271804&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=37&debug_ts=2023-02-24+17%3A20%3A12&__expireat=1677259812920&mview=1&sc_pvid=319&sc_ogbdp=0.03&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.030&sc_cbdp=0.030&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Fsearch.yahoo.com&rme=adm&bdata=sd2%3Dnull~tt%3D0~iurl_l%3D10~ogerpm%3D0.4~vw_exc%3D0.91~vis_sd%3D581~url_rps_b%3D9.81~dom_b%3D1.28~dc2%3D1~scd%3Dfl~rae%3D0%2C0~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2023022403~iurl_b%3D965.21~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_0_host~MP%3D.*games.*~last%3D~cvog%3D2.82~vis_url_b%3D0.56~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D19%2C20~et%3D27~rc%3D2%2C2~rps_sd%3D2023022410~vis_b%3D688.4~radv%3D0.000%2C0~url_b%3D1.04~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D579~l2r_b%3D1000~erpm%3D0.4~vl2r_url_kc%3D0E0~bm%3D1~rke%3D0%2C0~radp%3D0.000%2C0~sid%3D225021408~sd%3D0~uid%3D2IaGhNSqLkqPfIdBM8~url_rps_kc%3D0~cvl2r_b%3D2.82~btd%3D68618593778045396814077915096312507490352124059576456087657728950287768885877154601391260700246016~d2p_l%3D10~cvl2%3D2.82~3pcf%3D999.62~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D1~ogd2p_b%3D0.96~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D168.58~url_srps_b%3D9.81~CI%3D2856~rkwp%3D0.000%2C0~nts%3D1~MP2%3D.*games.*~tb%3D-1~bss_RVP%3DMB%2CNED~ct%3Ddover~bss_KTW%3DMB%2CNED~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~PF%3D0~isif%3D0~lc%3D2~url_rpc_b%3D0~bid%3D0.4~dc%3D8~url_rps_rv%3D0~vl2r_b%3D3.41~supply_tag_id%3D%7Eviewability%3D0.91%7Eamp%3D1%7Ecbdp%3D0.400%7Edmm%3Dharmony%7Esuid%3D%7Ead_pos%3D%7B%22t%22%3A0%2C%22p%22%3A4%7D%7Edtc%3Deast_sc%7Exid%3DADX-pub-3976351782814206%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D1812271804%7Esobp%3D0.03%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.400%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_0_host%7Edetected_tag_id%3Daswift_0_host%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D160x600~bsb%3D1~bsp%3D-1~tmx%3D169&utime=1311&sf=0&cpr=0.0827958558764117

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: max-age=3600
date: Fri, 24 Feb 2023 17:20:14 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Fri, 24 Feb 2023 23:20:14 GMT

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 9700 26 KB
9 KB 124ms
123ms Document
text/html 23.195.100.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-195-100-26.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d6b720541f945be088ad31885efec50cd2441b29f43b38fd87e2facb813a9886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 9324
content-type: text/html; charset=UTF-8
date: Fri, 24 Feb 2023 17:20:14 GMT
expires: Sun, 26 Feb 2023 17:20:14 GMT
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 clog
hblg.media.net/ Frame E2D5 35 B
199 B 69ms
69ms Image
image/gif 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5080&lper=1&itypeid=17&itype=ADX&cc=US&cid=8CUU9JF8H&reqid=EupNjwYaDAhbQUCKimdH6w&vid=EupNjwYaDAhbQUCKimdH6w&dn=test-venus-games.flyershares.com&rawDn=test-venus-games.flyershares.com&pid=8PR113JGC&ugd=4&fleet=appnexus&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&cliIPV6=2001%3A0550%3A1d05%3A0000%3A0000%3A0000%3A0000%3A0000&cliIPType=v6&coppa_enf=true&lmt_status=N&lmt_applied=N&lmt_enf=true&dnt_enf=false&geo_source=1&sc=FL&ct=dover&pubid=pub-ADX-116310109131&tgtval=pub-ADX-116310109131&csip=rtb-appnexus-745f5fc68-4fbf9.SC&dtc=east_sc&zone=d&ptype=23&tmax=300&xtmax=290&gdpr=0&app=0&sat=1&device_id=4&asn=202&sckfl=0&smbrid=adx-1&usp_status=0&usp_enf=1&gqid=AGJvddcQy2cjegDN-PFnifWsTq6Z9AS8aSyZlwiXw5fL0dYQ-mgTxW2uUazACts97kcx8XeF&pexid=ADX-pub-3976351782814206&geoll=false&is_ortb=false&s_ip=172.217.36.130&s_city=atlanta&commit_id=9ad974a0&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-02-24+00%3A00%3A00&schain_cmpl=1&dummy_vsid=false&amptype=1&second_call=false&supply_cc=US&ipcc=US&rtttime=112&pvid=294&prvAccId=225021408&prvApiId=8CU5RJ1PV&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=116211091&prspt=headerBid&prvReqId=15032045079389_1043117018_11621109112941&reqsize=160x600&size=160x600&chnl=HARMONY&bdp=0.770&cbdp=0.462&og_cbdp=0.770&ogbdp=0.77&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&cat=IAB-3&advUrl=https%3A%2F%2Fsearch.yahoo.com&dfpBd=0.462&dt=O&dbf=1&epc=225021408&s=1&snm=SUCCESS&pcrid=8CU5RJ1PV-225021408-8-26&tpbTkn=false&exid=31&bidflr=0.010&pbidflr=0.010&opbidflr=0.010&spbf=0&viewability=92&slotVisibility=1&adpos=1&iframingState=0&sbdrid=196&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Ckbb_se%3D1%7Cdbr%3D1%7Ctpi%3D1&mnrf=0&ortbseat=BID_API&brsrclk=0&bidrestime=1677259212659&fpuReq=1&bfs=103&acsn=1&ybnca_erpm=0.77&dmm_erpm=true&dmm_ogerpm=false&bcrid=8032948058480&strg=HARMONY&stagid=aswift_3_host&vls=0&scrid=8032948058480&mang=1&pvdTmax=177&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=1111111&mx_epbc=8CU5RJ1PV&mx_SPRIG=2&mx_bsBucket=1&mx_ssProfile=0&mx_int_dsp_id=32&mx_sua_os_n=Windows+NT&mx_lr=0&mx_TAS=1&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_sua_os_v=10.0&mx_bsBucketRa=1&mx_sid=8CUU9JF8H&mx_SC=0&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=1&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_sua_model=x64&mx_tgs=160x600&mx_bsProfileRa=-1&mx_IAB2=2&mx_bss_algos%3C%3E=0%23%233&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=5&mx_isLossNtf=false&mx_bsProfile=-1&mx_ssBucket=0&mx_TAF=3&mx_nids%3C%3E=fQt4PGeR-wS1&mx_gpid_sent=false&mx_commit_id=bca7e990d9&acid=fa199402211244f59d12c28d894eb16b&rtime=21.0&wsip=mowx-lite-59cc94fc87-khrt2&ltime=30.0&act=headerBid&abs=0%7C0%7Cxtmax%3D290%7Cbrr%3D0&adtypes=0&adblk=1812271803&impId=1&reftime=0&reftype=0&keywordSellerId=false&psrc=cid_abk_div&mowxReqId=fa199402211244f59d12c28d894eb16b_1&policy_enf=2&pub_blk_enf=1&renderer=0&ifst=0&ifdp=0&media=0&native_asset=0&req_mtype%3C%3E=0&vcmplrt=-1.0&ctr=-1.0&rfc=-1&dfpDiv=aswift_3_host&feedback_id=EupNjwYaDAhbQUCKimdH6w&supplyTagId=1812271803&mnrfc=-1&viewability_vendor=EXCHANGE&actltime=31&debug_ts=2023-02-24+17%3A20%3A12&__expireat=1677259812912&mview=1&sc_pvid=319&sc_ogbdp=0.04&sc_adj0=0.0&sc_adj1=0.0&sc_adj2=0.0&sc_prspt=headerBid&sc_bdp=0.040&sc_cbdp=0.040&sc_cat=IAB-3&sc_advUrl=https%3A%2F%2Ftopics.businessfocus.online&rme=adm&bdata=sd2%3Dnull~iurl_l%3D10~ogerpm%3D0.77~vw_exc%3D0.92~vis_sd%3D581~url_rps_b%3D9.82~dom_b%3D1.28~dc2%3D1~scd%3Dfl~v_asn%3D9009~dom_l%3D20~vl2r_sd%3D2023022403~iurl_b%3D965.21~url_tkc%3D0~url_r2a_b%3D0~std%3Daswift_3_host~MP%3D.*games.*~last%3D~cvog%3D4.23~vis_url_b%3D0.56~ip%3DYodHkpfn9ykifa4PYmsEM~fbb%3D0~vis_url_l%3D0~riipua%3D19%2C20~et%3D19~rc%3D1~rps_sd%3D2023022410~vis_b%3D807.74~radv%3D0.000%2C0~url_b%3D0.8~vl2r_url_b%3D0~vl2r_url_vi%3D1E-16~url_tvi%3D0~url_l%3D10~gcat%3D-1~bb%3D196~vv%3D0~cvl2r_sd%3D579~l2r_b%3D1000~erpm%3D0.77~vl2r_url_kc%3D0E0~bm%3D1~sid%3D225021408~sd%3D0~uid%3D2IaGj4HnzWmmQLo4J1~url_rps_kc%3D0~cvl2r_b%3D4.23~btd%3D68618593809874083959125647614908007799268102960259012978337284540566678361047336524450830644412416~d2p_l%3D10~cvl2%3D4.23~3pcf%3D769.12~uim%3D0~dmm_strg%3Dharmony~d2p_b%3D1~ogd2p_b%3D0.96~ss%3DNA~cc%3DUS~uiw%3D-1~ce%3D0~rps_b%3D153.69~url_srps_b%3D9.83~CI%3D2856~nts%3D1~MP2%3D.*games.*~tb%3D-1~bss_RVP%3DMB%2CNED~ct%3Ddover~bss_KTW%3DMB%2CNED~rkwd%3D0.000%2C0~basis2%3D196~basis1%3D196~isRef%3D0~PF%3D0~isif%3D0~lc%3D2~url_rpc_b%3D0~bid%3D0.77~dc%3D8~url_rps_rv%3D0~vl2r_b%3D8.05~supply_tag_id%3D%7Eviewability%3D0.92%7Eamp%3D1%7Ecbdp%3D0.770%7Edmm%3Dharmony%7Esuid%3D%7Ead_pos%3D%7B%22t%22%3A1%2C%22p%22%3A4%7D%7Edtc%3Deast_sc%7Exid%3DADX-pub-3976351782814206%7Edalg%3D%7Ehtml%3D1%7Eadblk%3D1812271803%7Esobp%3D0.04%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.770%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3Daswift_3_host%7Edetected_tag_id%3Daswift_3_host%7Edcut%3D40%7Edogb%3D0-1~ibc%3D1~nsz%3D1~tgs%3D160x600~bsb%3D1~bsp%3D-1~tmx%3D177&utime=1404&sf=0&cpr=0.3289987148163027

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: max-age=3600
date: Fri, 24 Feb 2023 17:20:14 GMT
strict-transport-security: max-age=86400 ; includeSubDomains
server: Apache
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=21600
content-length: 35
expires: Fri, 24 Feb 2023 23:20:14 GMT

GET
H2 200 roboto-400-latin.woff2
static.criteo.net/design/googlefont/roboto/ Frame 70AF 15 KB
16 KB 230ms
114ms Font
application/octet-stream 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/roboto/roboto-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/roboto/roboto-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/roboto/roboto-400.css
Origin: https://ads.us.criteo.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:14:19 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f13b-3d80"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 19 Feb 2024 17:20:14 GMT

GET
H2

200

cksync
cs.media.net/ Frame C1EC
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwMjYwODE0MTUyNDQyNDAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1

237 B
638 B

205ms
179ms

Image
image/gif

23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-60-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 17:20:14 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Fri, 24 Feb 2023 17:20:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 17:20:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync
cs.media.net/ Frame 9700
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzIwMjYwODE0MTUyNDQyNDAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1

237 B
638 B

220ms
194ms

Image
image/gif

23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUU9JF8H&prvid=99%2C77%2C20000%2C294%2C262%2C460%2C461%2C462%2C4%2C313%2C10000%2C459%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol: H2
Server: 23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-64-60-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 17:20:14 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 237
x-mnet-hl2: E
expires: Fri, 24 Feb 2023 17:20:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Feb 2023 17:20:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEK3m8Jp52NaVEodC0uUDxq4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame F0E8 15 B
169 B 76ms
71ms Script
text/javascript 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=4765&&vgd_canary=0&vgd_l2type=scs_newfl&fp=rBe3GF7lUxM5tut4951vrVGzXJIWaimZfnQCm7XSkENehcByssmoDak7oHmaQJQ0I0yMhz9AvG5V4F7DIVkJEu8yxR88okctphMmVji-ctA8hSXsyxMi8qAYJQXd4LZ0H70CJLNN2YfWsW2hsIPGPaplNSR7a6rDs-oVkqM3J5Q%3D&cme=pE4EoYOxtg_J0NSPLMn4Ri-fSe4pdGvhiqmqdmcZ3hE46AQnlNaiBZdNg89AEm-rm-8KOWl1uBbGSCobTrepllhNipqj_YAfG2kmTVqLLtho9dMpaFrPvHxVfS7HhY3TGRw09K7vlw-L7_YMG2LUqSNQ1S9JymiBLqMlnqFQPI7QkiSz0b4BgAFUKrd8BNndpBICyH44Y3ZeNFMhmqu8xg3W6Uhu3VUFE4Tab_PjBIA%3D%7C%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISO6KvMoHAxOz35YejMtY6JqaiTKHmH5JtBM4_OBohFqxpcnF0XVDjZ%7C3JILsqPsLe-tSR-5QNnqTOXg1LQWHNsLOJOA70ua4pTso0IT3bBOl69hiUa3oSrRMgQ6_hC3v7MBCoKiQEbbLskP0sMLwRtz5BcZxcIkmD2wx-EouuGtGlgs6kGg0wlOM4HeEihSjKY%3D%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7C&subBdr=196&bdrid=294&ksu=224&fdkt=110&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Call+Center+Softwares+Solution+Info+Online&kwt[]=110&kbc[]=null&kwp[]=1&kid[]=350406931&kbc2[]=&ktd[]=&kwd[]=HVAC+Programs+Cost+Online&kwt[]=110&kbc[]=null&kwp[]=2&kid[]=350407008&kbc2[]=&ktd[]=&kwd[]=Top+Email+Marketing+Software+Online&kwt[]=110&kbc[]=null&kwp[]=3&kid[]=350407055&kbc2[]=&ktd[]=&kwd[]=Mobile+Phone+Service+Provider&kwt[]=110&kbc[]=null&kwp[]=4&kid[]=19457591&kbc2[]=&ktd[]=&kwd[]=Best+Cloud+Based+Storage+Softwares&kwt[]=110&kbc[]=null&kwp[]=5&kid[]=330278536&kbc2[]=&ktd[]=&kwd[]=Affordable+Glasses+Online&kwt[]=110&kbc[]=null&kwp[]=6&kid[]=326675454&kbc2[]=&ktd[]=&kwd[]=Best+Protein+Snack+Bars+To+Buy&kwt[]=110&kbc[]=null&kwp[]=7&kid[]=350406949&kbc2[]=&ktd[]=&kwd[]=Top+Rated+Business+CRM+Softwares&kwt[]=110&kbc[]=null&kwp[]=8&kid[]=350407063&kbc2[]=&ktd[]=&kwd[]=Fleet+Maintenance+Software+Solution&kwt[]=110&kbc[]=null&kwp[]=9&kid[]=350406995&kbc2[]=&ktd[]=&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774754&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22OmeJL%22%7D&cid=8CU5RJ1PV&vi=1677259213496334474&vsid=3202608141524479&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=81303&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&vgd_l1rakh=1677259213161453998&tsrc=entity&sttm=1677259213766&upk=1677259214.17885&hvsid=00001677259213766006462152441772&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=8032948058480&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D9009&vgd_vstrid=3202608141524479&vgde_bdata=QOfvzxjj~77v9~8xLjMjvu9~myJLEYv9.H~eBMJ-Nv9.iu~e8QMQOvXWu~xLjMLEQMGvi.Wu~OmYMGvu.fW~ONfvu~QNOvkj~L1Jv9%2C9~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9ffH9A~8xLjMGviFX.fu~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7M9MwmQ7~c0v.*y1YJQ.*~j1Q7v~Nemyvf.Wf~e8QMxLjMGv9.XF~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vui%2Cf9~J7vfh~LNvf%2Cf~LEQMQOvf9fA9ffHu9~e8QMGvFWW.H~L1Oev9.999%2C9~xLjMGvu.9H~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvXhi~jfLMGvu999~JLEYv9.H~ejfLMxLjMUNv949~GYvu~LUJv9%2C9~L1OEv9.999%2C9~Q8OvffX9fuH9W~QOv9~x8OvfV1ZwIb%20TU%200kVORcW~xLjMLEQMUNv9~NejfLMGvf.Wf~G7OvFWFuWXiAhhW9HXAiFWuH9hhiuX9iFAufX9hHi9AXfufH9XiXhFHXF9WhFXhhfWiX9fWhhFWWWXWhhuXHF9uAiufF9h99fHF9uF~OfEMjvu9~Nejfvf.Wf~AENkviii.Ff~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvuFW.XW~xLjMQLEQMGvi.Wu~%3DVvfWXF~LUBEv9.999%2C9~z7Qvu~c0fv.*y1YJQ.*~7Gvou~GQQMD%2F0vcR%2CI4r~N7vOmeJL~GQQMC_pvcR%2CI4r~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~0sv9~8Q8kv9~jNvf~xLjMLENMGv9~G8Ov9.H~ONvW~xLjMLEQMLev9~ejfLMGvA.Hu~QxEEj5M71yM8Ov~e8JB1G8j875v9.iu~1YEvu~NGOEv9.H99~OYYvw1LYmz5~Qx8Ov~1OMEmQv%7B%227%22%3A9%2C%22E%22%3AH%7D~O7NvJ1Q7MQN~-8OvKrtoExGoAihFAXuhWfWuHf9F~O1jyv~w7Yjvu~1OGjUvuWuffhuW9H~QmGEv9.9A~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.H99~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7M9MwmQ7~OJ7JN7JOM71yM8Ov1QB8k7M9MwmQ7~ONx7vHX~OmyGv9ou~8GNvu~zQlvu~7yQvuF9-F99~GQGvu~GQEvou~7Y-vuFi&vgd_bhv_kbb=1&vgd_cfud=220919&vgd_scsver=410&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001677259213766006462152441772&rc=0&rand=1677259214563&acid=bcb607dcfa234aa8819ac0fa71526e52&matm=1677259214564&vgd_ltimesrc=1&vgd_ltime=1315&vgd_rtime=1308&vgd_etm=18&vgd_l1hcsd=Spsdv%7C1211&vgd_l1ch=1&vgd_lhl=3060&vgd_pgid=p01700795180t202302241720&vgd_csip=rtb-appnexus-745f5fc68-k9cn7.SC&vgd_sbSup=1&vgd_nrrs=81303&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&nse=5&vi=1677259213496334474&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xxgzaqBg&bcpf=B4x8fOnRrolnfOur8xgzaqBg&bdrId=294&bid=337998&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01700795180t202302241720&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&htmlsrc=1&isid=294&allsc=FL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 24 Feb 2023 17:20:14 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Fri, 24 Feb 2023 17:20:14 GMT

GET
H2 200 bql.php Show response
lg3.media.net/ Frame 10CD 15 B
169 B 89ms
86ms Script
text/javascript 23.64.60.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lg3.media.net/bql.php?vgd_len=6104&&vgd_canary=0&vgd_l2type=scs_newfl&fp=rBe3GF7lUxM5tut4951vrVGzXJIWaimZfnQCm7XSkENehcByssmoDak7oHmaQJQ0I0yMhz9AvG5V4F7DIVkJEu8yxR88okctphMmVji-ctA8hSXsyxMi8qAYJQXd4LZ0H70CJLNN2YfWsW2hsIPGPWV6wv3OTlj52YAo2A9atus%3D&cme=auiS1wLCKAv0AYxrZBFN-znp8C6HbJqQypy3q1FgYgj_deNwqFublLmhnJqz44oI7IbWpQvVc73wtTcdrXScaioJ7ZO9RvsHFDN0LSwtpIzpnOatvXZVEC_ib-xg-ca7BNfNk2z2hHtw8KXNnFO5ot2WDX9GxQGeqHCsmSaKqpFLOl9mpm74zwgCvj6anJIPNweb2cQ6PBEGLOC5RqqDrYdVeLyMz5W2Va-c3g1ua9_Ny4HIyis2vQ%3D%3D%7C%7Cu8A6SM53vAcxkZY9VHWafLSuY-HKDieQ%7CJwgYdc1KQkFA0AkMtcoUY9olDV92JfOo%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7CxDcVMoSqRISO6KvMoHAxOz35YejMtY6JqaiTKHmH5JtBM4_OBohFqxpcnF0XVDjZ%7C2DqGTGo8vObbh5tESD75O_QqGWAoq_Bm8czx2Lime6S-fVGJPUO5Z3IzBwTQKKKKBBgqBVj25iwbOwdy0hLplV1Xowtv_KTU7Xdsg9yW2a03S6j0BvEbsK3yzh182neRXcy7-FiwdMT5T2i291wWJVDmK85vQytWARqIxUuZmTB9fzOPqWR_CTUZHuaKrITxyAzksSktsdv0dNGBIKauvsAkZSGzv4nBSFnbB4eaqnJ_UsVvAZhhC0PfOJL2sIo-yUUhucLaMiQ%3D%7C&subBdr=196&bdrid=294&ksu=355&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Free+Dental+Implants+for+Seniors&kwt[]=391&kbc[]=1262905965&kwp[]=1&kid[]=329795848&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D6.84%7C2%3D14.25%7Cps%3D0.394%7C3%3D1.32%7C4%3D5.00&ktd[]=274894881024&ktrkt[]=Free+Dental+Implants+for+Seniors&kwd[]=Immediate+Driver+Jobs&kwt[]=391&kbc[]=1262905965&kwp[]=2&kid[]=321454930&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D1.39%7C2%3D7.17%7Cps%3D0.394%7C3%3D0.93%7C4%3D3.17&ktd[]=274894881024&ktrkt[]=Immediate+Driver+Jobs&kwd[]=Make+an+Appointment+for+a+Passport&kwt[]=391&kbc[]=1262905965&kwp[]=3&kid[]=351066980&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D2.20%7C2%3D6.86%7Cps%3D0.394%7C3%3D0.72%7C4%3D5.00&ktd[]=274894881024&ktrkt[]=Make+an+Appointment+for+a+Passport&kwd[]=HUD+Houses+for+Rent&kwt[]=391&kbc[]=1262905965&kwp[]=4&kid[]=99049621&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D3.10%7C2%3D5.41%7Cps%3D0.394%7C3%3D0.28%7C4%3D3.29&ktd[]=274894881024&ktrkt[]=HUD+Houses+for+Rent&kwd[]=Best+Ways+to+Invest+in+Gold&kwt[]=391&kbc[]=1262905965&kwp[]=5&kid[]=316482289&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.62%7C2%3D9.39%7Cps%3D0.394%7C3%3D1.40%7C4%3D5.00&ktd[]=274911658240&ktrkt[]=Best+Ways+to+Invest+in+Gold&kwd[]=Mobile+App+Developers&kwt[]=391&kbc[]=1262905965&kwp[]=6&kid[]=316624966&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.36%7C2%3D10.21%7Cps%3D0.394%7C3%3D1.16%7C4%3D4.14&ktd[]=274911658240&ktrkt[]=Mobile+App+Developers&kwd[]=Best+Nutritious+Dog+Foods&kwt[]=391&kbc[]=1262905965&kwp[]=7&kid[]=350406945&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D5.39%7C2%3D11.14%7Cps%3D0.394%7C3%3D0.95%7C4%3D4.37&ktd[]=274894881024&ktrkt[]=Best+Nutritious+Dog+Foods&kwd[]=Cheap+Used+Cars+Under+%24500&kwt[]=391&kbc[]=1262905965&kwp[]=8&kid[]=329968412&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D6.46%7C2%3D10.36%7Cps%3D0.394%7C3%3D0.88%7C4%3D3.99&ktd[]=274894881024&ktrkt[]=Cheap+Used+Cars+Under+%24500&kwd[]=Best+Live+TV+Streaming+Services&kwt[]=391&kbc[]=1262905965&kwp[]=9&kid[]=329864655&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C1%3D0.48%7C2%3D3.56%7Cps%3D0.394%7C3%3D0.45%7C4%3D1.74&ktd[]=274894881024&ktrkt[]=Best+Live+TV+Streaming+Services&v=1&geo=40.8%7C-73.97&dlper=20&lper=100&lpid=&tsid=2&hint=&cc=US&wsip=170774914&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQ8E%22%3A%22f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999%22%2C%22QQNN%22%3A%22Pb%22%2C%22QQQN%22%3A%22sT%22%2C%22QQN75%22%3A%22OmeJL%22%7D&cid=8CU5RJ1PV&vi=1677259213799845019&vsid=3202608141524424&tdAdd[]=asnum%3D9009&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=11&vgd_adpref_diff=110&vgd_fm_lang=EN&vgd_implt=3&vgd_cage=1&vgd_l3_sc=FL&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUU9JF8H&vgd_hb_audit_2=116211091&vgd_katbid=-102&vgd_pdtid=1&vgd_nrrv=81303&vgd_nrrmf=1000c80a&vgd_nrrsf=scrr&vgd_cty=new+york&vgd_ifrmode=14&vgd_l1rakh=1677259213164024980&tsrc=entity&sttm=1677259213846&upk=1677259214.8360&hvsid=00001677259213846006462152444103&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=8032948058480&vgd_isiolc=1&vgd_fcm_enc_mis=1&kbbq=%26asn%3D9009&vgd_vstrid=3202608141524424&vgde_bdata=QOfvzxjj~8xLjMjvu9~myJLEYv9.hh~eBMJ-Nv9.if~e8QMQOvXWu~xLjMLEQMGvi.Wf~OmYMGvu.fW~ONfvu~QNOvkj~eM1Qzvi99i~OmYMjvf9~ejfLMQOvf9fA9ffH9A~8xLjMGviFX.fu~xLjM7UNv9~xLjMLf1MGv9~Q7Ov1QB8k7MAMwmQ7~c0v.*y1YJQ.*~j1Q7v~NemyvH.fA~e8QMxLjMGv9.XF~8Ev3mOqUEkzi5U8k1H03YQ4c~kGGv9~e8QMxLjMjv9~L88Ex1vui%2Cf9~J7vui~LNvu~LEQMQOvf9fA9ffHu9~e8QMGvW9h.hH~L1Oev9.999%2C9~xLjMGv9.W~ejfLMxLjMGv9~ejfLMxLjMe8vu4ouF~xLjM7e8v9~xLjMjvu9~yN17vou~GGvuiF~eev9~NejfLMQOvXhi~jfLMGvu999~JLEYv9.hh~ejfLMxLjMUNv949~GYvu~Q8OvffX9fuH9W~QOv9~x8OvfV1ZdHqzlpYYgTmH6u~xLjMLEQMUNv9~NejfLMGvH.fA~G7OvFWFuWXiAW9iWhH9WAiXiufXFHhFuHi9W99hhiifFWu9fiF9fXi9ufihWAAhfWHXH9XFFFhWAFu9HhAAFXfHHX9WA9FHHHufHuF~OfEMjvu9~NejfvH.fA~AENkvhFi.uf~x8Yv9~OYYMQ7Lyvw1LYmz5~OfEMGvu~myOfEMGv9.iF~QQvIK~NNvPb~x8Bvou~NJv9~LEQMGvuXA.Fi~xLjMQLEQMGvi.WA~%3DVvfWXF~z7Qvu~c0fv.*y1YJQ.*~7Gvou~GQQMD%2F0vcR%2CI4r~N7vOmeJL~GQQMC_pvcR%2CI4r~LUBOv9.999%2C9~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~0sv9~8Q8kv9~jNvf~xLjMLENMGv9~G8Ov9.hh~ONvW~xLjMLEQMLev9~ejfLMGvW.9X~QxEEj5M71yM8Ov~e8JB1G8j875v9.if~1YEvu~NGOEv9.hh9~OYYvw1LYmz5~Qx8Ov~1OMEmQv%7B%227%22%3Au%2C%22E%22%3AH%7D~O7NvJ1Q7MQN~-8OvKrtoExGoAihFAXuhWfWuHf9F~O1jyv~w7Yjvu~1OGjUvuWuffhuW9A~QmGEv9.9H~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.hh9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov1QB8k7MAMwmQ7~OJ7JN7JOM71yM8Ov1QB8k7MAMwmQ7~ONx7vH9~OmyGv9ou~8GNvu~zQlvu~7yQvuF9-F99~GQGvu~GQEvou~7Y-vuhh&vgd_bhv_kbb=1&vgd_cfud=220919&vgd_scsver=410&vgd_optout=0&vgd_scr_h=1200&vgd_scr_w=1600&vgd_dma=528&vgd_ect=4g&vgd_dtc=east_sc&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&tdAdd[]=uiparams%3D&vgd_uspa=0&vgd_sc=FL&vgd_l1rhst=contextual.media.net&hvsid=00001677259213846006462152444103&rc=0&rand=1677259214610&acid=fa199402211244f59d12c28d894eb16b&matm=1677259214610&vgd_ltimesrc=1&vgd_ltime=1428&vgd_rtime=1425&vgd_etm=18&vgd_l1hcsd=Spsdv%7C1211&vgd_l1ch=1&vgd_lhl=2972&vgd_pgid=p01700795180t202302241720&vgd_csip=rtb-appnexus-745f5fc68-4fbf9.SC&vgd_sbSup=1&vgd_nrrs=81303&vgd_cntrdt=SF%7Cgoogleads.g.doubleclick.net&vgd_eadm=1&vgd_end=1

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU5RJ1PV&cpcd=h3e9byNxz1TnUQgxXfdhiw%3D%3D&crid=225021408&size=160x600&cc=US&chnm=HARMONY&pid=8POJ4N28G&tpid=TMF5G1T&https=1&vif=2&requrl=http%3A%2F%2Ftest-venus-games.flyershares.com&nse=5&vi=1677259213799845019&lw=1&ugd=4&adt1=8CUU9JF8H&adt2=116211091&itid=17&bae=B4xxgzaqBg&bcpf=B4xxg8fOnRrolnfOur8zaqBg&bdrId=294&bid=339599&ntv=0&matchstring=hr%3D0%7C&sff=0&katpre=1&katbid=-102&pgid=p01700795180t202302241720&essld=f99u%3A9XX9%3AuO9X%3A9999%3A9999%3A9999%3A9999%3A9999~Pb~sT~OmeJL&htmlsrc=1&isid=294&allsc=FL

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.64.60.21 Edison, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-64-60-21.deploy.static.akamaitechnologies.com

Software

Resource Hash

c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600

Request headers

accept-language: en-US,en;q=0.9
Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=21600
date: Fri, 24 Feb 2023 17:20:14 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 15
expires: Fri, 24 Feb 2023 17:20:14 GMT

POST
H2 200 all
csm.us.criteo.net/ Frame 70AF 0
127 B 59ms
58ms Ping
text/plain 2620:100:a001::16
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.us.criteo.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 24 Feb 2023 17:20:14 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 95ms
94ms XHR
application/json 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230222&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e3c99146533bebac289c7aaa91bdc8395bf2fea654b28305d52381c4df830ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11107
x-xss-protection: 0

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 18FC 42 B
174 B 89ms
87ms Fetch
image/gif 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsui170IIkJJrHNpTgdObmESyD6EldI4bsVSsFTiuRCjyCk1l2d-iAFa0KEmG0S0A_FUNcUYcLkpcAPkpqboM_oHsubQ&sig=Cg0ArKJSzM9No60Org5VEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=632,1001,1001,1001,1001&tos=632,369,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1677259213073&rpt=891&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 17:20:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 94ms
91ms Script
text/javascript 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302130101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 17:20:15 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FCE3 13 KB
5 KB 80ms
68ms Document
text/html 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 3817
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:16:38 GMT
expires: Sat, 24 Feb 2024 16:16:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C434 783 B
1 KB 1122ms
88ms Document
text/html 2607:f8b0:4006:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba1d72d0eaf23ebc8be25869efc2ca775567e0806618b127b86e1a0151bbb95a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8J65-jNgzVzPVjpLpAI8Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://test-venus-games.flyershares.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-8J65-jNgzVzPVjpLpAI8Cw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 17:20:16 GMT
expires: Fri, 24 Feb 2023 17:20:16 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js Show response
pagead2.googlesyndication.com/bg/ Frame FCE3 36 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tZsXipaSZXHHcL3TzAhvrOIdSpwDyJfWMGTb_6xT6xM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 18:19:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 169229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14406
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 18:19:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C434 0
0 86ms
84ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230222&jk=3468662302418180&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FCE3 0
10 B 66ms
65ms Image
text/plain 2607:f8b0:4006:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nkteDw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80e::2001 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:20:16 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
87ms Image
text/html 2607:f8b0:4006:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230222&jk=3468662302418180&bg=!nJ-ln8vNAAZYlHKzeJQ7ADkAdvg8WqMejfs7-tV-7L8ANTqVQ1dKWvLLlJF9uArIA0AsaR8yGEswilbzFnA2kas_OAQIEPpJYMYCAAAAn1IAAAAEaAEHmQK4cUbb-r_72_jnHQYt_uUEoUQhQo9zfFWBysM0D71Uxai-V59rR1blpjRokutQm9fl1N0OR4VnxxT85iIuHvBGqhUqHm3qJUdAIC7ENTJomS1OBQrA0uGcSjY_Z0tqVi8lzb13_VBqGDEmj80J6O56bXYyC4eolGSrE3MhsLMs9dT-IFl1G8e2kxa8mlYO9sesX5NVam77-0-3OjDfkT9FbcW2ZYg-oQ3C4x-4iujE0mtuusB_qr8hAhP9ebuze6cSgFogcGT2kIT8Q10BAs5RVfq_1tToi28pJfgLoVbGvPphnQso-zdTb5h3Xix5JkAfn1twKYlIEAnDxh3Ofm0_BRyaUoNW4iiwoyt0ubaV4fTLvOHWlO6ZcL5iHd-0BK4joZnZA791z3-8KWaeYgp1Af6wqk5O5kZ_9dAxnwdXoHh5nbIj93ujhkBvPAcGdyKMa5CY6PkfP5NjlMsK0U3XE5pQ_nzv7QUEPSoM_5B6SVXvm5wh_tE1tGJ_SdBeyJIIr_nuTEGst7N3RMGjcVsY5vEq1o-5J1zA6dClGMudMpO7Rf7zQp11sEQPP07--RDbz6gJBxMgt6lgDX732-I4ojo2d_SmWWKvtGMeGU8sMYhAU6kOhx7XRNw8I4cSqVYj7nARnBiPEMYlIiGVJ_7S01uPbw3xoum9O7oz9clLCIeFnie58TJsroH82DjczyRkieFaaWojv22F1TA1n5kXWcPLTq7s-tAbm48VSmdXPMEDso3cOydU4NpYzfzS8kOpJvi8idDaX8dbH_RXyx7f9AINiRc5o8KwwM0J8AOV6yGxOm0CAoL8ptUaAmx8TbOmGjF-ANotV3TqB0HBwQxr3TYyEHkD8s1AseGI_34J4vl8gw32BaDZBUxhdLHB88yaZrSrfKz88oZsJCVk6HthihOIFW9ZsYI7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80d::2002 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: http://test-venus-games.flyershares.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.flyershares.com/	1970-01-20 19:15:55	Name: __gads Value: ID=ab18cf552858321c-228c953b71de0016:T=1677259212:RT=1677259212:S=ALNI_MbCAk844lMjEtT0EEbjcijxdMwN3g
.flyershares.com/	1970-01-20 19:15:55	Name: __gpi Value: UID=000009bc8efeeb9d:T=1677259212:RT=1677259212:S=ALNI_Ma6gFa2k6MMAbu8UryWynqk1g7qog
.doubleclick.net/	1970-01-20 19:30:19	Name: IDE Value: AHWqTUm2nVJ1niWXrF99sY6P-pnzwSTC5zNAuJJQP_xzVkyTJTOC4WIpsM8lHCNcYRw
.media.net/	1970-01-20 18:39:55	Name: visitor-id Value: 3202608141524424000V10
.media.net/	1970-01-20 10:14:28	Name: data-g Value: CAESEK3m8Jp52NaVEodC0uUDxq4~~6

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://test-venus-games.flyershares.com/css/base.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://test-venus-games.flyershares.com/js/base.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://test-venus-games.flyershares.com/js/xframe-min-1.0.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230222/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.us.criteo.com
adservice.google.com
cat.va.us.criteo.com
cm.g.doubleclick.net
contextual.media.net
cs.media.net
csm.us.criteo.net
googleads.g.doubleclick.net
hblg.media.net
lg3.media.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.us.criteo.net
rtb.va.us.criteo.com
static.criteo.net
test-venus-games.flyershares.com
tpc.googlesyndication.com
venus-games.flyershares.com
warp.media.net
www.google.com
www.googletagservices.com
13.226.210.29
13.226.225.50
142.251.40.162
23.195.100.26
23.64.60.21
2607:f8b0:4006:809::2002
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80e::2001
2607:f8b0:4006:80e::2004
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81f::2002
2620:100:a001::16
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::a
74.119.119.147
091221dc361a250f5592841cf9cf00efdb51a7ad2526dac1cc88828de23fbee3
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bd2eb895934feed16c230a548055e227d3c577aaa9e41ca8e731a10e709418c
0be2f747353abfdc4c43b6adf52150d3fee6121e6d06750af3b74b7a6b0c1dbf
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
1aa153c588443a2e11a9d2a1ced44483e0c89c4d2bab1d7a28f9733e90529828
1e4dbff1c9c997c63392fd4214673882dc04f2641a2a4322b48a91ecfb5ec1f3
1f8f155c5a6bdc5920ea4f837594cd5b897e9a446961e59a5430b4ed43ac5ae9
2c5d89f381031ab686a9e75514af55ef799ac845324a06bcdef52fa35ab6121b
2d4873f5a10703244d8023f9d3b7e9f8e9a2119d10952401ebde017c58f20a1d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3732adc4771e3260a81955d9432c12e5df66f0814b1ad54b2ea455d012780251
39ffad4878b20dca9f2a3d58542c8b1ff0a119f3a375d711dfd93b04e258e5eb
3d70bd12d14ab789e142caae2d0fcc2e74e8fc8e2c1038925978b20cf3585470
48770cd984063034a739c1cd98bc27486c84ed081525cb786663336c7adce424
49330dbdf50dc3440d871a2408c7ec4fec185d62e419fd9960000cd8eed78950
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee16135b08dd0597292ad77ea9169c65bae83347e3a899124cfbdb6ca4f5311
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b522fd8e29ae54a3b42c4c80647686f448741d4d2d7279b8518e87aada8ca9e
5f48d37efbe6b8af7304b5604c04401229a75ab58d198f3a6991fe826615b292
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6695936c4757615b4d0f3d8432212e1125fa1634ee70c7db5ec281a33982f353
687a67b2dfd577d42ad5cc2d9bf9cb93189e604210611669d525194dce4ccd2c
711dbbc8d1a3448016603b50900ea239e5172a1ed44980e1f3e0c77710b4dfe6
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76dc3f86e787cdcf593d8d0c15b4fe674dea9e0babe6e5bafb6d400e408b8258
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7cbfb6aa8bf9bb095edc62de787d5f462fe40e27d8eca2e30789d059768a8443
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
89bbd001b50160a29f8992974f4de5cfa7677e4936cb4075d26575a994ef0952
8bdd89e6e6c7572be4c2ca8421d64c8368eebbd51f636bde6fb24ec435862094
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94ca256a5ba1a7c43b798c7da06cd0fa57fa4a4777946ee08e48eb9e94bc19fd
99667cbc6af4446dc09a8cea227a1834303ec37891931ee8884e9c18798bd08c
9bc085c0ed56a4135764461a164acca1563af62abcb2b2913fd11e44094f06da
9bed081d2136712bd74fc55233dbe07a42b5ce1427df1685385326294b663e59
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e3c99146533bebac289c7aaa91bdc8395bf2fea654b28305d52381c4df830ce
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b4e8c5493285ef7d6a4d9da05d13f89db67dd60f0e94324b7d9f69e7774e6bcd
b59b178a96926571c770bdd3cc086face21d4a9c03c897d63064dbffac53eb13
ba1d72d0eaf23ebc8be25869efc2ca775567e0806618b127b86e1a0151bbb95a
bafbf12e8686a98054bc57a5e8b7eb27c1cfc3a103944878a141ab66b21ed3bb
bd7349aae312bc35faad727443a7f8203fc98603c8ee34acf5847bfe974e5252
c6bdd002d23dcb0adbd87e3518bdd994de73818a0f0f502707986301b9fbc404
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
d406c2499361ef01cef5ec8080cc790dc40b652a6d5c7bf8394ed4d181c27300
d6b720541f945be088ad31885efec50cd2441b29f43b38fd87e2facb813a9886
d7548a9a33f2d5b232708c31b094d15fdf0e93202419345c69c7de996c193bff
d916ce74fd827d280f43f3d415a4f9b31b7b900efc31aed9d4448fcfd7d23747
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3bd93baf2d7ea7fe404497a78897e9300a56e1ef8e452cdd29c0156b2ff3aa5

test-venus-games.flyershares.com Open in urlscan Pro 13.226.210.29 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

85 Requests

91 %HTTPS

67 %IPv6

9 Domains

21 Subdomains

18 IPs

1 Countries

2560 kBTransfer

4116 kBSize

5 Cookies

0 Outgoing links

Redirected requests

85 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

test-venus-games.flyershares.com Open in urlscan Pro
13.226.210.29 Public Scan

Screenshot
Live screenshot

Full Image

85
Requests

91 %
HTTPS

67 %
IPv6

9
Domains

21
Subdomains

18
IPs

1
Countries

2560 kB
Transfer

4116 kB
Size

5
Cookies

85 HTTP transactions
1 data transactions