revanced.io Open in urlscan Pro
2606:4700:3037::6815:48a7 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://revanced.io/youtube/
Submission: On August 05 via manual (August 5th 2023, 5:36:24 am UTC) from VN — Scanned from DE

Summary HTTP 39 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 5 domains to perform 39 HTTP transactions. The main IP is 2606:4700:3037::6815:48a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is revanced.io.
TLS certificate: Issued by GTS CA 1P5 on June 15th 2023. Valid for: 3 months.

This is the only time revanced.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2606:4700:303... 2606:4700:3037::6815:48a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
39	8

9 2606:4700:3037::6815:48a7 (United States)

ASN13335 (CLOUDFLARENET, US)

revanced.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724 www.google.com — Cisco Umbrella Rank: 3	61 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	213 KB
9	revanced.io revanced.io	109 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54	11 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	601 B
39	5

	Domain	Requested by
14	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	revanced.io	revanced.io
7	pagead2.googlesyndication.com	revanced.io pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
39	7

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
github.com
f-droid.org

Subject Issuer	Validity	Valid
revanced.io GTS CA 1P5	`2023-06-15` - `2023-09-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://revanced.io/youtube/
Frame ID: 4C7B179DB7DAD5B7509BA45562F0964A
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html
Frame ID: 47EC89AFDD60283AAC7D92226F197E26
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2324766438985638&output=html&adk=1812271804&adf=3025194257&lmt=1691115154&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frevanced.io%2Fyoutube%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691213780432&bpp=3&bdt=172&idt=223&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3648621133367&frm=20&pv=2&ga_vid=1971676808.1691213781&ga_sid=1691213781&ga_hid=1001788911&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076685&oid=2&pvsid=472623287632957&tmod=941558073&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: 7CCA227BCFAA4C9D4546BADF95027CB0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2324766438985638&output=html&h=280&adk=2851840666&adf=1206251953&pi=t.aa~a.3976150887~i.13~rp.4&w=768&fwrn=4&fwrnh=100&lmt=1691115154&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3268965972&ad_type=text_image&format=768x280&url=https%3A%2F%2Frevanced.io%2Fyoutube%2F&fwr=0&pra=3&rh=192&rw=768&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691213780796&bpp=3&bdt=536&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2a89dd58d23af315-2267e408bae700c3%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MZIBiwEzA06UtYwyZUaQv6GcSKSOA&gpic=UID%3D00000c4c310dd0b4%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MbD5d0hEumhb7dsubsScSQHnJNfXA&prev_fmts=0x0&nras=2&correlator=3648621133367&frm=20&pv=1&ga_vid=1971676808.1691213781&ga_sid=1691213781&ga_hid=1001788911&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076685&oid=2&pvsid=472623287632957&tmod=941558073&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cLgHQxhGfX&p=https%3A//revanced.io&dtd=133
Frame ID: 59B935F04466243348AC3013743B1D18
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2324766438985638&output=html&h=280&adk=2851840666&adf=815129325&pi=t.aa~a.3976150887~i.15~rp.4&w=768&fwrn=4&fwrnh=100&lmt=1691115154&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3268965972&ad_type=text_image&format=768x280&url=https%3A%2F%2Frevanced.io%2Fyoutube%2F&fwr=0&pra=3&rh=192&rw=768&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691213780796&bpp=2&bdt=536&idt=2&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2a89dd58d23af315-2267e408bae700c3%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MZIBiwEzA06UtYwyZUaQv6GcSKSOA&gpic=UID%3D00000c4c310dd0b4%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MbD5d0hEumhb7dsubsScSQHnJNfXA&prev_fmts=0x0%2C768x280&nras=3&correlator=3648621133367&frm=20&pv=1&ga_vid=1971676808.1691213781&ga_sid=1691213781&ga_hid=1001788911&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=3745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076685&oid=2&pvsid=472623287632957&tmod=941558073&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=heHUhUEWm2&p=https%3A//revanced.io&dtd=141
Frame ID: 112BC1507EF7251D3DC890EFC18FA42E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 036A7C6E0D07E0BBB51A7F7BEF775A8E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7AAA568BEDA9D53F955BE7CBA5587867
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

YouTube ReVanced 18.29.38 [Download Latest APK] 2023MagiskMagisk

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

39
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

395 kB
Transfer

1082 kB
Size

4
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.youtube.com/premium
Title: YouTube Premium features

Search URL Search Domain Scan URL

URL: https://github.com/NoName-exe
Title: NoName-exe

Search URL Search Domain Scan URL

URL: https://github.com/j-hc/
Title: j-hc

Search URL Search Domain Scan URL

URL: https://github.com/j-hc/revanced-magisk-module/releases/download/20220882/youtube-revanced-v18.23.35-all.apk
Title: DOWNLOAD (General)

Search URL Search Domain Scan URL

URL: https://github.com/NoName-exe/revanced-extended/releases/download/69/youtube-revanced-extended-v18.29.38-all.apk
Title: DOWNLOAD (Extended)

Search URL Search Domain Scan URL

URL: https://github.com/j-hc/revanced-magisk-module/releases/download/20220882/youtube-revanced-magisk-v18.23.35-all.zip
Title: MagiskDOWNLOAD (General)

Search URL Search Domain Scan URL

URL: https://github.com/NoName-exe/revanced-extended/releases/download/69/youtube-revanced-extended-magisk-v18.29.38-all.zip
Title: MagiskDOWNLOAD (Extended)

Search URL Search Domain Scan URL

URL: https://github.com/j-hc/revanced-magisk-module/releases/download/20220878/mindetach-v3.3.zip
Title: MinDetach Module

Search URL Search Domain Scan URL

URL: https://github.com/reisxd
Title: reisxd

Search URL Search Domain Scan URL

URL: https://f-droid.org/packages/com.termux/
Title: Termux from F-Droid

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
revanced.io/youtube/ 124 KB
30 KB 124ms
77ms Document
text/html 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 155846f1b801975f5ea83783c5130c351cd5989380072f1ceeb3b2dd792259e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-apo-via: origin,no-cache
cf-cache-status: BYPASS
cf-edge-cache: cache,platform=wordpress
cf-ray: 7f1cae8e19324d67-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 05 Aug 2023 05:36:20 GMT
last-modified: Fri, 04 Aug 2023 02:12:34 GMT
link: <https://revanced.io/wp-json/>; rel="https://api.w.org/", <https://revanced.io/wp-json/wp/v2/posts/1557>; rel="alternate"; type="application/json", <https://revanced.io/?p=1557>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vC0djINTZ6azdQJgie6VtaXh%2B26Le5Yxvb%2F0dUOtQ%2FVxhHrTUjBtDSzXgqFLSNFAqBRHB5wIoHa%2BPM8DtanNEFDpsAiiKLxB8kJULKSvY7QkPmhNGADSX0M0UNyD2kBNcYr5mRMeswonBA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-cache: HIT
x-ua-compatible: IE=edge

GET
H2 200 jquery.min.js Show response
revanced.io/wp-includes/js/jquery/ 88 KB
32 KB 24ms
21ms Script
application/javascript 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 04:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64386
etag: W/"64251601-15ed7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ht%2BLX1IzvndXZ%2BctvRo3hvwGtn2F8bfOpQTQhJHOOrX697w853MNl1SguuZTA4c0iUIHLVB%2Bx3nOc8%2FOpRaJVkZeBrkt9iLIJHwgvAjr%2BzF0VBjg1SPHYqQlNFDhdkSOr4SIAZeAF1V2zA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7f1cae8eb9c04d67-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 11:43:14 GMT

GET
H2 200 jquery-migrate.min.js Show response
revanced.io/wp-includes/js/jquery/ 13 KB
5 KB 21ms
19ms Script
application/javascript 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Mar 2023 04:54:25 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64386
etag: W/"64251601-3470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1I%2FAWbzTDFZXqpIebS0mRsuY2LyDD4D553UD4aPd9vvp2w3ayt%2FVw4s1sC2nj8l7Oh5c0VhGjWGWYyQDONlIIK%2Bdx786rV0Wm40%2BnFnsYT09VtLb7voZgUAYkFfB4I4hVFGlTRwHyAsS0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7f1cae8eb9c24d67-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 11:43:14 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
50 KB 118ms
57ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2324766438985638

Requested by

Host: revanced.io
URL: https://revanced.io/youtube/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6449a48726b8d9c2d9e50e35fbbe0ca40241a43f1cdbd5db72a005e24c42ae4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
Origin: https://revanced.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51129
x-xss-protection: 0
server: cafe
etag: 11536952005602417015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 05:36:20 GMT

GET
H2 200 front.min.js Show response
revanced.io/wp-content/plugins/table-of-contents-plus/ 6 KB
3 KB 20ms
16ms Script
application/javascript 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2302
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 05:33:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64386
etag: W/"64aa46ba-180f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lRhSIj7WhyQMb5YZDJQk5ee5i24bBF0oz13EDZh63o5nRA%2B9Fn3dCE7b3giqZUEJBIqf99sbsqORHGKJfejS69npt9JOCAKnZDlIHy%2B9DKU66nvMOh6mG4yU8YzjrD46JnBWHw1ITdnHmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7f1cae8ec9df4d67-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 11:43:14 GMT

GET
H2 200 menu.min.js Show response
revanced.io/wp-content/themes/generatepress/assets/js/ 7 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.3.0
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 09 Jul 2023 05:33:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64386
etag: W/"64aa46bb-1b3f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPLQAdItEQ5n0sraLyG12YYaVyekjAVdFNWnwz6VQDTZTFrJkSnonFrvn7dcGGwegvknYfeh18y7DkP2Y8NzRYSqe5T8wCWrcZA2muMDPC0H5EyCWg7GSKVNZqjv5JmW5%2FNbfQXpd7pz6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7f1cae8ec9e04d67-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 11:43:14 GMT

GET
H2 200 heartbeat.js Show response
revanced.io/wp-content/plugins/wp-rocket/assets/js/ 0
310 B 18ms
16ms Script
application/javascript 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/wp-content/plugins/wp-rocket/assets/js/heartbeat.js?ver=3.14.2.1
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64386
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Fri, 21 Jul 2023 05:06:44 GMT
server: cloudflare
etag: "64ba1264-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cnzk9uRcfB29nQfGPkhEBG5jla%2BVX6y4g58UDGmDAtzTRSn53On9kFialmftLAZer3JpO%2F25sYZoSiE4fBvuOZqbNex5St4S%2FHpeWv5RXP3K7i5O9kxhCQxy6CH4B%2BXpP9jFUIrC%2FLXuYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f1cae8ec9e14d67-FRA
expires: Sat, 03 Aug 2024 11:43:14 GMT

GET
H2 200 lazyload.min.js Show response
revanced.io/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 9 KB
3 KB 20ms
18ms Script
application/javascript 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://revanced.io/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 21 Jul 2023 05:06:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 64386
etag: W/"64ba1264-22bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kza3psvAnyvgY0Wcc14o0OpenDupLWzx58%2F3j4ejccVjQxIT9UZaePqCQl%2BSvV%2BYZmGheUv8%2BaW1WkDIwU%2BqmAgH7V4Iep6eFefCnYUWP2v%2Fa8hjlBq7yan2KeqtRv8b8eHCvUjEiVfg%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 7f1cae8ec9e24d67-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 03 Aug 2024 11:43:14 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44ba0a5042684e9fe93e212729ffd897147e97389a4b471b646966e7d500bd16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa8e76d95cfcfd6e651f0e5ffc8cb54494b24bd55794a80728f7ca638e680e1e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 revanced-icon.webp
revanced.io/wp-content/uploads/2023/02/ 21 KB
22 KB 15ms
15ms Image
image/webp 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revanced.io/wp-content/uploads/2023/02/revanced-icon.webp
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cd8230193267bf72ca46cf222326c8a01cc78d6a7ab4d391815152ac73c7e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 64900
alt-svc: h3=":443"; ma=86400
content-length: 21530
last-modified: Sun, 09 Jul 2023 05:33:47 GMT
server: cloudflare
etag: "64aa46bb-541a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xq2TV5Ok%2FgxuSAyF7ZuK%2BEdwiXCRGKK1XbgJE1Fd3uh9%2BM44MnOiJlPOQshhLGgqI9%2BGkydjqAWnC9ch7flOPaD6nNYEQP7Y%2BOd19lyRjNhUbUZ8OdFqK010qMTOZ3CupGsBLPbQHtgTiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f1cae8f4b201c9d-FRA
expires: Sat, 03 Aug 2024 11:34:40 GMT

GET
H3 200 download-youtube-revanced-apk-latest-version-for-android-1024x576.webp
revanced.io/wp-content/uploads/2023/07/ 12 KB
12 KB 23ms
22ms Image
image/webp 2606:4700:3037::6815:48a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://revanced.io/wp-content/uploads/2023/07/download-youtube-revanced-apk-latest-version-for-android-1024x576.webp
Requested by: Host: revanced.io
URL: https://revanced.io/youtube/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8057a1bfef3b2019e4061f4acc1196ad8d3f881d3a03683ad69bdf41496a20fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/youtube/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 62696
alt-svc: h3=":443"; ma=86400
content-length: 11978
last-modified: Sun, 09 Jul 2023 16:48:07 GMT
server: cloudflare
etag: "64aae4c7-2eca"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNPmmgtAsg8%2Bs6MDtKmV6TxJteWoX4Ev5Hh3PRhq2iJ8Aocz4LlyimoT%2Bq0x3aHjobthWeNrqXcF91GTa0fE87fP9uffKwaxSL5pnJ%2BwhlI5m3v3BkZISRkURzFi0G8bQR3SKE10hO1lcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f1cae8f4b231c9d-FRA
expires: Sat, 03 Aug 2024 12:11:24 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/ 371 KB
125 KB 127ms
88ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2324766438985638

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd55e2252d79281f8766245b5ecbd115ebce885f0dc80e2ad5661655cf757755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128125
x-xss-protection: 0
server: cafe
etag: 1401890219549543784
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 05 Aug 2023 05:36:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/ Frame 47EC 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230802/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2324766438985638

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38903
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 18:47:57 GMT
etag: 12368291122986407432
expires: Fri, 18 Aug 2023 18:47:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
601 B 53ms
21ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=revanced.io&callback=_gfp_s_&client=ca-pub-2324766438985638

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54b7d75b2863ade96b0a21fa58e78ee29b258f3009a0d9dc716ee67bf020984d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7CCA 19 KB
6 KB 65ms
65ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2324766438985638&output=html&adk=1812271804&adf=3025194257&lmt=1691115154&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Frevanced.io%2Fyoutube%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691213780432&bpp=3&bdt=172&idt=223&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3648621133367&frm=20&pv=2&ga_vid=1971676808.1691213781&ga_sid=1691213781&ga_hid=1001788911&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076685&oid=2&pvsid=472623287632957&tmod=941558073&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8630355b81832e3af63b5af39a2d7d3c4245a2ae0f38ac4f876336e37b7fdfcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5686
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 05:36:20 GMT
expires: Sat, 05 Aug 2023 05:36:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-2324766438985638 Show response
fundingchoicesmessages.google.com/i/ 150 KB
50 KB 94ms
43ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-2324766438985638?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

826131f14b199c22f4e4cc833fd6db108bc26a30f632c72f0a7a19e13356ff55

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Gb1DtiRCN_C_qhdCofeGTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-Gb1DtiRCN_C_qhdCofeGTw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 59B9 430 B
231 B 72ms
72ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2324766438985638&output=html&h=280&adk=2851840666&adf=1206251953&pi=t.aa~a.3976150887~i.13~rp.4&w=768&fwrn=4&fwrnh=100&lmt=1691115154&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3268965972&ad_type=text_image&format=768x280&url=https%3A%2F%2Frevanced.io%2Fyoutube%2F&fwr=0&pra=3&rh=192&rw=768&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691213780796&bpp=3&bdt=536&idt=-M&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2a89dd58d23af315-2267e408bae700c3%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MZIBiwEzA06UtYwyZUaQv6GcSKSOA&gpic=UID%3D00000c4c310dd0b4%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MbD5d0hEumhb7dsubsScSQHnJNfXA&prev_fmts=0x0&nras=2&correlator=3648621133367&frm=20&pv=1&ga_vid=1971676808.1691213781&ga_sid=1691213781&ga_hid=1001788911&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=3414&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076685&oid=2&pvsid=472623287632957&tmod=941558073&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=cLgHQxhGfX&p=https%3A//revanced.io&dtd=133

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

683a8b4e17f6f3a192041bc6eb315e8857b111e35f9250c9f039944880213e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 05:36:20 GMT
expires: Sat, 05 Aug 2023 05:36:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 112B 430 B
231 B 63ms
63ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2324766438985638&output=html&h=280&adk=2851840666&adf=815129325&pi=t.aa~a.3976150887~i.15~rp.4&w=768&fwrn=4&fwrnh=100&lmt=1691115154&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=3268965972&ad_type=text_image&format=768x280&url=https%3A%2F%2Frevanced.io%2Fyoutube%2F&fwr=0&pra=3&rh=192&rw=768&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691213780796&bpp=2&bdt=536&idt=2&shv=r20230802&mjsv=m202308010102&ptt=9&saldr=aa&abxe=1&cookie=ID%3D2a89dd58d23af315-2267e408bae700c3%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MZIBiwEzA06UtYwyZUaQv6GcSKSOA&gpic=UID%3D00000c4c310dd0b4%3AT%3D1691213780%3ART%3D1691213780%3AS%3DALNI_MbD5d0hEumhb7dsubsScSQHnJNfXA&prev_fmts=0x0%2C768x280&nras=3&correlator=3648621133367&frm=20&pv=1&ga_vid=1971676808.1691213781&ga_sid=1691213781&ga_hid=1001788911&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=416&ady=3745&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C44759875%2C44759926%2C31076685&oid=2&pvsid=472623287632957&tmod=941558073&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=heHUhUEWm2&p=https%3A//revanced.io&dtd=141

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

426a0a4eaeb9652af8deb53b6294d315e6471d31b5cd0acbfaae60f4369fb8bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 05:36:20 GMT
expires: Sat, 05 Aug 2023 05:36:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxUv3V-Y2YgZS0I4oTqEiKGSfmUtgFX3UgjNN3CVP_MN4gMe9MNbd17O92eeVF5SIHC8cmbPea10YJQkPQQMzU74MAh4bWQ0lc5OLmGbNfnXaEhOgKURr8MWHuyh_TXliNWvdE6snA== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUv3V-Y2YgZS0I4oTqEiKGSfmUtgFX3UgjNN3CVP_MN4gMe9MNbd17O92eeVF5SIHC8cmbPea10YJQkPQQMzU74MAh4bWQ0lc5OLmGbNfnXaEhOgKURr8MWHuyh_TXliNWvdE6snA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMjEzNzgwLDk0MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9yZXZhbmNlZC5pby95b3V0dWJlLyIsbnVsbCxbWzgsIjhCWGFqcElBOU1VIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.8BXajpIA9MU.es5.O/d=1/rs=AJlcJMwt3i__N0QVqCE2pIUJSUqPLmKdWw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecfd207c83481c94bc568e85276c07d04b5f1c0238eca963dcd8cc72ef812912

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-f-96hcLmtrvvXmeqeJxx7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:20 GMT
content-security-policy: script-src 'report-sample' 'nonce-f-96hcLmtrvvXmeqeJxx7Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXqU55rUG4qgiITxEK_Co9UN_wrmYTisCy_FpJJhumV3rc7f9nwgHC63yomkwgnpG0l5rfwsD5OzlzHeCTgkhVxwxJVda_twzr0DzBqORKv3tDPnOnNlPWiNLSjzoaQSRDEOD4Olw== Show response
fundingchoicesmessages.google.com/f/ 13 KB
6 KB 48ms
48ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXqU55rUG4qgiITxEK_Co9UN_wrmYTisCy_FpJJhumV3rc7f9nwgHC63yomkwgnpG0l5rfwsD5OzlzHeCTgkhVxwxJVda_twzr0DzBqORKv3tDPnOnNlPWiNLSjzoaQSRDEOD4Olw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMjEzNzgwLDk5MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcmV2YW5jZWQuaW8veW91dHViZS8iLG51bGwsW1s4LCI4QlhhanBJQTlNVSJdLFs5LCJkZSJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fbf85a5f5e8acc4daeef8e1fcd0554514972e5028c0485fa54991af0890d98b8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lTdXMmZMygXmhbEFGxcoLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:21 GMT
content-security-policy: script-src 'report-sample' 'nonce-lTdXMmZMygXmhbEFGxcoLw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 64ms
64ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230802&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

609fbba3b258307617b6bc0634bbd0acf586c9c213c765154efedb879a629aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11806
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 69ms
23ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308010102/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 05 Aug 2023 05:36:21 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 036A 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 47449
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Aug 2023 16:25:32 GMT
expires: Sat, 03 Aug 2024 16:25:32 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7AAA 783 B
1 KB 46ms
22ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d605072aefaa473623ff169b8f4107c8dbdd7bd7f3c032e516904976626c30d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7ulYZlo_pKn94FoTvlNVew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://revanced.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-7ulYZlo_pKn94FoTvlNVew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 05 Aug 2023 05:36:21 GMT
expires: Sat, 05 Aug 2023 05:36:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 036A 37 KB
14 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60514
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 03 Aug 2024 12:47:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7AAA 0
0 92ms
91ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230802&jk=472623287632957&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 036A 0
10 B 59ms
59ms Image
text/plain 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bHC5Ng
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
45ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230802&jk=472623287632957&bg=!ysmlyZ3NAAZGOVy5Zjk7ADkAdvg8WupPS8OhtOva5gU-FRR-czdyyz2Bk64wGYYmuKXNlhAHxiRNOTHh_KcPPkZvkL0t3udrNSECAAAAY1IAAAAJaAEHCgCQ0QhWAjFrNhuulKvau9GJS_qK2rC7D7oqJs9uqaqzxs9NtIcHO7cxDbZmrcF125K7he_U3FhEbKzN4LmCx1pFc8qdJqSl40YxgPQIGQLBXv5yhi4VrBdVL01DUEIJvo_SH-h5TINUrOAV3eyVLnGGzcOS6jYyT67htBoWC3vpx0Pf8RyqGr9YIWwQcu-e-sgPmQKlcbsvmsuUFbdIEAcfFErCpP_1XgNEHZrTgCJ8-ZnIbFRpRm04cwXFy4ATGNbmVt6NNGwrpcVT_U2ot2OiWkyKACvg73cnzgpOQXJJCg7m8rddADCaXndLeBDX9yqgr_KqeB0axc1RZYLkwFoNUmiJ6LfbOHo0Rh56edLDT6zzo1DWmsX4jXN-GQMyV1IeAsNt4aLMxqjVCqRICBTQnIqjDaoBOgfFqgVnhcyhkMmQMQUn8A2IvsAao8Vjvpccinw0VjCSbJ2xg9vy5qMwQLeWuKlgXZHz82Ju6DAMzUKt-RRrG7DvHZmLhh7rUKMXlPcJB6AhyT_quB5pcuSSCbaHXHftQrg5wgzwtzHRmVSdPo9b7NDdDXtdYbhCy7Cb7U8T6peZAhQSyil8DCtxPHdi7dUUUAlsj4uL8aMr3pyQksCrLDmjkInw3tU8OruXKYwEdqN6wD-6RN1ynbUn6c5PH3hi4IZgitASUbVbpARXm2X3pwVIIqKCZx903VwVdd3AMLPEdL2Fvd6sMmgRNuY0-JJLs09eICb_iTKaZz7LnRj_rIr52YrWXVwt_Tbfq426KcK-y3z8xJWf0Q23yw9xEezaEom4rbZ4kOE-5ozhPIuIT37fKn4yeFb8VLxAOFkdeih3aSs-0XpU2ly5oMin_kWR2rDc-e2jjVvsQW4wa5C7-ALR_rYZNZbcjrx3lPjtW1lWcDkwoL_4FA6zwKGEOpBGVpKatvaR6zYuOskKPuR5pdLbK4PFPnauVi5uZR8NiP5mLzT9Eb8W7SAbMNq7bxwJC6A1sz5HNK61NsRYyj6N8c4ywLul8kHjlEli53pTe4WPPx0QM3QLtIBa2dWYBCXJiBw5C3AsROwOebDPoXoaMDv_erwpxFVk_eFCeEneJZBy5MU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 27ms
27ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=3.8946589937658773

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7klNZiGGSIAoG0pGj2Ym6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-7klNZiGGSIAoG0pGj2Ym6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 px.gif
fundingchoicesmessages.google.com/img/ 43 B
68 B 64ms
63ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.518895968408854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PTRVOqZRSE4VMSUX6_sEgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-PTRVOqZRSE4VMSUX6_sEgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 44ms
20ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pqcsmjeZN_7sYE2eUAe8zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-pqcsmjeZN_7sYE2eUAe8zA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revanced.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sprintf- Show response
fundingchoicesmessages.google.com/f/AGSKWxVj7SP0hRY6bq7wbCDLKFq0nGVdkNxYID4J1XozOaNLn5iqyQUtan9x1bh4pZlxX9MyXbQvC_TN8v1FadMA3vCx3_u1fSEcDSWY2IwrDPfAN8pm_GFKjNZl91pCJ1nbfS2D20kYg166B_G2F2BhYpCjwa3ED... 54 B
109 B 26ms
25ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVj7SP0hRY6bq7wbCDLKFq0nGVdkNxYID4J1XozOaNLn5iqyQUtan9x1bh4pZlxX9MyXbQvC_TN8v1FadMA3vCx3_u1fSEcDSWY2IwrDPfAN8pm_GFKjNZl91pCJ1nbfS2D20kYg166B_G2F2BhYpCjwa3EDWvd_yzQwPmDv9mUNIFo1OxORhd8LYz2/_&advert_/cads-min.js/adstreamjscontroller._mainad./adv/sprintf-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.8BXajpIA9MU.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwt3i__N0QVqCE2pIUJSUqPLmKdWw/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a28b61d3cfdf9142a983b8272fb7f9093b0768ec33a0b81c2b3c962bc2868b39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Y_nvg4mqv1y9kReUr3SEiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-Y_nvg4mqv1y9kReUr3SEiQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
67 B 9ms
8ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 15:04:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52331
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
server: cafe
etag: 13036835877489095579
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Aug 2023 15:04:11 GMT

POST
H3 204 AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 17ms
17ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UluiGe33dnknebDeGdYHlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-UluiGe33dnknebDeGdYHlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://revanced.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 50ms
50ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S7pIIC_8vKV-slpBr8TiHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-S7pIIC_8vKV-slpBr8TiHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revanced.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 42ms
41ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fNBrVTMkQFSev0GAu7ydbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-fNBrVTMkQFSev0GAu7ydbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revanced.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 55ms
55ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX3O_9HrRXpFsruyL5LhBFFDVwf_wRmb7ywNF7GdoOIDbZna6BZCNcGm_4Zs_bvYQPgT7DFHu_Re_tQgxu1htL19k-IzndAjsbIucerILjz6NRDcaLN46oEq1xgbmn6VkpVxaelBQ==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YRPxkoH57jJlVhenhO0vSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YRPxkoH57jJlVhenhO0vSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revanced.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AGSKWxXZdikrP9VDkh_UzgHNkc7Juzn8vvLWdE6Cg2xpudKumtfeaCmosHDQTMfUe1cIos2G64UIUmWlesik5VLsMLWTM-bRR-Tthxnvc9AWxHDv5e9bESJY2CD-TMZSTDIRVz8T-PSpag== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 45ms
45ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXZdikrP9VDkh_UzgHNkc7Juzn8vvLWdE6Cg2xpudKumtfeaCmosHDQTMfUe1cIos2G64UIUmWlesik5VLsMLWTM-bRR-Tthxnvc9AWxHDv5e9bESJY2CD-TMZSTDIRVz8T-PSpag==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxMjEzNzgyLDc0MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9yZXZhbmNlZC5pby95b3V0dWJlLyIsbnVsbCxbWzgsIjhCWGFqcElBOU1VIl0sWzksImRlIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37ce51503dcc001673b43da91ba4bb16160d3b5c3a9e9122637c290063e2fec0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1x7IskVrz7La2OVbxhtw4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://revanced.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1x7IskVrz7La2OVbxhtw4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVoOpALIVYTJTU6UaGgjuol-UgKGEoXTipBfsDHc9-v5EBQc7pzwQaJnKRLROsA7NYycI1rvWlRITKplFyfPFbXAWS9J7rSBvA6Z8l2A_stBMh1Wdt6f-okqM7dJZ13OfYVMjuAYg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 24ms
23ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVoOpALIVYTJTU6UaGgjuol-UgKGEoXTipBfsDHc9-v5EBQc7pzwQaJnKRLROsA7NYycI1rvWlRITKplFyfPFbXAWS9J7rSBvA6Z8l2A_stBMh1Wdt6f-okqM7dJZ13OfYVMjuAYg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i7xpnObjFNQWGJiPK4iUzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-i7xpnObjFNQWGJiPK4iUzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://revanced.io
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 AGSKWxVd7lf2drqS7AOkNGS3myuvhvXsko_MfQcYfRVx6TY1neRxXZhIcX51m4Xf1UgR_rrhRooJvsrGGWVRKahC9YZeU6zXimL6WYV3xYmR-bndmdopNG9m0MZxkZ37al1n5fVAAXHGpg== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 55ms
55ms XHR
text/html 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxVd7lf2drqS7AOkNGS3myuvhvXsko_MfQcYfRVx6TY1neRxXZhIcX51m4Xf1UgR_rrhRooJvsrGGWVRKahC9YZeU6zXimL6WYV3xYmR-bndmdopNG9m0MZxkZ37al1n5fVAAXHGpg==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a6YG-jvg3pbzU-jhLZXJbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://revanced.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 05 Aug 2023 05:36:22 GMT
content-security-policy: script-src 'report-sample' 'nonce-a6YG-jvg3pbzU-jhLZXJbA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: https://revanced.io
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

67 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.revanced.io/	1970-01-20 23:08:29	Name: __gads Value: ID=2a89dd58d23af315-2267e408bae700c3:T=1691213780:RT=1691213780:S=ALNI_MZIBiwEzA06UtYwyZUaQv6GcSKSOA
.revanced.io/	1970-01-20 23:08:29	Name: __gpi Value: UID=00000c4c310dd0b4:T=1691213780:RT=1691213780:S=ALNI_MbD5d0hEumhb7dsubsScSQHnJNfXA
.doubleclick.net/	1970-01-20 23:22:53	Name: IDE Value: AHWqTUk4t2i8vf5yFac22JZC0s6lbRZc4A_yxjivuuBqEQgc8gEGC4q7IxACpSKpkDE
.revanced.io/	1970-01-20 22:32:29	Name: FCNEC Value: %5B%5B%22AKsRol_RvbuNSbH7GdtpijETXc0W_q8wrECwGS-mrSoEqYmWdmvIvgAyHSrMZgb2-XiQbmD2xIRh-ez8_Xkp4wr1ZDFjC6BZl2977ZwQZTLCXkhXxU9wZuMwKkPAT3ac6W_6dVCVlqPD2eAcbiNrz4Nw21zF8MakYQ%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
revanced.io
tpc.googlesyndication.com
www.google.com
2606:4700:3037::6815:48a7
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:812::200e
2a00:1450:4001:81c::2001
155846f1b801975f5ea83783c5130c351cd5989380072f1ceeb3b2dd792259e7
174066535cb768d1715ae34808cd4e83f16f23715524bfff79db8860e8c03296
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
37ce51503dcc001673b43da91ba4bb16160d3b5c3a9e9122637c290063e2fec0
426a0a4eaeb9652af8deb53b6294d315e6471d31b5cd0acbfaae60f4369fb8bf
44ba0a5042684e9fe93e212729ffd897147e97389a4b471b646966e7d500bd16
54b7d75b2863ade96b0a21fa58e78ee29b258f3009a0d9dc716ee67bf020984d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
609fbba3b258307617b6bc0634bbd0acf586c9c213c765154efedb879a629aa8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6449a48726b8d9c2d9e50e35fbbe0ca40241a43f1cdbd5db72a005e24c42ae4e
683a8b4e17f6f3a192041bc6eb315e8857b111e35f9250c9f039944880213e32
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
8057a1bfef3b2019e4061f4acc1196ad8d3f881d3a03683ad69bdf41496a20fa
826131f14b199c22f4e4cc833fd6db108bc26a30f632c72f0a7a19e13356ff55
8630355b81832e3af63b5af39a2d7d3c4245a2ae0f38ac4f876336e37b7fdfcf
8cd8230193267bf72ca46cf222326c8a01cc78d6a7ab4d391815152ac73c7e92
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
a28b61d3cfdf9142a983b8272fb7f9093b0768ec33a0b81c2b3c962bc2868b39
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
bfcc2143b6f0635117b7354d9c0965778cd10168c10ca661d0ce42af30820951
c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d605072aefaa473623ff169b8f4107c8dbdd7bd7f3c032e516904976626c30d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecfd207c83481c94bc568e85276c07d04b5f1c0238eca963dcd8cc72ef812912
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f9ad6189a89fa41bfd756d25eee3c9f779e2278f4d450a5c936d80353b397505
fa8e76d95cfcfd6e651f0e5ffc8cb54494b24bd55794a80728f7ca638e680e1e
fbf85a5f5e8acc4daeef8e1fcd0554514972e5028c0485fa54991af0890d98b8
fd55e2252d79281f8766245b5ecbd115ebce885f0dc80e2ad5661655cf757755

revanced.io Open in urlscan Pro 2606:4700:3037::6815:48a7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

100 %HTTPS

100 %IPv6

5 Domains

7 Subdomains

8 IPs

2 Countries

395 kBTransfer

1082 kBSize

4 Cookies

10 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

revanced.io Open in urlscan Pro
2606:4700:3037::6815:48a7 Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

100 %
HTTPS

100 %
IPv6

5
Domains

7
Subdomains

8
IPs

2
Countries

395 kB
Transfer

1082 kB
Size

4
Cookies

39 HTTP transactions
4 data transactions