![](/screenshots/b9e3dd2a-ddda-41b9-909d-1049935033f5.png)
wiki.returnofreckoning.com
Open in
urlscan Pro
2606:4700:20::ac43:4416
Public Scan
Effective URL: https://wiki.returnofreckoning.com/Main_Page
Submission: On December 05 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on December 3rd 2023. Valid for: 3 months.
This is the only time wiki.returnofreckoning.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
wiki.returnofreckoning.com | |
www.returnofreckoning.com |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com | |
googleads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-14-54.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
googleads4.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
static.adsafeprotected.com |
ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com |
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ad.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-43-253.eu-west-1.compute.amazonaws.com
ihg.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
code.createjs.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
46 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148 |
495 KB |
23 |
returnofreckoning.com
2 redirects
wiki.returnofreckoning.com www.returnofreckoning.com |
286 KB |
22 |
doubleclick.net
6 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515 ad.doubleclick.net — Cisco Umbrella Rank: 139 |
156 KB |
14 |
2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300 |
173 KB |
12 |
adsafeprotected.com
1 redirects
fw.adsafeprotected.com — Cisco Umbrella Rank: 900 static.adsafeprotected.com — Cisco Umbrella Rank: 602 dt.adsafeprotected.com — Cisco Umbrella Rank: 567 |
103 KB |
7 |
casalemedia.com
3 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578 |
4 KB |
6 |
adnxs.com
4 redirects
ib.adnxs.com — Cisco Umbrella Rank: 229 |
5 KB |
3 |
gstatic.com
www.gstatic.com |
17 KB |
3 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206 |
192 KB |
2 |
demdex.net
1 redirects
ihg.demdex.net — Cisco Umbrella Rank: 7591 |
1 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29 |
2 KB |
2 |
google.com
1 redirects
www.google.com — Cisco Umbrella Rank: 2 |
1 KB |
1 |
createjs.com
code.createjs.com — Cisco Umbrella Rank: 1586 |
63 KB |
125 | 13 |
Domain | Requested by | |
---|---|---|
29 | pagead2.googlesyndication.com |
wiki.returnofreckoning.com
pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com |
22 | wiki.returnofreckoning.com |
2 redirects
wiki.returnofreckoning.com
|
17 | tpc.googlesyndication.com |
pagead2.googlesyndication.com
tpc.googlesyndication.com googleads.g.doubleclick.net wiki.returnofreckoning.com |
14 | s0.2mdn.net |
wiki.returnofreckoning.com
s0.2mdn.net googleads.g.doubleclick.net |
10 | googleads.g.doubleclick.net |
pagead2.googlesyndication.com
googleads.g.doubleclick.net |
8 | dt.adsafeprotected.com |
googleads.g.doubleclick.net
|
8 | cm.g.doubleclick.net |
6 redirects
googleads.g.doubleclick.net
|
7 | dsum-sec.casalemedia.com |
3 redirects
googleads.g.doubleclick.net
|
6 | ib.adnxs.com |
4 redirects
googleads.g.doubleclick.net
|
3 | www.gstatic.com |
googleads.g.doubleclick.net
|
3 | www.googletagservices.com |
googleads.g.doubleclick.net
|
2 | ihg.demdex.net |
1 redirects
googleads.g.doubleclick.net
|
2 | ad.doubleclick.net |
wiki.returnofreckoning.com
|
2 | fonts.googleapis.com |
googleads.g.doubleclick.net
|
2 | static.adsafeprotected.com |
googleads.g.doubleclick.net
|
2 | googleads4.g.doubleclick.net |
wiki.returnofreckoning.com
|
2 | fw.adsafeprotected.com |
1 redirects
wiki.returnofreckoning.com
|
2 | www.google.com |
1 redirects
tpc.googlesyndication.com
|
1 | code.createjs.com |
s0.2mdn.net
|
1 | www.returnofreckoning.com |
wiki.returnofreckoning.com
|
125 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
returnofreckoning.com |
www.returnofreckoning.com |
twitter.com |
www.facebook.com |
www.mediawiki.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
returnofreckoning.com GTS CA 1P5 |
2023-12-03 - 2024-03-02 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
tpc.googlesyndication.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
fw.adsafeprotected.com Amazon RSA 2048 M02 |
2023-03-29 - 2024-04-27 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
static.adsafeprotected.com Amazon RSA 2048 M02 |
2023-07-07 - 2024-08-04 |
a year | crt.sh |
dt.adsafeprotected.com Amazon RSA 2048 M01 |
2023-05-09 - 2024-06-06 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-10-23 - 2024-01-15 |
3 months | crt.sh |
tls.adobe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2023-02-08 - 2024-03-10 |
a year | crt.sh |
This page contains 19 frames:
Primary Page:
https://wiki.returnofreckoning.com/Main_Page
Frame ID: 2933C5FDEC2070A776A3A9A723817157
Requests: 32 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup_fy2021.html
Frame ID: 5173DC5522A89DB55229329969B68ADB
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9302098306226831&output=html&h=600&slotname=7706214335&adk=354745794&adf=1210279177&pi=t.ma~as.7706214335&w=171&fwrn=4&fwrnh=100&lmt=1676302857&rafmt=1&format=171x600&url=https%3A%2F%2Fwiki.returnofreckoning.com%2FMain_Page&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701753958410&bpp=5&bdt=438&idt=196&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&correlator=4362551188982&frm=20&pv=2&ga_vid=1322392026.1701753959&ga_sid=1701753959&ga_hid=526164428&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=19&ady=433&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079863%2C31079920%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=88014727593511&tmod=1553857455&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaEe%7C&abl=CA&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: 103779397A486C10C3DBFFAC41229912
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9302098306226831&output=html&adk=1812271804&adf=3025194257&lmt=1676302857&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwiki.returnofreckoning.com%2FMain_Page&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701753958427&bpp=2&bdt=455&idt=193&shv=r20231130&mjsv=m202311300101&ptt=9&saldr=aa&abxe=1&prev_fmts=171x600&nras=1&correlator=4362551188982&frm=20&pv=1&ga_vid=1322392026.1701753959&ga_sid=1701753959&ga_hid=526164428&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079863%2C31079920%2C44807763%2C44808149%2C44808285%2C44809072&oid=2&pvsid=88014727593511&tmod=1553857455&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=198
Frame ID: 26F240B54165878C077D15FB8453612D
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D74A750C3AFD2F491F54E8BEE4CAA2E
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/aframe
Frame ID: 778945E376102A52D7DA1B2336E341A6
Requests: 2 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYpq39xAEwAQ&v=APEucNUDJo7ndofKRdjWhss9PmBB6bGkyqqTs82vbNTm1MrZzyN4dGhHMeFRtHP1KYPr5TzP1QBoAPVTbhpk_gNCUePYfZjfGBdxfdc8-ouQiRynTfP1LlKY22PXzmGmhuTqmJV3BnQeCM9L54wRsH04uP0l8roagsah-uSTtstIl3E6CU-H8b8
Frame ID: 855EF96637BA1342AD1330D77C98F9BE
Requests: 5 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 81E96A1276027507D3F61F121A0E051E
Requests: 27 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: EE73CB0347CEA81B1C14B6A2D29401A0
Requests: 3 HTTP requests in this frame
Frame:
https://s0.2mdn.net/sadbundle/8464527532860307799/index.html?ev=01_250
Frame ID: 3501E81C83D6E9A40892919190492B13
Requests: 8 HTTP requests in this frame
Frame:
https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CF04C701FB639880298AA3CC22F9A9B5
Requests: 1 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 389AE0A74CE0F729F136E483D6FE22C6
Requests: 6 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F1DF39AC2608FC4D503A9C3164BC1F9D
Requests: 14 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/xbbe/pixel?d=COO1YRDml88BGKaltfcBMAE&v=APEucNXvMy_S075LvYd0BMpzQpZg456B-AzK2P1v1hs_MuYuq_-BfXqFTbfahT5npf3IBHiGg8bGsP-ZGxl_QVVoljAQ2YNbdVUqHYytEYvgKIENAWvSRYyEYM3LolcabIYup9Ncbs7NVA3HRJN65xlPsAmjXkl18U5hi-WSLVvQvAz1oPgEpO4
Frame ID: 0C15FAC0FBB50050B74F096F2951EF93
Requests: 5 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 067A25B8E5F00A86C3587E0298FDE6E8
Requests: 7 HTTP requests in this frame
Frame:
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 16E743B5C9BF278B3576886F35C4DF52
Requests: 2 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0BFBC83D65F1269E9BC4B42CAC6FA123
Requests: 3 HTTP requests in this frame
Frame:
https://s0.2mdn.net/sadbundle/8342201720650072064/728x90-HI-DE-refreshed/728x90-IHG-EN.html?ev=01_250
Frame ID: FEEB9FB97BF9CA07D996B8CC3DFE0612
Requests: 5 HTTP requests in this frame
Frame:
https://pagead2.googlesyndication.com/bg/EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
Frame ID: 5CB6BB9C7533389BBBDA30F6729495CC
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/b9e3dd2a-ddda-41b9-909d-1049935033f5.png)
Page Title
RoR WikiPage URL History Show full URLs
-
http://wiki.returnofreckoning.com/
HTTP 301
https://wiki.returnofreckoning.com/ HTTP 301
https://wiki.returnofreckoning.com/Main_Page Page URL
Detected technologies
Detected patterns
- adnxs\.(?:net|com)
Detected patterns
- 2mdn\.net
Detected patterns
- googlesyndication\.com/
- 2mdn\.net
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: Game Installation
Search URL Search Domain Scan URL
Title: Twitter
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Help about MediaWiki
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wiki.returnofreckoning.com/
HTTP 301
https://wiki.returnofreckoning.com/ HTTP 301
https://wiki.returnofreckoning.com/Main_Page Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITQiVRg7Ig1vjCn3sw6Ua4&google_cver=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW60Z0yV1JCpk5iZuOm2XAAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITQiVRg7Ig1vjCn3sw6Ua4&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
- https://ib.adnxs.com/setuid?entity=101&code=CAESEMXhP8VNkeLg0StMewLv1sQ&google_cver=1 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMXhP8VNkeLg0StMewLv1sQ%26google_cver%3D1
- https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ0NDgyNDcxNTc1NjU1NDUzNQ%3D%3D
- https://fw.adsafeprotected.com/rfw/st/987057/61527764/4.js?ias_dspID=3&ias_campId=1013380671&ias_pubId=pub-9302098306226831&ias_chanId=1&ias_placementId=20343401411&bidurl=https://wiki.returnofreckoning.com/Main_Page&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0jd_jk0Mhzhs2EMzcfwDgNG&adContainerId=brand_safety_Z7RuZdDmCPKb9u8PxI2HoAU&cbFunctionName=goog_wrapCb_Z7RuZdDmCPKb9u8PxI2HoAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwiki.returnofreckoning.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwiki.returnofreckoning.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9302098306226831%26output%3Dhtml%26h%3D600%26slotname%3D7706214335%26adk%3D354745794%26adf%3D1210279177%26pi%3Dt.ma~as.7706214335%26w%3D171%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1676302857%26rafmt%3D1%26format%3D171x600%26url%3Dhttps%253A%252F%252Fwiki.returnofreckoning.com%252FMain_Page%26ea%3D0%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1701753958410%26bpp%3D5%26bdt%3D438%26idt%3D196%26shv%3Dr20231130%26mjsv%3Dm202311300101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26correlator%3D4362551188982%26frm%3D20%26pv%3D2%26ga_vid%3D1322392026.1701753959%26ga_sid%3D1701753959%26ga_hid%3D526164428%26ga_fc%3D0%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D19%26ady%3D433%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079863%252C31079920%252C44807763%252C44808149%252C44808285%252C44809072%26oid%3D2%26pvsid%3D88014727593511%26tmod%3D1553857455%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CaEe%257C%26abl%3DCA%26pfx%3D0%26fu%3D128%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D1%26uci%3Da!1%26fsb%3D1%26dtd%3D204&adsafe_type=bed&adsafe_jsinfo=,id:e7fe35cb-8738-e147-8204-88f8bd4328b3,c:vTUPb7,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-594854db75-7nbks,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:sp,cc:0.0.160.600,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tXxwbDQ+11%7C121*.987057-61527764%7C1211%7C1212%7C1213%7C13%7C14,idMap:121*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:12,oid:c5e2876e-932e-11ee-bce8-7a8be380833e,v:19.8.463,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
- https://static.adsafeprotected.com/4.js?adContainerId=brand_safety_Z7RuZdDmCPKb9u8PxI2HoAU&cbFunctionName=goog_wrapCb_Z7RuZdDmCPKb9u8PxI2HoAU&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_160x600.js
- https://www.google.com/pagead/drt/ui HTTP 302
- https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
- https://ihg.demdex.net/event?d_event=imp&d_src=17025&d_creative=199411561&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=638392917 HTTP 302
- https://ihg.demdex.net/firstevent?d_event=imp&d_src=17025&d_creative=199411561&d_adgroup=567519347&d_placement=375997312&d_site=3439440&d_campaign=30519982&d_cb=638392917
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITQiVRg7Ig1vjCn3sw6Ua4&google_cver=1
- https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZW60Z0yV1JCpk5iZuOm2XAAA HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEITQiVRg7Ig1vjCn3sw6Ua4&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
- https://ib.adnxs.com/setuid?entity=101&code=CAESEMXhP8VNkeLg0StMewLv1sQ&google_cver=1
- https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI1MTEzOTczNDI2MjA2NDI5MA%3D%3D
125 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
Main_Page
wiki.returnofreckoning.com/ Redirect Chain
|
24 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load.php
wiki.returnofreckoning.com/ |
80 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load.php
wiki.returnofreckoning.com/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
431px-Return_of_Reckoning_logo.png
wiki.returnofreckoning.com/images/thumb/9/9e/Return_of_Reckoning_logo.png/ |
30 KB 31 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_quest.png
wiki.returnofreckoning.com/images/thumb/4/46/Ea_icon_corner_quest.png/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_character.png
wiki.returnofreckoning.com/images/thumb/f/f9/Ea_icon_corner_character.png/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_spellbook.png
wiki.returnofreckoning.com/images/thumb/6/69/Ea_icon_corner_spellbook.png/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_help.png
wiki.returnofreckoning.com/images/thumb/9/9c/Ea_icon_corner_help.png/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_rvr.png
wiki.returnofreckoning.com/images/thumb/7/7c/Ea_icon_corner_rvr.png/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_cultivating.png
wiki.returnofreckoning.com/images/thumb/8/8b/Ea_icon_corner_cultivating.png/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_customizeui.png
wiki.returnofreckoning.com/images/thumb/a/ac/Ea_icon_corner_customizeui.png/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
46px-Ea_icon_corner_mail.png
wiki.returnofreckoning.com/images/thumb/a/ab/Ea_icon_corner_mail.png/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rocket-loader.min.js
wiki.returnofreckoning.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ror_wiki.jpg
wiki.returnofreckoning.com/resources/assets/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ |
148 KB 51 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load.php
wiki.returnofreckoning.com/ |
35 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ror.jpg
www.returnofreckoning.com/forum/styles/dawar/theme/images/theme/ |
66 KB 66 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tab-break.png
wiki.returnofreckoning.com/skins/DarkVector/images/ |
125 B 669 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
search.svg
wiki.returnofreckoning.com/skins/DarkVector/images/ |
219 B 674 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
poweredby_mediawiki_88x31.png
wiki.returnofreckoning.com/resources/assets/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ |
398 KB 135 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 5173 |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 1037 |
26 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
googleads.g.doubleclick.net/pagead/ Frame 26F2 |
315 KB 90 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D74 |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aframe
www.google.com/recaptcha/api2/ Frame 7789 |
829 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 3D74 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ Frame 7789 |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
generate_204
tpc.googlesyndication.com/ Frame 3D74 |
0 10 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load.php
wiki.returnofreckoning.com/ |
61 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load.php
wiki.returnofreckoning.com/ |
303 KB 88 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame 855E |
624 B 246 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 81E9 |
89 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 81E9 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 81E9 |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 81E9 |
202 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E9 |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E9 |
0 20 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E9 |
0 20 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ad
googleads.g.doubleclick.net/dbm/ Frame 81E9 |
107 KB 41 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rum
dsum-sec.casalemedia.com/ Frame 855E Redirect Chain
|
43 B 333 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 855E Redirect Chain
|
43 B 767 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
ib.adnxs.com/ Frame 855E Redirect Chain
|
43 B 893 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 855E Redirect Chain
|
170 B 243 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
skeleton.js
fw.adsafeprotected.com/rjss/st/987057/61527764/ Frame 81E9 |
256 KB 77 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 81E9 |
111 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 81E9 |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 81E9 |
31 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 81E9 |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 81E9 |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame EE73 |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index.html
s0.2mdn.net/sadbundle/8464527532860307799/ Frame 3501 |
153 KB 23 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
googleads4.g.doubleclick.net/pcs/ Frame 81E9 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame EE73 |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 3501 |
29 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
googleads4.g.doubleclick.net/pcs/ Frame 81E9 |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame 3501 |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 3501 |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_flextarif.svg
s0.2mdn.net/creatives/assets/4331440/ Frame 3501 |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
head2_5line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3501 |
12 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
head1_3line_family.svg
s0.2mdn.net/creatives/assets/4453672/ Frame 3501 |
7 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
160x600_kv_family.jpg
s0.2mdn.net/creatives/assets/4453672/ Frame 3501 |
38 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE73 |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311300101/ |
160 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4.js
static.adsafeprotected.com/ Frame 81E9 Redirect Chain
|
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sca.17.6.2.js
static.adsafeprotected.com/ Frame CF04 |
91 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 216 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 389A |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame F1DF |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ Frame 389A |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 389A |
205 B 295 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 389A |
604 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 389A |
16 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame 389A |
22 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0C15 |
624 B 245 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame F1DF |
111 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/elements/html/ Frame F1DF |
7 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame F1DF |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F1DF |
41 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame F1DF |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame F1DF |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame F1DF |
42 B 63 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F1DF |
202 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 067A |
14 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 067A |
2 KB 822 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/ Frame 067A |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s
googleads.g.doubleclick.net/pagead/drt/ Frame 16E7 |
143 B 168 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 067A |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231130/r20110914/client/ Frame 067A |
20 KB 8 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 067A |
202 KB 64 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7a8419aef3683f04c437bd15cecf843d.js
www.gstatic.com/mysidia/ Frame 067A |
37 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0BFB |
38 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
si
googleads.g.doubleclick.net/pagead/drt/ Frame 16E7 Redirect Chain
|
0 19 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame F1DF |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
728x90-IHG-EN.html
s0.2mdn.net/sadbundle/8342201720650072064/728x90-HI-DE-refreshed/ Frame FEEB |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
ad.doubleclick.net/pcs/ Frame F1DF |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firstevent
ihg.demdex.net/ Frame F1DF Redirect Chain
|
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
createjs.min.js
code.createjs.com/1.0.0/ Frame FEEB |
236 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
728x90-IHG-EN.js
s0.2mdn.net/sadbundle/8342201720650072064/728x90-HI-DE-refreshed/ Frame FEEB |
28 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 0C15 Redirect Chain
|
43 B 736 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 0C15 Redirect Chain
|
43 B 736 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
ib.adnxs.com/ Frame 0C15 Redirect Chain
|
43 B 842 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pixel
cm.g.doubleclick.net/ Frame 0C15 Redirect Chain
|
170 B 188 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 0BFB |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EVHvBJ0i-F520M18bkMcYIEfy1k1k36JnZivUIMouqs.js
pagead2.googlesyndication.com/bg/ Frame 5CB6 |
51 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
ping
pagead2.googlesyndication.com/pagead/ |
0 0 |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_728x90stroke.png
s0.2mdn.net/sadbundle/8342201720650072064/728x90-HI-DE-refreshed/images/ Frame FEEB |
557 B 588 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
view
ad.doubleclick.net/pcs/ Frame F1DF |
0 0 |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
hilogohorz.png
s0.2mdn.net/sadbundle/8342201720650072064/728x90-HI-DE-refreshed/images/ Frame FEEB |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BFB |
0 20 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 81E9 |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
activeview
pagead2.googlesyndication.com/pcs/ Frame F1DF |
42 B 64 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
gen_204
pagead2.googlesyndication.com/pagead/ Frame 81E9 |
0 24 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dt
dt.adsafeprotected.com/ Frame 81E9 |
43 B 215 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
52 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| documentPictureInPicture object| __cfQR object| RLCONF object| RLSTATE object| RLPAGEMODULES object| RLQ object| adsbygoogle boolean| __cfRLUnblockHandlers object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms function| isCompatible object| mediaWiki object| mw object| NORLQ function| $ function| jQuery function| pluralRuleParser function| VisualEditorSupportCheck object| ve object| googletag object| google_image_requests object| google_llp12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: IDE Value: AHWqTUnen24N-2_snsStzEY2MeKuHK2cTTsrs2UDqLIKLOvSXefS_0OEkohxuuja |
|
.doubleclick.net/ | Name: APC Value: AfxxVi4IAbEog4Gu_e8NpDpqXafKesN-Lf0iP4h-q2O7iXWKF_vJng |
|
.casalemedia.com/ | Name: CMID Value: ZW60Z0yV1JCpk5iZuOm2XAAA |
|
.casalemedia.com/ | Name: CMPS Value: 5224 |
|
.casalemedia.com/ | Name: CMPRO Value: 5224 |
|
.returnofreckoning.com/ | Name: __gads Value: ID=e153725f3c97b3f9:T=1701753958:RT=1701753958:S=ALNI_MZuYqverWdRbqVul2JsSF1Plj9NVA |
|
.returnofreckoning.com/ | Name: __gpi Value: UID=00000d0af774a17c:T=1701753958:RT=1701753958:S=ALNI_MZ8vevCsRJ6dM-MztFQM0N77Ubxaw |
|
.adnxs.com/ | Name: uuid2 Value: 5251139734262064290 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?kns'x1!]tbPl1M>e)ZlrFUfJ+tGXxo]9v5avUx^%>>Z(n5Q2V1B>VT]5X^Y1<b5q:33If)y3KL9D3I?-)2k5'z |
|
.doubleclick.net/ | Name: DSID Value: NO_DATA |
|
.demdex.net/ | Name: demdex Value: 26375613840164313490408281347743074287 |
|
.ihg.demdex.net/ | Name: ihg Value: 26375613840164313490408281347743074287 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ihg.demdex.net
pagead2.googlesyndication.com
s0.2mdn.net
static.adsafeprotected.com
tpc.googlesyndication.com
wiki.returnofreckoning.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.returnofreckoning.com
104.18.36.155
142.250.185.166
142.250.186.66
142.250.186.98
185.89.210.212
2600:1f13:800:7781:b300:4e0a:a2f0:cc36
2600:9000:243d:3200:8:48e:53c0:93a1
2606:4700:20::ac43:4416
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a02:26f0:480:f::213:7ed6
34.247.14.54
54.154.43.253
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
05033dca3f70cfb136413f0b9c8fdc66c940a595411a0ab6adc3eb3817752f0b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d83b0c995f47d465d9c2e9ba76c14eb6e8f501f9b855b3a5974e67c55c1e5ef
0e84b494346c7a19da3fffe6e54955239cdffbb7c09a2fa1f07aa5297dd73cd7
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1151ef049d22f85e76d0cd7c6e431c60811fcb5935937e899d98af508328baab
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
240ed2cf95df9fa682cc2a820a6681e8faa474dcd678ffbe844351ccbda9bb6e
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
2a3d02c31b83a7477833108ffe85d26d012fcc3385c3db4a1d8c55dfe45dead8
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e9ded868de28c6279e355c24e549bbc5076dd5a3c07436dfb697b634f85088e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
41b6df75a259d0930bc341f3a09b8009c5665573e4a5a69fb8089a267da491fd
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42dc9ee1c4ce49acea179f6c8c858fde08ed43ae24028dd33278b1d3eed00559
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
479033ae51a8aed3b896d7d61943b87bc92d61c324bfac469c7254ca39b6b20b
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4dce4158779dce6da3ede11337029f817a03f45c9559b1f91d8a7c5ac130f38c
4e7de0800efbf4e7c5d6802a84e7f68b5906cc0e46b68b97076dc688bc7def16
502ceab2e9727d9c113a18f5e48a938865ef4c52884e6720fe57aed20aa24823
50a7b1c8d19c1d74836d2aaaaaf1fb2bde2a42708f6d4bb4c9168d7609503fbc
50df0b49a9aa0555312895bd3decc17d1cd1fbfabffbe620a81dfd1122826bac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59b036fb5e133a03feca939ab701a5eae28842f15573265dc8da1bfd5d100e6b
5c24f3d8f3dfcb28322f4d411d2f0d48c7313dd91817bff0886e6e6164299421
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5da279c9b6d0f1d8cc0ce5840350f404ad161a82d772d51eb09c762851901973
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6ae81817c90052995774cacf096b367d746225338fcbbdf50031aec87f6165ac
6b9b2b33d50320446996a318fbd7129b3b365e760c44e8acc28031438bb3f8d3
6e3e3fc8cdf8924500e7972820c834a71917633559f5deb528ea3091959130ed
6f479a635c244cf12054c66b1eb160e5a61bca9c6651785d67ad4ed09507ca91
70c859431ed8e242967e93868b7496e153e7f9237513c9e0fb6184328127b263
7876955f796a610bbb1c5d9cce338b6dd2df0156c14fd44e3115d52724559a88
7e263e007442c865f82623cf2a5528838f601145efd94e6559e1c005003723b8
82df0096488e87333aaa0b7cad6ec583baee19c0d1cf7638e48fb609ed060a79
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
89c1b1f5c741dfa102098707129994f4903286d1350d17c1c6f705cd572e1fe9
89f34b3bc1c9a0181dffc795420e5e13874189f4f65c42f1523c882db1516c87
8f41f21b2aa71d59971a9127af5e708081a8cd838e0b9402c52c13504a048957
949b3cde1a46caf4f55bb496f58a44af641a4b9fed64f95057bb5eeff142170b
95b66e437c2349dfb086e55d9a395a85324398bde6c1a6656163626cec59b303
95cb310b793f324e82e1b24449a1d56e116e207a8b8491990afe5d59f315cee2
9646faa910bf46eb34358bfb94ca36d267cfb8129d182caeedb7720d28ec8ceb
9a4b102038a72a3bce751aa8dfbcdc084d69f7703101e33ca6cbf9d7308c363f
9f392288477b416424d96ef0c5a08f2d24d9936dea70eb29b2cad0ef250e353f
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b0ac1f9971d9399e3e626ba42089bffccb2969f050bce5f3505d6233b0658894
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b896fdbec9c14bfc6ea900ab9ceeaf8d5d3bd8772c8fee94c262fb80e573893c
c3c65e8c0bf0810f493253701a2cef5c578d962c55e7e6307d69128f6e13c27d
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c527305b71aee5a8d7d7f5191ce033859c13dd381e51e723a7e37d5835e02857
ca9c83b6409291c196656bf5bb3ac28b1de99cdb035c9b1cfcfed25a40c2ee40
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cdd05deac929021f9fb85923a579e57472e883e491dc4460150e6af677d803d5
d0156c43305d5ae1916c924e55d216039bff61f04a793c7054c12e7587b3d3eb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e4b6aedefec8a8c951593dde14beeb12c18bcbb2681d1d92906c34a6aedae1f8
e57911cd8bc28f9819a0d3bfe5fd4b05aaf4d1330ca55a78c427ae3a242fad82
ea40f4f405204f6403c97a6ad2b2f06ba2bfe2fe42e85ac28a9d59ded147721f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec24c22b9203d16dbd13f6f6898ec8b39c5b2fb7f6ef5571b9f2481bbdb862f8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f84f4f65c00630a8dd0f354e652293a2cf51e95722f447fb2ea869bbbe664446
ff22ab6094533b3d20eb158046fa8b587f0ae249af11c8df7ae60d29231bb4a1