urlscan.io logo urlscan.io
SecurityTrails logo

www.emuparadise.me Open in urlscan Pro
151.101.194.109  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.emuparadise.me/
Effective URL: https://www.emuparadise.me/
Submission Tags: falconsandbox
Submission: On March 16 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 5 countries across 34 domains to perform 191 HTTP transactions. The main IP is 151.101.194.109, located in United States and belongs to FASTLY, US. The main domain is www.emuparadise.me.
TLS certificate: Issued by GlobalSign CloudSSL CA - SHA256 - G3 on March 9th 2021. Valid for: a month.
This is the only time www.emuparadise.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 151.101.194.109 54113 (FASTLY)
15 104.108.144.152 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2.20.130.64 16625 (AKAMAI-AS)
2 104.16.88.26 13335 (CLOUDFLAR...)
1 208.100.17.184 32748 (STEADFAST)
2 104.16.38.14 13335 (CLOUDFLAR...)
1 151.101.113.108 54113 (FASTLY)
2 13.226.158.204 16509 (AMAZON-02)
1 67.202.110.23 32748 (STEADFAST)
2 208.100.17.187 32748 (STEADFAST)
3 33 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 7 142.250.186.162 15169 (GOOGLE)
3 37.252.172.45 29990 (ASN-APPNEX)
1 52.45.248.59 14618 (AMAZON-AES)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
42 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 34.120.25.144 15169 (GOOGLE)
1 63.32.181.48 16509 (AMAZON-02)
1 1 23.209.68.189 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 1 184.30.210.81 20940 (AKAMAI-ASN1)
1 1 52.28.42.15 16509 (AMAZON-02)
2 2 34.98.64.218 15169 (GOOGLE)
2 2 185.94.180.125 35220 (SPOTX-AMS)
2 2 104.108.145.8 16625 (AKAMAI-AS)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 1 185.64.190.80 62713 (AS-PUBMATIC)
2 2 35.156.153.71 16509 (AMAZON-02)
2 2 18.156.0.31 16509 (AMAZON-02)
191 35
2    151.101.194.109 (United States)

ASN54113 (FASTLY, US)
www.emuparadise.me
15    104.108.144.152 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-144-152.deploy.static.akamaitechnologies.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:417 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2.20.130.64 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-130-64.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
2    104.16.88.26 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tynt.com
sc.tynt.com
1    208.100.17.184 (United States)

ASN32748 (STEADFAST, US)
PTR: ip184.208-100-17.static.steadfastdns.net
ic.tynt.com
2    104.16.38.14 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-sic.33across.com
1    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
1    67.202.110.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-110.static.steadfastdns.net
sic.33across.com
2    208.100.17.187 (United States)

ASN32748 (STEADFAST, US)
PTR: ip187.208-100-17.static.steadfastdns.net
de.tynt.com
33    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
a.tribalfusion.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
7    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
cm.g.doubleclick.net
3    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    52.45.248.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-248-59.compute-1.amazonaws.com
ssc.33across.com
7    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
15    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
7    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:80e::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2921a1983bf3d20d382a90a83f6db872.safeframe.googlesyndication.com
42    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
27    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
adservice.google.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 144.25.120.34.bc.googleusercontent.com
public-prod-dspcookiematching.dmxleo.com
1    63.32.181.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-181-48.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    23.209.68.189 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-68-189.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    184.30.210.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-30-210-81.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    52.28.42.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-42-15.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    104.108.145.8 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-153-71.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
Apex Domain
Subdomains		 Transfer
70 googlesyndication.com
2921a1983bf3d20d382a90a83f6db872.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
892 KB
33 tribalfusion.com
s.tribalfusion.com
a.tribalfusion.com
63 KB
20 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
static.doubleclick.net
cm.g.doubleclick.net
228 KB
15 rackcdn.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
87 KB
10 google.com
www.google.com
adservice.google.com
7 KB
9 youtube.com
www.youtube.com
678 KB
6 googletagservices.com
www.googletagservices.com
185 KB
5 tynt.com
cdn.tynt.com
sc.tynt.com
ic.tynt.com
de.tynt.com
8 KB
4 adnxs.com
acdn.adnxs.com
ib.adnxs.com
34 KB
4 33across.com
cdn-sic.33across.com
sic.33across.com
ssc.33across.com
133 KB
3 pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
2 KB
3 google.de
adservice.google.de
2 KB
3 googleadservices.com
partner.googleadservices.com
890 B
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
2 yahoo.com
ups.analytics.yahoo.com
2 KB
2 advertising.com
pixel.advertising.com
695 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 openx.net
us-u.openx.net
678 B
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
17 KB
2 amazon-adsystem.com
c.amazon-adsystem.com
34 KB
2 google-analytics.com
www.google-analytics.com
19 KB
2 emuparadise.me
www.emuparadise.me
12 KB
1 agkn.com
aa.agkn.com
328 B
1 bluekai.com
tags.bluekai.com
816 B
1 rubiconproject.com
pixel.rubiconproject.com
767 B
1 stickyadstv.com
ads.stickyadstv.com
749 B
1 krxd.net
beacon.krxd.net
338 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
176 B
1 ytimg.com
i.ytimg.com
19 KB
1 ggpht.com
yt3.ggpht.com
1 KB
1 exponential.com
tags.expo9.exponential.com
3 KB
1 googleapis.com
ajax.googleapis.com
33 KB
0 po.st Failed
i.po.st Failed
191 34
Domain Requested by
42 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
27 pagead2.googlesyndication.com s.tribalfusion.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.emuparadise.me
googleads.g.doubleclick.net
www.googletagservices.com
21 s.tribalfusion.com tags.expo9.exponential.com
s.tribalfusion.com
www.emuparadise.me
15 googleads.g.doubleclick.net 1 redirects www.youtube.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
15 b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com www.emuparadise.me
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
12 a.tribalfusion.com 3 redirects s.tribalfusion.com
9 www.youtube.com www.emuparadise.me
www.youtube.com
7 www.google.com 3 redirects www.youtube.com
googleads.g.doubleclick.net
6 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 adservice.google.com pagead2.googlesyndication.com
3 adservice.google.de pagead2.googlesyndication.com
3 partner.googleadservices.com pagead2.googlesyndication.com
3 ib.adnxs.com acdn.adnxs.com
3 securepubads.g.doubleclick.net cdn-sic.33across.com
securepubads.g.doubleclick.net
3 sb.scorecardresearch.com 1 redirects b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
www.emuparadise.me
2 ups.analytics.yahoo.com 2 redirects
2 pixel.advertising.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 dsum-sec.casalemedia.com 2 redirects
2 sync.search.spotxchange.com 2 redirects
2 us-u.openx.net 2 redirects
2 de.tynt.com cdn.tynt.com
2 c.amazon-adsystem.com cdn-sic.33across.com
c.amazon-adsystem.com
2 cdn-sic.33across.com cdn.tynt.com
cdn-sic.33across.com
2 www.google-analytics.com b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
www.google-analytics.com
2 www.emuparadise.me 1 redirects
1 simage2.pubmatic.com 1 redirects
1 cm.g.doubleclick.net 1 redirects
1 aa.agkn.com 1 redirects
1 tags.bluekai.com 1 redirects
1 pixel.rubiconproject.com s.tribalfusion.com
1 ads.stickyadstv.com 1 redirects
1 beacon.krxd.net s.tribalfusion.com
1 public-prod-dspcookiematching.dmxleo.com s.tribalfusion.com
1 2921a1983bf3d20d382a90a83f6db872.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.gstatic.com www.youtube.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 fonts.gstatic.com www.youtube.com
1 ssc.33across.com cdn-sic.33across.com
1 sic.33across.com cdn-sic.33across.com
1 acdn.adnxs.com cdn-sic.33across.com
1 ic.tynt.com www.emuparadise.me
1 sc.tynt.com cdn.tynt.com
1 cdn.tynt.com www.emuparadise.me
1 tags.expo9.exponential.com www.emuparadise.me
1 ajax.googleapis.com www.emuparadise.me
0 i.po.st Failed b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
191 49

This site contains links to these domains. Also see Links.

Domain
www.epforums.org
www.facebook.com
twitter.com
feeds.feedburner.com
www.youtube.com
Subject Issuer Validity Valid
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-09 -
2021-04-17		 a month crt.sh
*.ssl.cf1.rackcdn.com
DigiCert SHA2 Secure Server CA		 2020-04-19 -
2021-07-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2020-05-22 -
2021-05-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
sb.scorecardresearch.com
DigiCert Secure Site ECC CA-1		 2020-07-17 -
2021-06-02		 a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-01 -
2021-09-30		 2 years crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-16 -
2022-03-17		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-08 -
2021-08-08		 a year crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.googleusercontent.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
edgestatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-02-16 -
2021-05-17		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh

This page contains 33 frames:

Primary Page: https://www.emuparadise.me/
Frame ID: 8809494CDADC9A66E8674B3649AB5625
Requests: 32 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ast/ast.js
Frame ID: D7D91A7F65B1F005CDDB1253B1914FC6
Requests: 4 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 63CBAE4320DC5DCE95DE7882795EAA3E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: 3EBCA55D721F310EC185CCFCE362FF8B
Requests: 12 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: 26EF558BF156B73A7F05309DF83DB9D8
Requests: 12 HTTP requests in this frame

Frame: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Frame ID: B39B52370D6AEEB44D279DEA9D023A93
Requests: 12 HTTP requests in this frame

Frame: https://www.youtube.com/embed/UZMBXSqGIEY
Frame ID: 09D48FF943F4574EC6F411728DC2F157
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3E3CB8F1D90153102FD505865AB1B5D4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210310/r20190131/zrt_lookup.html
Frame ID: 2639285ABFAC2C66890E94BDD6A35794
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aHmTR8RUjr1E3s5q7l5aY1oTJKXF38UWFXoPYZcmcMwodMA2EMh5tAn4PZbZbnrnEXc7XYs34XGjppE7T3UFVTUbFW6Y2QavXScFoStfr0WBuVmby2Gn3YrnZaVmmw46Zb8PAnA4WUyXHQLpdAo4mQS5cQ7Vc37UsfeRPUuTdFWWrbP3r2pUqYvWqFaPTMIRsQIPFusSdMaVGrQ4rTvmWuO0qep4dbEVcftwW6XHJ&mediaDataID=6807466&mediaName=frame.html
Frame ID: 8659F76B77D42A37D51AD8D981637A2A
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1dbxWPnw4srVXr3ZaTATw2AMdQA7K2tYs1WnKpdiM4mrR5sMgTGBlWsbgPPQmWt3WUrM05rIpWTUnWqUdSTJKQVjCQUAvRW79WcY25rqqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXanO5aZbe5E7XmaMHXUJ7TWjVmm3DnsjwmHfJ5EZbg0WiFxQfwDA&mediaDataID=6680176&mediaName=frame.html
Frame ID: BE1C1366B7A8164D5E5562ED1936317B
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJLRbeqPWjbUVUS2UTrmtZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaYp3T3h2a3RnqFIYbUcUdj1nAYZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPt7u0dFwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJvi9ZaAS&mediaDataID=7665496&mediaName=frame.html
Frame ID: C7956236272DDB368333A4DB7A9C152B
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdSVFD5PUHoHZarUW770bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EM2oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQMw7yat&mediaDataID=5436426&mediaName=frame.html
Frame ID: 45EC8531AB6512BE0DB1749E41C7798D
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb7TdbWoPMIpGfpptYB2Er75dAn46bGnUnZbYGYP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWAvN4sJ00UnDUPTw4AZbdQPnD2tBmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavPWv9UcfV5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUrM4f2Y&mediaDataID=9148826&mediaName=frame.html
Frame ID: 49B97E5AE7A364898D90FD8571912463
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=armTR84sY40UUITmqv26v7R6BC2tMM1WvAptiM4A3Y5Vv9UcvdUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQGFJPUAnSdM6UVjP2F2xnHZaOXaex2H3ZbQVBD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXFJdTdj0n6fLns7rpdrB2T3l3HEy5mrGprbE0GfQ4GYjNDSN1S&mediaDataID=4056396&mediaName=frame.html
Frame ID: EEAB3B61B13E68E5DAE9625387632EED
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=atmTR8UVMT2FuootapXa2w4dfFPcJG5AnHmtepUtZbhXFMdXUffXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUk2qrYmqFAXUJgWHrWoAUBmcYwoWfG3EQk2Han3AbGnFbZcXcbP1c3UXVfwpTb42FUVVUZbFUArXRTn1Qc3tPtUOYt7uVmbu4srU0bQLV6Tt5mZb8PPMF3tQt1HQZcnWem5PZbY3sjgVcJcPG7YqvYAOB&mediaDataID=8039566&mediaName=frame.html
Frame ID: 906C2A3950BCEF9CF4AE02C4C461BD83
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=avmTR8WHbSoAnLncUupd7A5E3g2HEo3mBGpbULYcr0YGQ51GJxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvoTmnu2Vv3YrQBVmar2PneQAFK2HZbs0WUJntIM363Y5Gj6TGFdUcb7PAUvWdY3Tbj03r6pUqvrTE3bQTQZdRVQIRr6vRW7dUVQ54bPnmdEtYTev2WbAPcfE56YJoWiNTd3h0bfk1UYe3EeGxZdT0oT&mediaDataID=2713736&mediaName=frame.html
Frame ID: D8EC8812A050FEC60F25BA002E1FD0A2
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=axmTR8Vmqn2PU9QArB2WYsXWrZdptaw4PvY3c3bUGUjWGfhSPruWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrupPWrdWs3W5bumodym0qTp3H3ZdQVrE26vZcptZapVWZbhXUfaYrUfXaiNPrYGWU3SWdY3mbjmRU7o1TQs5TFk5a7XoTbIYbU8WHJXn6vZcmGvopdfD3qZbk2Wis4PfInFQGXsb01cFVXGvwsqbbM4RaP4&mediaDataID=6347136&mediaName=frame.html
Frame ID: F9B0AEC12F95104120B37138F4B94B64
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbvkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaMn3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJMhBB1w&mediaDataID=6546596&mediaName=frame.html
Frame ID: 66219054DE937613CD541EBE60C8B62B
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvdUGMV4FmoodAoYq2v3d3ZdSVFD5PUHoHZarUW770bY7XFje0aaMRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EY4oTrH1rffTdFXmPfZcnsvpptYG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWA3x2GJ3YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQNXKeo2&mediaDataID=6530936&mediaName=frame.html
Frame ID: C1CB8764990E9588C07D2B341B109D99
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb9UWJQn6UIpGUvpdMG2qr75dAn46bGnUnZbYGYP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWA3m4sJ00UnDUPTw4AZbdPPFE3HYmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavSdQcUGUP5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUOtDF8p&mediaDataID=6719746&mediaName=frame.html
Frame ID: 5CE8688C6AB8298ED2A455323D3D6752
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Frame ID: 9BB521D9D1CACED2821EECCDFE898BDD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Frame ID: B056B28F78319F88697A5C87AFAAB0DC
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 337C2BBAA663AF46C08AF17C285A6BC2
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 32BDEAFA3A8C6171B320F69AB5688F6B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html
Frame ID: 22C40B0B3973AAB4131A92B446C8E29A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Frame ID: FABFD42717E98F7385E92A22A09D0083
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 9A675533D1FD51EE4564F2CB8CE6C2A4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
Frame ID: 39E309604824F6AC1AA4E576FDFE7A9F
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 3C97F89E689B730677D104001DF555A3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C43BFFB3358E3FCE18FBB95F630AF248
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 5C18050837B7A1393DDE722D8457EC6F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 317F494B29EF6E8B9CAFDFD9DE9A6C2A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.emuparadise.me/ HTTP 301
    https://www.emuparadise.me/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i

Page Statistics

191
Requests

99 %
HTTPS

42 %
IPv6

34
Domains

49
Subdomains

35
IPs

5
Countries

2455 kB
Transfer

7094 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.emuparadise.me/ HTTP 301
    https://www.emuparadise.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21
  • https://sb.scorecardresearch.com/b?c1=2&c2=17084928&ns__t=1615930164854&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1615930164854&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9=&cs_ak_ss=1
Request Chain 51
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 96
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662209753510065&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209753510065
Request Chain 97
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662209753510065&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209753510065
Request Chain 98
  • https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662209753510065&redirectId=1001 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b21&u=78553bc5ec6f4f1e97ebd3b89f18feba
Request Chain 99
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662209753510065&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209753510065&expires=180
Request Chain 100
  • https://tags.bluekai.com/site/4229?id=18072662209753510065&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=kLSc%2F99999Yp1NaQ
Request Chain 101
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662209753510065 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=164990103727001582335
Request Chain 102
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=aec8fc3d-8ef6-47fa-9e2a-1fbf0b770a13
Request Chain 103
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662209753510065 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEICHOJMhvFIBb6277owVbgs&google_cver=1&google_ula=2786954,0
Request Chain 108
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209753510065&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209753510065&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=af20724f-869e-11eb-a213-16877d165006 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b19&u=af207202-869e-11eb-a213-16877d165006
Request Chain 109
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209753510065&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209753510065&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&C=1 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b20&u=YFEjNufHVQ8UgNxr3ROKuwAA
Request Chain 110
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662209753510065%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D18072662209753510065%2526r%253Dhttps%25253A//a.tribalfusion.com/i.match%25253Fp%25253Db11%252526u%25253D%252524%25257BPUBMATIC_UID%25257D&rdf=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662209753510065&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_UID%7D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b11&u=14901601-4B51-4906-B1EE-B1A217D511F6
Request Chain 148
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true&apid=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true&apid=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8&verify=true HTTP 302
  • https://a.tribalfusion.com/i.match?p=b17&u=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8
Request Chain 153
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 154
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 176
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si

191 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.emuparadise.me/
Redirect Chain
  • http://www.emuparadise.me/
  • https://www.emuparadise.me/
50 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.109 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.12.0 / PHP/5.4.16
Resource Hash
60bc3c2c04bf671a1a0037719ace07a0b5886abc52ae34b4998acdce991e8d7b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
www.emuparadise.me
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx/1.12.0
content-type
text/html; charset=UTF-8
x-powered-by
PHP/5.4.16
content-encoding
gzip
cache-control
max-age=0
expires
Tue, 16 Mar 2021 18:53:21 GMT
content-security-policy
upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
date
Tue, 16 Mar 2021 21:29:24 GMT
age
9364
x-served-by
cache-sin18021-SIN, cache-hhn4042-HHN
x-cache
HIT, HIT
x-cache-hits
1, 1
x-timer
S1615930164.478988,VS0,VE1
vary
Accept-Encoding
content-length
11927

Redirect headers

Server
Varnish
Retry-After
0
Location
https://www.emuparadise.me/
Content-Length
0
Accept-Ranges
bytes
Date
Tue, 16 Mar 2021 21:29:24 GMT
Via
1.1 varnish
Connection
close
X-Served-By
cache-hhn4039-HHN
X-Cache
HIT
X-Cache-Hits
0
X-Timer
S1615930164.398956,VS0,VE0
emuparadise-1537970211.css
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4bb12d70c666a520e92ce5323623ef456da29d874de55b2900f6938b860ce458

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Wed, 26 Sep 2018 13:57:46 GMT
X-Trans-Id
tx70025dde3c8a4d8a82bf5-005f329356dfw1
ETag
900ac5e6f75cfc609df8cf52aeb6e39f
Vary
Accept-Encoding
Content-Type
text/css
X-Timestamp
1537970265.54513
Cache-Control
public, max-age=12755668
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11270
Expires
Wed, 11 Aug 2021 12:43:52 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7/jquery.min.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 15:41:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366485
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33845
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 15:41:19 GMT
emuparadise-1537970211.js
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0d6d87d86843ed0bc023cba55f7d1d2078ea087f968c8dc3e1cf65d59e26560b

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
Content-Encoding
gzip
Origin
https://mycloud.rackspace.com
Last-Modified
Wed, 26 Sep 2018 13:57:46 GMT
X-Trans-Id
txceeb5cd7eed8442e96e4e-005f3f4e86dfw1
ETag
c4a74b6b255adb234084b946f4081e75
Vary
Accept-Encoding
Content-Type
text/javascript
X-Timestamp
1537970265.55555
Cache-Control
public, max-age=13590204
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23613
Expires
Sat, 21 Aug 2021 04:32:48 GMT
s1.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		559 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/s1.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7e915777546516e196d2b26c4eb393423c54174d61fbf7a98259c33a4efdefdc

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:26 GMT
ETag
af3773561c7c44de0d60bfe13e830d96
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729065.89558
Cache-Control
public, max-age=12755823
Content-Length
559
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txa19f7596b40e4d63b4ee0-005f329356dfw1
Expires
Wed, 11 Aug 2021 12:46:27 GMT
eplogo-tag.jpg
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/eplogo-tag.jpg
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a2a699fa7e4ce101b9db469452f2631cc2ac7c887abe082617497274e243f0e

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:18 GMT
ETag
2cf73a9b2b593a3da2038ef33d25115c
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/jpeg
X-Timestamp
1376729537.73098
Cache-Control
public, max-age=12755816
Content-Length
18720
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx97f3cb8e41844554b6afe-005f329356dfw1
Expires
Wed, 11 Aug 2021 12:46:20 GMT
Facebook-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/Facebook-icon.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
432c736872d32e23225a118a9ee55f26126de76a49be04adbf2ddba534bb717d

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:37:46 GMT
ETag
9d85c4d059a5276912b4e962849ef25e
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A37%3A11%20WEST
Content-Type
image/png
X-Timestamp
1376728665.11557
Cache-Control
public, max-age=12755863
Content-Length
1666
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txa7eda24d299e44858f784-005f329356dfw1
Expires
Wed, 11 Aug 2021 12:47:07 GMT
Twitter-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/Twitter-icon.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e8fd36555511bebb4ea6f4520ab3eb3de4acb772452cd9d37f461dfd3b93e994

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:32 GMT
ETag
cb49baac2cd813d139e9eb2cc46ecf18
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729071.33081
Cache-Control
public, max-age=12755955
Content-Length
1746
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx5188d2965c2644c58107f-005f329356dfw1
Expires
Wed, 11 Aug 2021 12:48:39 GMT
rssicon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/rssicon.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a5d4be9135e0400a2357c358d9f967d4a7d5ccc13c272b657932aae568e2ca61

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:46:12 GMT
ETag
b683c3bc3966e545d34439c152fcf921
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A46%3A07%20WEST
Content-Type
image/png
X-Timestamp
1376729171.56505
Cache-Control
public, max-age=13590127
Content-Length
3437
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx6cb33f4edfa74dd1be6c2-005f3f4e86dfw1
Expires
Sat, 21 Aug 2021 04:31:31 GMT
tags.js
tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2306
cf-request-id
08de8a9dd40000c2e596992000000001
x-function
151
last-modified
Fri, 21 Jun 2013 00:18:47 GMT
server
cloudflare
x-reuse-index
19
etag
5909443542969422214
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, public
cf-ray
631113a95bb4c2e5-FRA
expires
Tue, 16 Mar 2021 22:29:25 GMT
mascot.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/mascot.gif
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dcdc6d08c55dacf94f6a80c70f33a211542ae3d54755efa8a6f27c2fef7b7e18

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:30 GMT
ETag
8f86ea0a1b02b3628e80a2ae5fa42f3e
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/gif
X-Timestamp
1376729549.01511
Cache-Control
public, max-age=12755956
Content-Length
8065
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx2458c21dfbd64821b80cf-005f329357dfw1
Expires
Wed, 11 Aug 2021 12:48:40 GMT
open-quote.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/open-quote.png
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cd2890594b4584d2735dd78049aea9ebc7c395cb5cc97bee9e3ab6176a0c299d

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
Origin
https://mycloud.rackspace.com
Last-Modified
Sun, 08 Oct 2017 15:44:01 GMT
X-Trans-Id
tx9d2b1cb596124ebca1c0c-005f3b7a51dfw1
ETag
75d85f6988cebba8a1ae04864a177ba3
Content-Type
image/png
X-Timestamp
1507477440.86806
Cache-Control
public, max-age=13339445
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1972
Expires
Wed, 18 Aug 2021 06:53:29 GMT
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
5209
date
Tue, 16 Mar 2021 20:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Tue, 16 Mar 2021 22:02:35 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.130.64 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-130-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=86400
Connection
keep-alive
Content-Length
884
Expires
Wed, 17 Mar 2021 21:29:24 GMT
post-widget.js
i.po.st/static/v4/ 		0
0
rciv.js
cdn.tynt.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tynt.com/rciv.js
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 21 Aug 2020 18:27:52 GMT
server
cloudflare
age
253990
etag
W/"5f401228-3dbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
631113a9ed5bcc4e-ZRH
cf-request-id
08de8a9e320000cc4e4b8c0000000001
expires
Fri, 19 Mar 2021 21:29:24 GMT
toprepeat.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		120 B
646 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/toprepeat.gif
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d6da0ca764e8868359ebf6451c2c650a06163d1112c9dc8378bf88ce5e486895

Request headers

Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:33 GMT
ETag
d20d7a1416d33c4bdaf9670564b58a40
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/gif
X-Timestamp
1376729552.28827
Cache-Control
public, max-age=6644407
Content-Length
120
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txec4d64b585bb4bdc82cdb-005ed551f6dfw1
Expires
Tue, 01 Jun 2021 19:09:31 GMT
search-icon.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/search-icon.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
51b5cb15f29ab4955072d1c18f479b57df59a8da4113b1d41d889a49b84a9e0d

Request headers

Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:24 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:28 GMT
ETag
77ebe1cb74c0ab78ffb356b4e990ef63
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729067.70369
Cache-Control
public, max-age=13590797
Content-Length
4794
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx8f9ff092a8294be296164-005f3f50badfw1
Expires
Sat, 21 Aug 2021 04:42:41 GMT
collect
www.google-analytics.com/j/ 		2 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=8376559&t=pageview&_s=1&dl=https%3A%2F%2Fwww.emuparadise.me%2F&ul=en-us&de=UTF-8&dt=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBACEABBAAAAC~&jid=735607392&gjid=1553973486&cid=1610831270.1615930165&tid=UA-311943-2&_gid=399923423.1615930165&_r=1&_slc=1&z=509366021
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.emuparadise.me
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
aIXlJ0wPOr6ijYaKlId8sQ.js
sc.tynt.com/script/sc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc.tynt.com/script/sc/aIXlJ0wPOr6ijYaKlId8sQ.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.88.26 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c725a3df28f1e5ee7df6d08047f98c58c4e1d29c1a7aa698244bedf4b82e69a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
46478
status
200 OK
x-xss-protection
1; mode=block
x-request-id
f2856f2a-ff29-4318-9d8a-5f3a3c22182f
x-runtime
0.002340
x-content-digest
f5b1ab5a3d5c41184c1272bb272d6cb98c953bab
last-modified
Sat, 13 Mar 2021 15:08:01 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=3600, public, s-maxage=172800
cf-request-id
08de8a9e560000cc4e94a16000000001
cf-ray
631113aa2da1cc4e-ZRH
x-rack-cache
fresh
expires
Sun, 14 Mar 2021 11:26:12 GMT
p
ic.tynt.com/b/ 		35 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ic.tynt.com/b/p?id=aIXlJ0wPOr6ijYaKlId8sQ&lm=0&ts=1615930164803&dn=RCIV&iso=0&t=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.184 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip184.208-100-17.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:18 GMT
last-modified
Fri, 16 Apr 2010 15:38:20 GMT
server
nginx/1.16.1
etag
"4bc8846c-23"
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID", CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
accept-ranges
bytes
content-type
image/gif
content-length
35
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
sic.js
cdn-sic.33across.com/1/javascripts/ 		439 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/javascripts/sic.js
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.38.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
9a38ed42fd72929c1cdebc651707cad6af2f236e309a77ccba91b25e5a2eef05

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:24 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 22:08:41 GMT
server
cloudflare
age
528342
x-powered-by
Love
etag
W/"603eb769-6ddca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=3600
cf-ray
631113aa9880cc46-ZRH
cf-request-id
08de8a9e9d0000cc464a9e7000000001
expires
Tue, 16 Mar 2021 22:29:24 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=17084928&ns__t=1615930164854&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=http...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1615930164854&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=htt...
0
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1615930164854&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9=&cs_ak_ss=1
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.20.130.64 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-130-64.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 21:29:24 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=17084928&ns__t=1615930164854&ns_c=UTF-8&cv=3.5&c8=Play%20classic%20video%20games%20on%20your%20computer%20or%20mobile%20device%20%7C%20Emuparadise&c7=https%3A%2F%2Fwww.emuparadise.me%2F&c9=&cs_ak_ss=1
Pragma
no-cache
Date
Tue, 16 Mar 2021 21:29:24 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
sic.css
cdn-sic.33across.com/1/stylesheets/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-sic.33across.com/1/stylesheets/sic.css
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.38.14 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Love
Resource Hash
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 02 Mar 2021 22:08:41 GMT
server
cloudflare
age
528348
x-powered-by
Love
etag
W/"603eb769-1c90"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=3600
cf-ray
631113ab7a1bcc46-ZRH
cf-request-id
08de8a9f260000cc4617102000000001
expires
Tue, 16 Mar 2021 22:29:25 GMT
ast.js
acdn.adnxs.com/ast/ Frame D7D9 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ast/ast.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
Content-Encoding
gzip
Age
23552
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
30966
X-Served-By
cache-lga21959-LGA, cache-hhn4035-HHN
Access-Control-Allow-Origin
*
Last-Modified
Tue, 09 Feb 2021 14:55:39 GMT
Server
nginx/1.13.10
X-Timer
S1615930165.088084,VS0,VE0
ETag
W/"6022a26b-15c8c"
Vary
Accept-Encoding
Content-Type
application/javascript
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 10 Feb 2021 14:55:43 GMT
Cache-Control
max-age=86402
Accept-Ranges
bytes
X-Cache-Hits
2, 47558
apstag.js
c.amazon-adsystem.com/aax2/ Frame 63CB 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:14:35 GMT
content-encoding
gzip
server
Server
age
889
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
EdcgM0I25iFpBWV9qBymjvMdyMcb5Prbr-uQaU0HnphsuWhPJTaNLg==
authorize
sic.33across.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sic.33across.com/authorize?usPrivacy=&version=3.14.0&agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&product=inview&userId=&sessionId=&publisherURL=https%3A%2F%2Fwww.emuparadise.me%2F&referrerURL=&publisherId=aIXlJ0wPOr6ijYaKlId8sQ&publisher=emuparadise.me&maxTouchPoints=0&navigatorPropsCount=56&viewportWidth=1600&viewportHeight=1200&screenWidth=1600&screenHeight=1200&screenAvailHeight=1200&devicePixelRatio=1&scrollX=0&scrollY=0&pageVisibility=visible&pageWidth=1600&pageHeight=1200&_=1615930165024&callback=_tynt_jp.ai0nbhg6n
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-110.static.steadfastdns.net
Software
/ Love
Resource Hash
3719639dfece97a334d11515af09822dd2774b88a3698a04339871773244d475
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-powered-by
Love
etag
W/"600-3Ji28x1MeWhZL3aW7JOf5NwaJ64"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
access-control-allow-origin
*
access-control-allow-credentials
true
content-type
text/javascript; charset=utf-8
access-control-allow-headers
X-Requested-With, Authorization
v2
de.tynt.com/deb/ 		4 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?id=aIXlJ0wPOr6ijYaKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:18 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
v2
de.tynt.com/deb/ 		4 B
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://de.tynt.com/deb/v2?m=xch&id=aIXlJ0wPOr6ijYaKlId8sQ&dn=RCIV&cc=1&r=
Requested by
Host: cdn.tynt.com
URL: https://cdn.tynt.com/rciv.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.187 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip187.208-100-17.static.steadfastdns.net
Software
/
Resource Hash
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:18 GMT
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-type
application/javascript
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length
4
expires
Sat, 26 Jul 1997 05:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 63CB 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
67609
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Tue, 16 Mar 2021 02:42:36 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 e7b88cadf742e342f39f17392af35c4f.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
M8KNA6GEUpqXuA03kz63B1xSUubGKFG8lj0bU2QavtZFhc6FNSEAcQ==
tags.js
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame 3EBC 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40223267adc012c6a36ddaa9c244ad14e87993bc9919cbcf87acdc218fd909e5

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14055
cf-request-id
08de8a9fd40000d7053f9a0000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
225
etag
17041138183642944922
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
631113ac8bb3d705-FRA
expires
Tue, 16 Mar 2021 22:29:25 GMT
smallpalm.gif
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/ 		204 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/graphics/smallpalm.gif
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ddccee94532e36265390e5c93503c8bc30525834a36ec19fd8aef385d3e842d9

Request headers

Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:52:31 GMT
ETag
0ce532e3d8ad76216db9cbc429e97689
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A52%3A13%20WEST
Content-Type
image/gif
X-Timestamp
1376729550.70383
Cache-Control
public, max-age=12877822
Content-Length
204
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx0986b50b64d94bbfb6ec5-005f346fb1dfw1
Expires
Thu, 12 Aug 2021 22:39:47 GMT
tags.js
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame 26EF 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40223267adc012c6a36ddaa9c244ad14e87993bc9919cbcf87acdc218fd909e5

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14055
cf-request-id
08de8a9fd60000d7055b9a0000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
390
etag
17041138183642944922
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
631113ac8bb5d705-FRA
expires
Tue, 16 Mar 2021 22:29:25 GMT
heart.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/heart.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
34a83b5deedbc6b2c2739d8189b62f5e9af1a46ebc75ec4e1b50a0a81c301f43

Request headers

Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:21 GMT
ETag
056b237483e2aa9886ee508ee7d31516
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729060.07849
Cache-Control
public, max-age=12092916
Content-Length
1767
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
txb50054b53a8b4715a3ef0-005f2875bbdfw1
Expires
Tue, 03 Aug 2021 20:38:01 GMT
tags.js
s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/ Frame B39B 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40223267adc012c6a36ddaa9c244ad14e87993bc9919cbcf87acdc218fd909e5

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14055
cf-request-id
08de8a9fdd0000d7053b82d000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
435
etag
17041138183642944922
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
631113ac9bc9d705-FRA
expires
Tue, 16 Mar 2021 22:29:25 GMT
UZMBXSqGIEY
www.youtube.com/embed/ Frame 09D4 		50 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/UZMBXSqGIEY
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21e199d83d59ba6255575e4e94c726c5a341fcda3f1d03865ed0718dfc8ae994
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/embed/UZMBXSqGIEY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 16 Mar 2021 21:29:25 GMT
strict-transport-security
max-age=31536000
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
set-cookie
YSC=kGI1H5q2Mrc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=UgbxuFnOgpw; Domain=.youtube.com; Expires=Sun, 12-Sep-2021 21:29:25 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+381; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rotd1.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/rotd1.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9272deaba258052abfdca7f8a720c98f972e76dfbff62b73d8411c76c3e5088c

Request headers

Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:24 GMT
ETag
3f52a8f58f072e8fe3f2c9d76dfb3b12
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729063.60991
Cache-Control
public, max-age=12724367
Content-Length
2921
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx86733566d5d64df291a38-005f3217d1dfw1
Expires
Wed, 11 Aug 2021 04:02:12 GMT
ui-bg_flat_75_6b91a4_40x100.png
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ 		213 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/images/ui-bg_flat_75_6b91a4_40x100.png
Requested by
Host: b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
URL: https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.108.144.152 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-144-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9835a69ecb524330162090fbfdd3c070e4598540584312915b1bfe547e258717

Request headers

Referer
https://b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com/comp/emuparadise-1537970211.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
X-Object-Meta-Cache-Control
public%2Cmax-age%3D31536000
Last-Modified
Sat, 17 Aug 2013 08:44:47 GMT
ETag
24cf03d9d2bc0538549d1237f451c2a5
X-Object-Meta-Expires
Mon%2C%2016%20Sep%202025%2009%3A43%3A47%20WEST
Content-Type
image/png
X-Timestamp
1376729086.72329
Cache-Control
public, max-age=12722559
Content-Length
213
Connection
keep-alive
Accept-Ranges
bytes
X-Trans-Id
tx5793e37ef18a4b8bb513d-005f321135dfw1
Expires
Wed, 11 Aug 2021 03:32:04 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3E3C 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
63e9a240ee3511a5ee44625ff99c3036112dda160ba0114118bb54eac2e5c9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"814 / 520 of 1000 / last-modified: 1615903004"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19754
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:25 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D7D9 		555 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3c9e41971a8a43eeb4a4b7a5a5c04323f9d8bf038dab81dad8b2ac7d0b0b5d93
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.253:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
dc9ce57e-30b3-44c7-a402-3029d73e85c3
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.emuparadise.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D7D9 		19 B
718 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 21:29:25 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.102:80
AN-X-Request-Uuid
f894aad9-2124-4fd7-9df5-96055c51a2df
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.emuparadise.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame D7D9 		556 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ast/ast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
03335f1a509ac5ccedc3ec1bc271122f4376b21d72f06087bccdd2c388820217
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 16 Mar 2021 21:29:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.135:80
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ed2fb255-41ba-4be6-9e2e-88979a5369d7
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.emuparadise.me
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
exchange
ssc.33across.com/api/ 		88 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/exchange
Requested by
Host: cdn-sic.33across.com
URL: https://cdn-sic.33across.com/1/javascripts/sic.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-248-59.compute-1.amazonaws.com
Software
/ 33Across
Resource Hash
c288271bcc1ba8345a3bb2f92c355864ae3cda997a9f418292fe6d1f7c2ea99f

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.emuparadise.me
access-control-allow-credentials
true
www-player-webp.css
www.youtube.com/s/player/b2e56c01/ Frame 09D4 		341 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b2e56c01/www-player-webp.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 15:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 00:15:17 GMT
server
sffe
age
107025
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52229
x-xss-protection
0
expires
Tue, 15 Mar 2022 15:45:40 GMT
www-embed-player.js
www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/ Frame 09D4 		161 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4e82bd8f567840279d47dc169ac57460b3195b6e9d8c138964534620fcbdce6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 15:45:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 00:15:17 GMT
server
sffe
age
107025
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59637
x-xss-protection
0
expires
Tue, 15 Mar 2022 15:45:40 GMT
base.js
www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/ Frame 09D4 		2 MB
505 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ec9dc99e8e7db9c1048749c68a76e2738e2a60ffa59dc79bad31f8f6eab5bba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 15:46:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 00:15:17 GMT
server
sffe
age
106993
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
517196
x-xss-protection
0
expires
Tue, 15 Mar 2022 15:46:12 GMT
fetch-polyfill.js
www.youtube.com/s/player/b2e56c01/fetch-polyfill.vflset/ Frame 09D4 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b2e56c01/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 15:45:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 00:15:17 GMT
server
sffe
age
107023
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3027
x-xss-protection
0
expires
Tue, 15 Mar 2022 15:45:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 09D4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.youtube.com
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 11 Mar 2021 19:41:25 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
438480
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Fri, 11 Mar 2022 19:41:25 GMT
pubads_impl_2021031001.js
securepubads.g.doubleclick.net/gpt/ Frame 3E3C 		284 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 09:39:15 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102356
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:25 GMT
displayAd.js
s.tribalfusion.com/ Frame 3EBC 		677 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a9011161e91a9025d71047a662a9a7365397db6b90c4be62d70d08b90b45b2

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
328
cf-request-id
08de8aa0910000d7052d96a000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
263
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
631113adbcded705-FRA
expires
Mon, 14 Jun 2021 21:29:25 GMT
displayAd.js
s.tribalfusion.com/ Frame B39B 		677 B
766 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654c3f5c543c41840f7671c9e6807a0de62bdce3125a32b795b460f015b8cbe6

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
329
cf-request-id
08de8aa0980000d7051f103000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
199
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
631113adbce5d705-FRA
expires
Mon, 14 Jun 2021 21:29:25 GMT
displayAd.js
s.tribalfusion.com/ Frame 26EF 		677 B
711 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6a9011161e91a9025d71047a662a9a7365397db6b90c4be62d70d08b90b45b2

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
328
cf-request-id
08de8aa0990000d7057681d000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
98
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
631113adcce9d705-FRA
expires
Mon, 14 Jun 2021 21:29:25 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 09D4
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
113 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
74757a4e7cee9276f80edcbb472a0d53d9b434f85d6eadea846606eff7cabaa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 16 Mar 2021 21:29:25 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 09D4 		29 B
90 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:26:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
age
201
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:41:04 GMT
remote.js
www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/ Frame 09D4 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4265eaa975ba51f71d28969829a092f38c84dd0ad29ded35534eefe503db5d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 15:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 00:15:17 GMT
server
sffe
age
106992
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32719
x-xss-protection
0
expires
Tue, 15 Mar 2022 15:46:13 GMT
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
www.google.com/js/bg/ Frame 09D4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 12 Mar 2021 16:32:42 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 18:00:00 GMT
server
sffe
age
363403
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Sat, 12 Mar 2022 16:32:42 GMT
embed.js
www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/ Frame 09D4 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d61ca3e7e8a15ea0b45ae62105c7fbb784d5f89137e0d5fd411f3d603511346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 15:46:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 00:15:17 GMT
server
sffe
age
106992
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7323
x-xss-protection
0
expires
Tue, 15 Mar 2022 15:46:13 GMT
truncated
/ Frame 09D4 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
AAUvwnheUIGP17SI5pxk2fKpCOrr0kYr7-SR_CYQekjBr0Y=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 09D4 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AAUvwnheUIGP17SI5pxk2fKpCOrr0kYr7-SR_CYQekjBr0Y=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
4de988825e637dc6d834c34d509a40b73b65f2daccb3923cb4434bd000a17bcc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 17:49:29 GMT
x-content-type-options
nosniff
server
fife
age
13196
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1343
x-xss-protection
0
expires
Wed, 17 Mar 2021 17:49:29 GMT
sddefault.webp
i.ytimg.com/vi_webp/UZMBXSqGIEY/ Frame 09D4 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/UZMBXSqGIEY/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94cdce9a2bdb45d48434bfd158b0bcf4a0c2be0cd354328dada35365ea5cfa49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 19:30:49 GMT
x-content-type-options
nosniff
server
sffe
age
7116
etag
"1418070261"
vary
Origin
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19130
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:30:49 GMT
j.ad
s.tribalfusion.com/ Frame B39B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=300x250&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&f=0&p=10089357&tKey=acmneMVVJfRPMwTtYPWb7SQVADUUAqxO&a=1&adContainerId=richmedia_2&rnd=10085348
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904b9ef9800d10a68b36b5724805edd284bcc8160e10af24666746048bec8e80

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1815
cf-request-id
08de8aa1950000d705648ac000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
435
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
631113af5e5ed705-FRA
expires
0
j.ad
s.tribalfusion.com/ Frame 26EF 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=160x600&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&f=0&p=10089357&tKey=avmneMTtJSmAQJmVMtmWrKQtQ0UUAl5o&a=3&adContainerId=richmedia_4&rnd=10088796
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91195dad806b4b551915daf1b1d36acde04ce33b920cb925a98a01b198248a52

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3903
cf-request-id
08de8aa1960000d7056dbf7000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
437
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
631113af5e60d705-FRA
expires
0
j.ad
s.tribalfusion.com/ Frame 3EBC 		824 B
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&loaderVer=0.1&site=emuparadiseorg&adSpace=atf&center=1&json=1&callback=e9Manager.setSingleAdResponse&env=display&size=970x250,728x90&busted=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&f=0&p=10089357&tKey=avmneMTtJSmAQJmVMtmWrKQtQ0UUAl5o&a=5&adContainerId=richmedia_6&rnd=10090552
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0451c6618bc970528456fe09331b1aea64c20892d29b8e578e31e41ab515032e

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
585
cf-request-id
08de8aa1960000d7052e0a7000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
631113af5e62d705-FRA
expires
0
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 09D4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3E3C 		462 B
839 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3490991929453421&correlator=1692169245523687&output=ldjh&impl=fif&eid=21068529%2C31060438%2C31060154%2C31060244%2C31060344%2C31060367%2C44733567&vrg=2021031001&ptt=17&sc=1&sfv=1-0-38&ecs=20210316&iu_parts=32867010%2CA_728x90_300x600_300x250_160x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C300x600%7C300x250%7C160x600&prev_scp=c%3D160%26r%3D110%26d%3Demuparadise.me%26g%3DaIXlJ0wPOr6ijYaKlId8sQ%26gd%3DaIXlJ0wPOr6ijYaKlId8sQ%253Adesktop%26cc%3D0%26pf%3D150%26ivt%3D20%26iva%3D63%26ivb%3D42%26ivc%3D33%26ivd%3D15%26ive%3D5%26ivp%3D88%26osr%3D86%26pre%3Dapnx%253Ae102%2Cttx%253A0%26pre_sz%3Dapnx%253A0x0%2Cttx%253A0x0%26tier%3Dapnx%253A0%2Cttx%253A0%26hb%3D0&cookie_enabled=1&cdm=www.emuparadise.me&bc=31&abxe=1&lmt=1615930165&dt=1615930165682&dlt=1615930165273&idt=308&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=150&oid=3&adxs=8&adys=57&adks=2571025403&ucis=ilpedhtijvfq&ifi=1&ifk=2323589808&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.emuparadise.me%2F&top=https%3A%2F%2Fwww.emuparadise.me%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=284x134&msz=284x90&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=2009675189&ga_fc=true&fws=256&ohw=0&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
f52fbe229dad0f89d6f23bc012d2c886c3cafc5e3b099c88aadbb0a7ccf4c779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
243
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.emuparadise.me
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2921a1983bf3d20d382a90a83f6db872.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E3C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://2921a1983bf3d20d382a90a83f6db872.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 3E3C 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
www.youtube.com/ Frame 09D4 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?rRVFaA
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/UZMBXSqGIEY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.youtube.com/embed/UZMBXSqGIEY
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 26EF 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f01896091a084104c84263fff729df8827eb74bf6cdc9462edd43ce3d7e412a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34924
x-xss-protection
0
server
cafe
etag
6252260368082626762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 21:29:25 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B39B 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b5ccfd601813e09d5ae117f252fb69e1b4b4d9324cee665b781e01ee21c89a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34921
x-xss-protection
0
server
cafe
etag
1741272933306111238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 21:29:25 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/ Frame 26EF 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
476e55b7d10aaeb7ddd39212d5a22f590ac9355c2356fe7075b8c52f207edae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86502
x-xss-protection
0
server
cafe
etag
2199629402476109975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 21:29:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210310/r20190131/ Frame 2639 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210310/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210310/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkTBHx8CH978NTvq8-Q1CQ0nO0Y2_aj2pPyf59VlZDq_DDOw8W2Bk8SNe8F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Tue, 16 Mar 2021 19:09:00 GMT
expires
Tue, 30 Mar 2021 19:09:00 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
8425
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p.media
s.tribalfusion.com/ Frame 8659 		302 B
364 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aHmTR8RUjr1E3s5q7l5aY1oTJKXF38UWFXoPYZcmcMwodMA2EMh5tAn4PZbZbnrnEXc7XYs34XGjppE7T3UFVTUbFW6Y2QavXScFoStfr0WBuVmby2Gn3YrnZaVmmw46Zb8PAnA4WUyXHQLpdAo4mQS5cQ7Vc37UsfeRPUuTdFWWrbP3r2pUqYvWqFaPTMIRsQIPFusSdMaVGrQ4rTvmWuO0qep4dbEVcftwW6XHJ&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b26f556876de085b6c553a279dc07e31281ad46eac3ef494bab4d75c7d3a811f

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aHmTR8RUjr1E3s5q7l5aY1oTJKXF38UWFXoPYZcmcMwodMA2EMh5tAn4PZbZbnrnEXc7XYs34XGjppE7T3UFVTUbFW6Y2QavXScFoStfr0WBuVmby2Gn3YrnZaVmmw46Zb8PAnA4WUyXHQLpdAo4mQS5cQ7Vc37UsfeRPUuTdFWWrbP3r2pUqYvWqFaPTMIRsQIPFusSdMaVGrQ4rTvmWuO0qep4dbEVcftwW6XHJ&mediaDataID=6807466&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
434
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2900000d7054f08c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0effcd705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame BE1C 		230 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1dbxWPnw4srVXr3ZaTATw2AMdQA7K2tYs1WnKpdiM4mrR5sMgTGBlWsbgPPQmWt3WUrM05rIpWTUnWqUdSTJKQVjCQUAvRW79WcY25rqqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXanO5aZbe5E7XmaMHXUJ7TWjVmm3DnsjwmHfJ5EZbg0WiFxQfwDA&mediaDataID=6680176&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0198672078ef55a4f30d2410a6497f2d55be965ccdec99b38a58e4f12be037ad

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aJmTR8ScUsStZbO1dbxWPnw4srVXr3ZaTATw2AMdQA7K2tYs1WnKpdiM4mrR5sMgTGBlWsbgPPQmWt3WUrM05rIpWTUnWqUdSTJKQVjCQUAvRW79WcY25rqqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXanO5aZbe5E7XmaMHXUJ7TWjVmm3DnsjwmHfJ5EZbg0WiFxQfwDA&mediaDataID=6680176&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
468
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2910000d70544bc4000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0effdd705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame C795 		201 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJLRbeqPWjbUVUS2UTrmtZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaYp3T3h2a3RnqFIYbUcUdj1nAYZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPt7u0dFwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJvi9ZaAS&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2720e283fb9cf4e5ffdbba290c0d563ccedecc8537971cd6b7668bd6b36523b6

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aLmTR8STYZcQVJLRbeqPWjbUVUS2UTrmtZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaYp3T3h2a3RnqFIYbUcUdj1nAYZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPt7u0dFwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJvi9ZaAS&mediaDataID=7665496&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
324
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2920000d705921ff000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0efffd705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 45EC 		324 B
367 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdSVFD5PUHoHZarUW770bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EM2oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQMw7yat&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c630d95f52bcabc37edd62982500d487ee97f36b54a5627bffeca6f4723159ba

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdSVFD5PUHoHZarUW770bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EM2oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQMw7yat&mediaDataID=5436426&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
812
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2930000d705458fd000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0e800d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 49B9 		279 B
524 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb7TdbWoPMIpGfpptYB2Er75dAn46bGnUnZbYGYP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWAvN4sJ00UnDUPTw4AZbdQPnD2tBmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavPWv9UcfV5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUrM4f2Y&mediaDataID=9148826&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83d3a0900f072692b80508a2776cedcc0dabf2dd73beac1b03f76e169ae6825f

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=apmTR8oTbD1rZb7TdbWoPMIpGfpptYB2Er75dAn46bGnUnZbYGYP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWAvN4sJ00UnDUPTw4AZbdQPnD2tBmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavPWv9UcfV5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUrM4f2Y&mediaDataID=9148826&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
98
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2940000d70569314000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0e801d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame EEAB 		242 B
294 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=armTR84sY40UUITmqv26v7R6BC2tMM1WvAptiM4A3Y5Vv9UcvdUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQGFJPUAnSdM6UVjP2F2xnHZaOXaex2H3ZbQVBD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXFJdTdj0n6fLns7rpdrB2T3l3HEy5mrGprbE0GfQ4GYjNDSN1S&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4253b8b215f5579facba0eb01333d3d2e3c16c576d7502b75472e432cd45ef3

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=armTR84sY40UUITmqv26v7R6BC2tMM1WvAptiM4A3Y5Vv9UcvdUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQGFJPUAnSdM6UVjP2F2xnHZaOXaex2H3ZbQVBD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXFJdTdj0n6fLns7rpdrB2T3l3HEy5mrGprbE0GfQ4GYjNDSN1S&mediaDataID=4056396&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
482
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2940000d7058cbe8000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0e802d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 906C 		309 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=atmTR8UVMT2FuootapXa2w4dfFPcJG5AnHmtepUtZbhXFMdXUffXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUk2qrYmqFAXUJgWHrWoAUBmcYwoWfG3EQk2Han3AbGnFbZcXcbP1c3UXVfwpTb42FUVVUZbFUArXRTn1Qc3tPtUOYt7uVmbu4srU0bQLV6Tt5mZb8PPMF3tQt1HQZcnWem5PZbY3sjgVcJcPG7YqvYAOB&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad0a326c458274dbf46e0a37084e0fc91a0d301a82596c5146cc78d8d199917

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=atmTR8UVMT2FuootapXa2w4dfFPcJG5AnHmtepUtZbhXFMdXUffXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUk2qrYmqFAXUJgWHrWoAUBmcYwoWfG3EQk2Han3AbGnFbZcXcbP1c3UXVfwpTb42FUVVUZbFUArXRTn1Qc3tPtUOYt7uVmbu4srU0bQLV6Tt5mZb8PPMF3tQt1HQZcnWem5PZbY3sjgVcJcPG7YqvYAOB&mediaDataID=8039566&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1415
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2960000d705860a1000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0f806d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame D8EC 		259 B
325 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=avmTR8WHbSoAnLncUupd7A5E3g2HEo3mBGpbULYcr0YGQ51GJxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvoTmnu2Vv3YrQBVmar2PneQAFK2HZbs0WUJntIM363Y5Gj6TGFdUcb7PAUvWdY3Tbj03r6pUqvrTE3bQTQZdRVQIRr6vRW7dUVQ54bPnmdEtYTev2WbAPcfE56YJoWiNTd3h0bfk1UYe3EeGxZdT0oT&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fe80ddb8795f462b0daf46041199cf5a2350ee54b012b0c8cb4951d86181489

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=avmTR8WHbSoAnLncUupd7A5E3g2HEo3mBGpbULYcr0YGQ51GJxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvoTmnu2Vv3YrQBVmar2PneQAFK2HZbs0WUJntIM363Y5Gj6TGFdUcb7PAUvWdY3Tbj03r6pUqvrTE3bQTQZdRVQIRr6vRW7dUVQ54bPnmdEtYTev2WbAPcfE56YJoWiNTd3h0bfk1UYe3EeGxZdT0oT&mediaDataID=2713736&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
518
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2960000d7059709d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0f808d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame F9B0 		213 B
305 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=axmTR8Vmqn2PU9QArB2WYsXWrZdptaw4PvY3c3bUGUjWGfhSPruWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrupPWrdWs3W5bumodym0qTp3H3ZdQVrE26vZcptZapVWZbhXUfaYrUfXaiNPrYGWU3SWdY3mbjmRU7o1TQs5TFk5a7XoTbIYbU8WHJXn6vZcmGvopdfD3qZbk2Wis4PfInFQGXsb01cFVXGvwsqbbM4RaP4&mediaDataID=6347136&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab16a1ad496f459be07367c6971b30989700db351a07be650550ac2263c58cb4

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=axmTR8Vmqn2PU9QArB2WYsXWrZdptaw4PvY3c3bUGUjWGfhSPruWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrupPWrdWs3W5bumodym0qTp3H3ZdQVrE26vZcptZapVWZbhXUfaYrUfXaiNPrYGWU3SWdY3mbjmRU7o1TQs5TFk5a7XoTbIYbU8WHJXn6vZcmGvopdfD3qZbk2Wis4PfInFQGXsb01cFVXGvwsqbbM4RaP4&mediaDataID=6347136&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2960000d7052991d000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b0f809d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/ Frame B39B 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
476e55b7d10aaeb7ddd39212d5a22f590ac9355c2356fe7075b8c52f207edae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86502
x-xss-protection
0
server
cafe
etag
2199629402476109975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 21:29:25 GMT
p.media
s.tribalfusion.com/ Frame 6621 		373 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbvkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaMn3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJMhBB1w&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfbb4513e0ac4c42361b2b239c2f4a1c2e10fba9bfc81821b682da58c3041095

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbvkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaMn3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJMhBB1w&mediaDataID=6546596&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
219
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2b10000d70564008000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b1183cd705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame C1CB 		275 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvdUGMV4FmoodAoYq2v3d3ZdSVFD5PUHoHZarUW770bY7XFje0aaMRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EY4oTrH1rffTdFXmPfZcnsvpptYG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWA3x2GJ3YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQNXKeo2&mediaDataID=6530936&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cbf6de3b1cd3e825dc1f6d8eddb1695ff6f0b8cca5a8e911e86102b9d3a619c

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=anmTR8Rr6oPHvdUGMV4FmoodAoYq2v3d3ZdSVFD5PUHoHZarUW770bY7XFje0aaMRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EY4oTrH1rffTdFXmPfZcnsvpptYG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWA3x2GJ3YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQNXKeo2&mediaDataID=6530936&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
528
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2b10000d705212b9000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b1183ed705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 5CE8 		447 B
422 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb9UWJQn6UIpGUvpdMG2qr75dAn46bGnUnZbYGYP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWA3m4sJ00UnDUPTw4AZbdPPFE3HYmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavSdQcUGUP5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUOtDF8p&mediaDataID=6719746&mediaName=frame.html
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee15fb2bcca127e2d2a69ee5c69bca55d68b15c62ac9a43f227d03f378fd83ab

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=apmTR8oTbD1rZb9UWJQn6UIpGUvpdMG2qr75dAn46bGnUnZbYGYP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWA3m4sJ00UnDUPTw4AZbdPPFE3HYmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavSdQcUGUP5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUOtDF8p&mediaDataID=6719746&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=arntPKNZaiMsAmemFmDws4GiSBtYbRHO4HTZcyAAr120CUWRXZbG1YYDGhB41Q1mE0cCA54tg1hYE6H3TtK7utFZbv9JsAfV
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dd41d3072de4c77145bb25f0d7e4fdd371615930165; expires=Thu, 15-Apr-21 21:29:25 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
461
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08de8aa2b20000d70596bda000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
631113b11841d705-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cookie.js
partner.googleadservices.com/gampad/ Frame 26EF 		204 B
409 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3662e730660123dee499c32eb0257f23761ca6d837d79344eb1715784520d6b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 26EF 		107 B
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 26EF 		107 B
553 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9BB5 		89 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a74a80d43a37c518ea91c88f9dc8bb8629bcce019628e59736d2d2a4fb3e7ad8
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXPnPzgte8CFZGWmgodRfEJMg&gqi=NiNRYJWlAZXLygWBnpLQBw&layout=/sadbundle/%24csp%253Der3%24/12156485942197279468/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkTBHx8CH978NTvq8-Q1CQ0nO0Y2_aj2pPyf59VlZDq_DDOw8W2Bk8SNe8F
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXPnPzgte8CFZGWmgodRfEJMg&gqi=NiNRYJWlAZXLygWBnpLQBw&layout=/sadbundle/%24csp%253Der3%24/12156485942197279468/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Mar 2021 21:29:26 GMT
server
cafe
content-length
33244
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 26EF 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615840876344261"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28211
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:26 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame B39B 		204 B
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
73072df2ceee0b19042a48dc6df79d2ac088b9674a7fa454d8feb6e012c3a81b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B39B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B39B 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B056 		92 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
efb256db1f146bc6eec35caaa907522e7deb2b699374a0b1b293e80829d0c884
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMz2nfzgte8CFaTAOwId8WcFUA&gqi=NiNRYO_LAvuNxdwPja2yyAo&layout=/sadbundle/%24csp%253Der3%24/6479936331557284480/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMz2nfzgte8CFaTAOwId8WcFUA&gqi=NiNRYO_LAvuNxdwPja2yyAo&layout=/sadbundle/%24csp%253Der3%24/6479936331557284480/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Mar 2021 21:29:26 GMT
server
cafe
content-length
34542
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame B39B 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615840876344261"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28211
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3E3C 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00894913a7543e134c06713d0c30bf0cd514d192d68f3dc4ad4dcb1c8e9e3e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6520
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3E3C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031001.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:26 GMT
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 906C
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662209753510065&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209753510065
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209753510065
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=atmTR8UVMT2FuootapXa2w4dfFPcJG5AnHmtepUtZbhXFMdXUffXaEoSrMGUUQSVWBUmbJpRU7y1T3s5TUk2qrYmqFAXUJgWHrWoAUBmcYwoWfG3EQk2Han3AbGnFbZcXcbP1c3UXVfwpTb42FUVVUZbFUArXRTn1Qc3tPtUOYt7uVmbu4srU0bQLV6Tt5mZb8PPMF3tQt1HQZcnWem5PZbY3sjgVcJcPG7YqvYAOB&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
144.25.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
896
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b229ded705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209753510065
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08de8aa35e0000d7054a93e000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 8659
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662209753510065&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209753510065
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209753510065
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aHmTR8RUjr1E3s5q7l5aY1oTJKXF38UWFXoPYZcmcMwodMA2EMh5tAn4PZbZbnrnEXc7XYs34XGjppE7T3UFVTUbFW6Y2QavXScFoStfr0WBuVmby2Gn3YrnZaVmmw46Zb8PAnA4WUyXHQLpdAo4mQS5cQ7Vc37UsfeRPUuTdFWWrbP3r2pUqYvWqFaPTMIRsQIPFusSdMaVGrQ4rTvmWuO0qep4dbEVcftwW6XHJ&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.181.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-32-181-48.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1615930167
x-served-by
beacon-n009-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b229ddd705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209753510065
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08de8aa35d0000d70529927000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame BE1C
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662209753510065&redirectId=1001
  • https://a.tribalfusion.com/i.match?p=b21&u=78553bc5ec6f4f1e97ebd3b89f18feba
43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b21&u=78553bc5ec6f4f1e97ebd3b89f18feba
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbO1dbxWPnw4srVXr3ZaTATw2AMdQA7K2tYs1WnKpdiM4mrR5sMgTGBlWsbgPPQmWt3WUrM05rIpWTUnWqUdSTJKQVjCQUAvRW79WcY25rqqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXanO5aZbe5E7XmaMHXUJ7TWjVmm3DnsjwmHfJ5EZbg0WiFxQfwDA&mediaDataID=6680176&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b2da78d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa3cc0000d7053b859000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 21:29:26 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://a.tribalfusion.com/i.match?p=b21&u=78553bc5ec6f4f1e97ebd3b89f18feba
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1615930166012094-397
Expires
Tue, 16 Mar 2021 21:29:26 GMT
tap.php
pixel.rubiconproject.com/ Frame 45EC
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662209753510065&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209753510065&expires=180
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209753510065&expires=180
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdSVFD5PUHoHZarUW770bY7XFje0a6MRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EM2oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQMw7yat&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b229dfd705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209753510065&expires=180
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08de8aa35e0000d705329e3000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame D8EC
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662209753510065&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=kLSc%2F99999Yp1NaQ
43 B
860 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b3&u=kLSc%2F99999Yp1NaQ
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=avmTR8WHbSoAnLncUupd7A5E3g2HEo3mBGpbULYcr0YGQ51GJxpTJQ2FnWVFbZcW6fVPTMYScYOSdZbO1tvoTmnu2Vv3YrQBVmar2PneQAFK2HZbs0WUJntIM363Y5Gj6TGFdUcb7PAUvWdY3Tbj03r6pUqvrTE3bQTQZdRVQIRr6vRW7dUVQ54bPnmdEtYTev2WbAPcfE56YJoWiNTd3h0bfk1UYe3EeGxZdT0oT&mediaDataID=2713736&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b38b46d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa4330000d7051f12a000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://a.tribalfusion.com/i.match?p=b3&u=kLSc%2F99999Yp1NaQ
Date
Tue, 16 Mar 2021 21:29:26 GMT
Connection
keep-alive
Content-Length
0
BK-Server
483f
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
i.match
a.tribalfusion.com/ Frame C795
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662209753510065
  • https://a.tribalfusion.com/i.match?p=b23&u=164990103727001582335
43 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b23&u=164990103727001582335
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJLRbeqPWjbUVUS2UTrmtZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbMkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaYp3T3h2a3RnqFIYbUcUdj1nAYZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPt7u0dFwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJvi9ZaAS&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b2ba65d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa3b70000d705648c3000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://a.tribalfusion.com/i.match?p=b23&u=164990103727001582335
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
i.match
a.tribalfusion.com/ Frame 6621
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=aec8fc3d-8ef6-47fa-9e2a-1fbf0b770a13
43 B
491 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=aec8fc3d-8ef6-47fa-9e2a-1fbf0b770a13
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaO0aXy3HvZdQc7F5mvZbmdepUHb6XbvkYrQ70qirPb3ZdWFYYVtJ3obFmPrZbsXaMn3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQLU6yq46vgPPnK4WZbOXWBLsHAJMhBB1w&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b2ba61d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa3b50000d7054ba81000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
server
OXGW/16.202.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=aec8fc3d-8ef6-47fa-9e2a-1fbf0b770a13
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
i.match
a.tribalfusion.com/ Frame EEAB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662209753510065
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEICHOJMhvFIBb6277owVbgs&google_cver=1&google_ula=2786954,0
43 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEICHOJMhvFIBb6277owVbgs&google_cver=1&google_ula=2786954,0
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=armTR84sY40UUITmqv26v7R6BC2tMM1WvAptiM4A3Y5Vv9UcvdUcZbjSAnvUdQ3UUrR3rEmUqvxTEQbQTBZdQGFJPUAnSdM6UVjP2F2xnHZaOXaex2H3ZbQVBD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJIXFJdTdj0n6fLns7rpdrB2T3l3HEy5mrGprbE0GfQ4GYjNDSN1S&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b27a21d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa38c0000d7055b9cb000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEICHOJMhvFIBb6277owVbgs&google_cver=1&google_ula=2786954,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 337C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Mar 2021 15:19:39 GMT
expires
Wed, 16 Mar 2022 15:19:39 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22187
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 337C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197947
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3E3C 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031001&jk=3490991929453421&bg=!zc6lzo3NAAUO7zDoDjsAKQB2-DxaIfBD5ljpYq8jU2vqeexInw1Frvp1LRsTL7b1kF5q43M1mVUGAgAAAFhSAAAAC2gBBwoAc-HVtJKoFXhHVh8tW8mFKHNkgQIFb-czyTpvgPnY8yQkok35Y9lJ9a7bUntL98fPu7iiAMOdHQmWwQGPF-86YPjQZO8CD2BAbKOi4bNvZ9JdwpeyJj3r-3s_8dg3nseexvLg6tbT4ZgMU6W-dZOc3k_0DxiZAgRTKHvvyHE1o-tbHEukBA8NGMPxgE3O1eKJrOORP1hwHKOL8Cb4Kg2VtF1_xouYh58yAxVO2LzKh4XRw5DFuP3Arb8W5ZMhQEm26f6X-YjcH6QTe65QFEKeFz6Z5DVt6eeI7y1jbgqq0Dfo10FydawiTyfQ857Qq1hG3AQCVdS-PpFHRij_P8KJLMis3W8TtgaGNUkt9kakiMg8XQ7OIIXmMz4l0SnxCBxTqk2SFRUY6hQXV4cnBqxFxk4BFjcc7Y2zsN2KlLi8JMMIY__9rZEr18tKm5e7MqDqlmNRbidDGjxgH1PjIszRFx62ARV8KM0cDWt_Sx6NA1F9a5LMVW_P2M5Fe1KFE-QnTzPJ9lQrH6jRScYtdqDZj70qczBwi2DM1nEcBBCx4s36gfD4FzUM1NzIBea6jmZ9SKEJZqQ4TAjhBAD8Pso7WL2b9LFTynWtzhRfJlGkEPnxx69hn4Ren2Q-QzIrBjmXEN580l4Kq20lrjX6mFrGTwx-ABYXbvsO00Q-2jHWDPYOEdXiXFTPSlIgVk0Fzd0OwSKWlkmnUnfJsXNMl6oKid1kHWWvupwpFlpkbSclHsMdEcJBzm0rRK0B5gt-DoIutmz2qAMLPNBvgxm-hz6MCVmIHYZQfurj_hNM9dU1ZsjRfy16df0GXQBBbpyZcyJZ6JxeDkbxv5iiJQk
Requested by
Host: www.emuparadise.me
URL: https://www.emuparadise.me/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3EBC 		96 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/real/tags/EmuParadiseorg/ATF/tags.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b5ccfd601813e09d5ae117f252fb69e1b4b4d9324cee665b781e01ee21c89a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34921
x-xss-protection
0
server
cafe
etag
1741272933306111238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 21:29:26 GMT
i.match
a.tribalfusion.com/ Frame 49B9
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209753510065&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209753510065&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=af20724f-869e-11e...
  • https://a.tribalfusion.com/i.match?p=b19&u=af207202-869e-11eb-a213-16877d165006
43 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b19&u=af207202-869e-11eb-a213-16877d165006
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb7TdbWoPMIpGfpptYB2Er75dAn46bGnUnZbYGYP1crY1VZbwnTj43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWAvN4sJ00UnDUPTw4AZbdQPnD2tBmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavPWv9UcfV5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUrM4f2Y&mediaDataID=9148826&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b5fdcfd705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa5be0000d705860c5000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 16 Mar 2021 21:29:26 GMT
Server
nginx
Location
https://a.tribalfusion.com/i.match?p=b19&u=af207202-869e-11eb-a213-16877d165006
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
64
Connection
keep-alive
Content-Length
43
i.match
a.tribalfusion.com/ Frame C1CB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209753510065&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D
  • https://dsum-sec.casalemedia.com/rrum?cm_dsp_id=131&external_user_id=18072662209753510065&cb=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db20%26u%3D&C=1
  • https://a.tribalfusion.com/i.match?p=b20&u=YFEjNufHVQ8UgNxr3ROKuwAA
43 B
489 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b20&u=YFEjNufHVQ8UgNxr3ROKuwAA
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvdUGMV4FmoodAoYq2v3d3ZdSVFD5PUHoHZarUW770bY7XFje0aaMRFBZdUFY1Tt3UobJnPUrq1TQt5qji5EY4oTrH1rffTdFXmPfZcnsvpptYG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWA3x2GJ3YrZbJTAir5mQ6QmjE2dvM0dZbApd2o36BRXVnQNXKeo2&mediaDataID=6530936&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b5fdc6d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa5bb0000d70529943000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 16 Mar 2021 21:29:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://a.tribalfusion.com/i.match?p=b20&u=YFEjNufHVQ8UgNxr3ROKuwAA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
255
Expires
Tue, 16 Mar 2021 21:29:26 GMT
i.match
a.tribalfusion.com/ Frame 5CE8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622097...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%253A//simage2.pubmatic.com/AdServer/Pug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%2526piggybackCookie%253D180726622097...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw&piggybackCookie=18072662209753510065&r=https%3A//a.tribalfusion.com/i.match%3Fp%3Db11%26u%3D%24%7BPUBMATIC_U...
  • https://a.tribalfusion.com/i.match?p=b11&u=14901601-4B51-4906-B1EE-B1A217D511F6
43 B
671 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b11&u=14901601-4B51-4906-B1EE-B1A217D511F6
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb9UWJQn6UIpGUvpdMG2qr75dAn46bGnUnZbYGYP1crY1VZbwnTf43rZb4VUfGUArVRTM1QcZbtSdBN1WBmWA3m4sJ00UnDUPTw4AZbdPPFE3HYmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavSdQcUGUP5b6nmWqmYTqx3trBQsBZc4AFHmdXyVWQ65FrUOtDF8p&mediaDataID=6719746&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b888b2d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa7530000d7052a8a4000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 16 Mar 2021 21:29:27 GMT
X-lat
lhrpug005:0:556
Server
nginx
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Location
https://a.tribalfusion.com/i.match?p=b11&u=14901601-4B51-4906-B1EE-B1A217D511F6
Cache-Control
no-store, no-cache, private
Connection
keep-alive
bg_300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/bg_300x250.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea35543b772514bff4f7078b02a469d5390c44f068c11abf4154d6f508ade1b8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9310
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
sm_car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/sm_car.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f52fcaad39fb61ed178796dcc4e97b42933cb23b4547cb8a46be18ad0f406057
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5248
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
gun_2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/gun_2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebc0f207781486fc7dde23d81868a8d1107656031c87103e337abfee7ab50dbe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1371
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
exp.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/exp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2f05f8e01af4400f7e8ef47aaec6245ed6904b9552fee0f2448a80225adf1bc5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1715
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
gun_1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/gun_1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f535c47b77978bfb9f03aa2cfe9d9e4a17ae8a8eaf44b6464c54d44d66f43fb
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5410
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
car.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/car.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c74bb5c1458b133170c0151c5fafcf56f0fb2cf110f5fe17da942fd1074ba4fe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
344041
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57481
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Fri, 12 Mar 2021 21:55:25 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 21:55:25 GMT
logos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/logos.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49aca7ccb818a50f7a6561a332134a44d47f868550e97eb6d25f57cc4755130d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1059
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
button.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/button.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e498f3b097a3ec0d7bac08c85fb412497dd21cb14f0498f2c0df630042ee9cd
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7001
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
new_veh.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/new_veh.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
01e45a16046c93a2ef181433dba24e253cbdbe4910a3fa3b3ca197c50c9e68fc
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3691
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
new_gun.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/new_gun.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3638bd6ab11bf9c873ee5f541ebc394314779480f0bb15b264bf68a54642b02
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3292
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
new_cha.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/new_cha.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d43bec55c2b869d4be312e1107dd87eda62d2fe4ea33ac9f37b8e1271a8d8d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5270
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
XO.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/ Frame B056 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/XO.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80abef344a0bbe5285dfd4a48eee982f8ee404d1a7b62a90673ab7077570c1ec
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4865
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
anim.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/_ssr/ Frame B056 		152 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6479936331557284480/_ssr/anim.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
25562b9d70816656e6aad12af08bfb418a7ed70554ec2aff892931f4298529d0
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
431850
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25178
x-xss-protection
0
last-modified
Mon, 28 Sep 2020 03:02:35 GMT
server
sffe
date
Thu, 11 Mar 2021 21:31:56 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Mar 2022 21:31:56 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/ Frame B056 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5d7a28c9d4b8b842b5dd259ae0ee10b5366b532a90e2881d8ed17f3da9b645f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7126
x-xss-protection
0
server
cafe
etag
11114773310340928782
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:27:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame B056 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
6751271179024913178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:29:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B056 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615840882416834"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34604
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame B056 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5996
x-xss-protection
0
server
cafe
etag
15528521553155206461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:28:55 GMT
l
www.google.com/ads/measurement/ Frame B056 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXrI9siUXJZIXyJSQrNd-hXxK2POukh_13hCrynNb4OIEU8K1UCdHfoUyZhozB08tw767sxpUJjgsHQap0kLq80QI5XA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/ Frame 3EBC 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
476e55b7d10aaeb7ddd39212d5a22f590ac9355c2356fe7075b8c52f207edae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86502
x-xss-protection
0
server
cafe
etag
2199629402476109975
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 16 Mar 2021 21:29:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B056 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CT_XUNiNRYMyDA6SB78EP8c-VgAWY-pq5Tcu9zM6hCMjv-ufFIhABIKrtxkJglYq4gsgHoAHtzf2ZA8gBCakCPBdRQqr5sz6oAwHIA0iqBL0BT9BAb2sLYPwcHNSjxdHXFkD7OmVtzoAMI4bn8xi4NTZd0K6wG9NEaf4T9InlyBsJ7grfJpolAHhJOHI6VxXY0aP7tucR6OA293Q3k20zxIrRdana2kavOj2LvAs22UUfczdCeet16hlDSz9iJ6EbxilxZDuOnR-i48BbW04c-0As2kHI7SbvzJiZt4w_GJe4YfNT0i4jR-D3T5eLLiO9t2nWfq8A2h8xaLX_1wrjqne9LNlgZJwWAPi3F5xMwASplJuckwGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH7a-CZqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDWsxnSCAkIgOGAEBABGB-ACgHICwHYEwKyFxoKGAgAEhRwdWItODM0OTM5NzMxMzY3NjM4NQ&sigh=wCJ3hhDfba8&template_id=419&tpd=AGWhJms1sdMdyJuN5AfJxX3zU6gTf4_TWE4cAXXIKXvPdJXCkA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 16 Mar 2021 21:29:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame B056 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197947
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 32BD 		143 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Mar 2021 21:23:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
366
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame B056 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ac0cb50eb29f9e15069680ccb0093fdca7faefc603c0892664b6b3dd125682d6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame B056 		0
88 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMz2nfzgte8CFaTAOwId8WcFUA&gqi=NiNRYO_LAvuNxdwPja2yyAo&layout=/sadbundle/%24csp%253Der3%24/6479936331557284480/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/ Frame 22C4 		145 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55462839d9801e93af44e1d4d11cb92676f599032a610a23e906f24a65838537
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/12156485942197279468/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 11 Mar 2021 06:08:53 GMT
expires
Fri, 11 Mar 2022 06:08:53 GMT
last-modified
Tue, 03 May 2016 14:44:13 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
48216
age
487233
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 9BB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgB9WNiNRYJXcAZGt6gTF4qeQA-CAh4pa5JTxnJgKtfyEpeQYEAEgqu3GQmCViriCyAegAcGFhf8DyAEJqQIjlHKJzPSzPqgDAcgDSKoErwFP0MrGbr1lt9m9tdaagthwafHgLGWi7OZXx1e3dvCFwzV2M-uCKy5RTIKztq8N7rbXUC-3VFMowE2wWAg2TbvB10id0QORD6u6gs8SS-sJXjoxiOy2GRfJEdTMY2msLXeTLHaMI6k4etIvC8JQBc4g3movXySEoIvxRYZcIwgfp27Yx1dFC8cWoAKNFPtJoXjjcZMM9N6eRj3fVP0EJfxTHCXLLM7q_LBZQg7UIFvbwAS6zsDicZIFBAgEGAGSBQQIBRgEoAYugAen-nqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ2cBZ0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTgzNDkzOTczMTM2NzYzODU&sigh=5uh7_lsyWAE&template_id=419&tpd=AGWhJmsjMevDNq6C6p4hlEEFm5w0kNPAMHRrC93PlZB02-D4-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 16 Mar 2021 21:29:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/ Frame 9BB5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5d7a28c9d4b8b842b5dd259ae0ee10b5366b532a90e2881d8ed17f3da9b645f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
141
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7126
x-xss-protection
0
server
cafe
etag
11114773310340928782
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:27:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame 9BB5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
6751271179024913178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:29:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9BB5 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615840882416834"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34604
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame 9BB5 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5996
x-xss-protection
0
server
cafe
etag
15528521553155206461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:28:55 GMT
l
www.google.com/ads/measurement/ Frame 9BB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGGlgVN4zll5gecVheROJ9CvNxOFd6LALZ2dDLwU82KqLcLnUXbknw6JvyMszXi-zK-CUYxHgfGOol4_fI17SooLfJ8g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame 3EBC 		12 B
221 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.emuparadise.me&callback=_gfp_s_&client=ca-pub-8349397313676385&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 3EBC 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3EBC 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.emuparadise.me
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FABF 		89 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8904e0a7c240a0a799bf4873ac2ffca3284498a9a7d4661eced58f1d6e88d78
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2Jy_zgte8CFYKsmgodgOYGOA&gqi=NiNRYN3aL_OJxdwPseSquAc&layout=/sadbundle/%24csp%253Der3%24/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2Jy_zgte8CFYKsmgodgOYGOA&gqi=NiNRYN3aL_OJxdwPseSquAc&layout=/sadbundle/%24csp%253Der3%24/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 16 Mar 2021 21:29:27 GMT
server
cafe
content-length
33190
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 3EBC 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615840876344261"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28211
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:26 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9A67 		143 B
165 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Mar 2021 21:23:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
366
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
i.match
a.tribalfusion.com/ Frame F9B0
Redirect Chain
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true
  • https://pixel.advertising.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true&apid=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8
  • https://ups.analytics.yahoo.com/ups/57628/sync?uid=18072662209753510065&_origin=1&redir=true&apid=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8&verify=true
  • https://a.tribalfusion.com/i.match?p=b17&u=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8
43 B
508 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b17&u=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=axmTR8Vmqn2PU9QArB2WYsXWrZdptaw4PvY3c3bUGUjWGfhSPruWdrRTbJ13bIuWTbxVEQdSTUHQGJIPrupPWrdWs3W5bumodym0qTp3H3ZdQVrE26vZcptZapVWZbhXUfaYrUfXaiNPrYGWU3SWdY3mbjmRU7o1TQs5TFk5a7XoTbIYbU8WHJXn6vZcmGvopdfD3qZbk2Wis4PfInFQGXsb01cFVXGvwsqbbM4RaP4&mediaDataID=6347136&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
631113b8c906d705-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08de8aa7810000d705651b3000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 16 Mar 2021 21:29:27 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://a.tribalfusion.com/i.match?p=b17&u=UPaf5d63c4-869e-11eb-80bd-0278aefe5bd8
Connection
keep-alive
Content-Length
0
truncated
/ Frame 9BB5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60771abc316551273848c992d2f6ffbda94e9e3a18b2723953897a972781465e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 9BB5 		0
46 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJXPnPzgte8CFZGWmgodRfEJMg&gqi=NiNRYJWlAZXLygWBnpLQBw&layout=/sadbundle/%24csp%253Der3%24/12156485942197279468/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 22C4 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 01:08:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73228
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5866
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 17 Mar 2021 01:08:59 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 22C4 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 17 Mar 2021 12:41:54 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 32BD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
162 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=250&slotname=7797732353&adk=1624002602&adf=2260553171&pi=t.ma~as.7797732353&w=300&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165909&bpp=24&bdt=700&idt=103&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=1000623738&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1060&ady=447&biw=1600&bih=1200&isw=300&ish=250&ifk=2323582349&scr_x=0&scr_y=0&eid=44737537%2C31060288&oid=3&pvsid=1429224313040930&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.49bup2ew6d0h&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 21:29:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 16-Mar-2021 22:29:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Mar 2021 21:29:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 21:29:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9A67
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 21:29:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 16-Mar-2021 22:29:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Mar 2021 21:29:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 21:29:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
btn_rund.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/ Frame 22C4 		8 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/btn_rund.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4d8bbf6264fc196cff0594b42812ff6a044c03f68c826100117e942d6973d17
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
289279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8495
x-xss-protection
0
last-modified
Tue, 03 May 2016 14:44:13 GMT
server
sffe
date
Sat, 13 Mar 2021 13:08:08 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 13:08:08 GMT
btn_rund_image.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/ Frame 22C4 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/btn_rund_image.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad0eecb433f40d4c1556e9189b9e2593c0bcc5bdf575c3169ade7a27b5eadd29
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
395691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26798
x-xss-protection
0
last-modified
Tue, 03 May 2016 14:44:13 GMT
server
sffe
date
Fri, 12 Mar 2021 07:34:36 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Mar 2022 07:34:36 GMT
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 22C4 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197948
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
kp2A.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/ Frame 22C4 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/kp2A.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=600&slotname=1751198753&adk=1179831814&adf=2638734743&pi=t.ma~as.1751198753&w=160&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930165884&bpp=17&bdt=683&idt=94&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&correlator=4745316515018&frm=23&ife=1&pv=2&ga_vid=1610831270.1615930165&ga_sid=1615930166&ga_hid=914130382&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=276&ady=660&biw=1600&bih=1200&isw=160&ish=600&ifk=919583899&scr_x=0&scr_y=0&eid=44737537%2C21068946&oid=3&pvsid=3368437590945677&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C160%2C600&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.ia5x41k3vhwb&fsb=1&dtd=112
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93a02d431d55e967ffa0b59a827875fefaf595cf5f4ade2c01499e96bc79a4c1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
289279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17578
x-xss-protection
0
last-modified
Tue, 03 May 2016 14:44:13 GMT
server
sffe
date
Sat, 13 Mar 2021 13:08:08 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 13:08:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/ Frame FABF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5d7a28c9d4b8b842b5dd259ae0ee10b5366b532a90e2881d8ed17f3da9b645f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7126
x-xss-protection
0
server
cafe
etag
11114773310340928782
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:27:05 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame FABF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
6751271179024913178
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:29:22 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FABF 		112 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615840882416834"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34604
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/ Frame FABF 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210315/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:28:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5996
x-xss-protection
0
server
cafe
etag
15528521553155206461
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Mar 2021 21:28:55 GMT
l
www.google.com/ads/measurement/ Frame FABF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_QW66D6ugW3Wg7NfkHQjcFVVtoWkf-nQj9AeHJgMl0GfijfYVygITUADNC12SaSRLqUbN9ivscmyL0E308beZiau4kQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
728x90_Performance_Stock_CYSEC.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/ Frame 39E3 		315 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f641029235051bae3bca0cfb6834a15f387c4c68bf9b1163cbe464fcaaa6a624
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Mon, 15 Mar 2021 05:45:23 GMT
expires
Tue, 15 Mar 2022 05:45:23 GMT
last-modified
Mon, 15 Mar 2021 05:01:49 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
content-length
46651
age
143044
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame FABF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CW4fHNiNRYM2WMILZ6gSAzZvAA6LJwu1h_YPMlaQNhd2jp9kCEAEgqu3GQmCViriCyAegAercgNECyAEJqQIJDoCtQP-pPqgDAcgDSKoEtAFP0C7bQC7EdU9pB8UmhKjAjk2m4ml78JAAjjQ64eeu-TK7nGaEqu6jymOQb8I9lRvTqrYxd9SkDVDXFCIm9PuFcgo-zKShWaZOJ9IOIR6Whvy10-8W9dK666DnlKjfTO7CcdzyNIFokwTgBzZ4RvZ-w11zIpFsgAelmOUjQno1ZE2GkvqSgplSvzA15rnGGoqok8xnxoz7dHk_tk-iu25tFPq_R8IG8YnP9Nl0CNnVrWyfmwjABPvBysSkA5IFBAgEGAGSBQQIBRgEoAYugAf-ov-uAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDD1hbSCAkIgOGAEBABGB-ACgHICwHYEw2yFxoKGAgAEhRwdWItODM0OTM5NzMxMzY3NjM4NQ&sigh=iwUVIAgiVzI&template_id=419&tpd=AGWhJmuDlv8jJwaCRUQjeKm1UXPeHFhIW6xl8PWRld6tzx2T-w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 16 Mar 2021 21:29:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 3C97 		143 B
173 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 16 Mar 2021 21:23:20 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
367
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame FABF 		0
23 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CM2Jy_zgte8CFYKsmgodgOYGOA&gqi=NiNRYN3aL_OJxdwPseSquAc&layout=/sadbundle/%24csp%253Der3%24/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B39B 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210310&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a84259c72b73df2aba612b5340566771a14bd1ca1ee6c50088359c82a08a9a15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6615
x-xss-protection
0
truncated
/ Frame FABF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81fa825a6ff562b0f4dcaab03843a6ef395182295148183c523fc1b805238252

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 39E3 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32162
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 17 Mar 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 39E3 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
31653
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 17 Mar 2021 12:41:54 GMT
createjs-2015.11.26.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/libs/ Frame 39E3 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/libs/createjs-2015.11.26.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2209007953789525639/728x90_Performance_Stock_CYSEC/728x90_Performance_Stock_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
143043
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49532
x-xss-protection
0
last-modified
Mon, 15 Mar 2021 05:01:49 GMT
server
sffe
date
Mon, 15 Mar 2021 05:45:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Mar 2022 05:45:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B39B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 26EF 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210310&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e623d9b6fd7a451f1abcb5d5ffa8a8552c129c3a1feba26c78d98e9a8d3dd928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6484
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3EBC 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210310&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
949ad0f499c08300c81d2bfe2071f334beecb1a2a91f7da2fe0969f7157b4a14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6596
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 3C97
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8349397313676385&output=html&h=90&slotname=4844265957&adk=3045338941&adf=1923364441&pi=t.ma~as.4844265957&w=728&url=https%3A%2F%2Fwww.emuparadise.me%2F&ea=0&flash=0&wgl=1&dt=1615930166510&bpp=7&bdt=1329&idt=232&shv=r20210310&cbv=r20190131&ptt=5&saldr=sa&cookie=ID%3Dee09cebb973fcb0a-224c4ce7c9ba00c3%3AT%3D1615930166%3ART%3D1615930166%3AS%3DALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw&correlator=4745316515018&frm=23&ife=1&pv=1&ga_vid=1610831270.1615930165&ga_sid=1615930167&ga_hid=38990201&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=152&biw=1600&bih=1200&isw=728&ish=90&ifk=4260295749&scr_x=0&scr_y=0&eid=44737536%2C31060287%2C21068084%2C31060352&oid=3&pvsid=583225004334856&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.1j330sylnqyz&fsb=1&dtd=248
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 21:29:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 16-Mar-2021 22:29:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 16 Mar 2021 21:29:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 16 Mar 2021 21:29:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 26EF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C43B 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Mar 2021 15:19:39 GMT
expires
Wed, 16 Mar 2022 15:19:39 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22188
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3EBC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210310/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8349397313676385&plah=www.emuparadise.me&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 16 Mar 2021 21:29:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:27 GMT
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 39E3 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197948
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 5C18 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Mar 2021 15:19:39 GMT
expires
Wed, 16 Mar 2022 15:19:39 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22188
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame B056 		42 B
69 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSwFKlO1uyC1DBWIb5x4pYpFqiCeuoZ__TKCIY7VKyvARXctt5MLB6LmHPg7xCEy75uGYoakHbF55PWx9soPUexNaGV6G9YKx6VF_lswd1n1oev1ENYmU6G3OlPdFJPcDI5yqakVkYzc9RCE7Ow4d9sg&sai=AMfl-YR8fpUDHFxG8gLDUFbqD49n2IbQJjRn4DL12_RfbhggqSGu9rYsYyKINy-Q32ZCoNb95aWhQbrEbbzeq7oYe5EBh94HFTESpgA&sig=Cg0ArKJSzCrZYc8EIrnfEAE&cid=CAASF-Roh8RCgH9y3gUNa55uPyf55imHXLHC&id=osdim&mcvt=1019&p=0,0,250,300&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20210315&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1624002602&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615930166022&dlt=469&rpt=61&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame C43B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197948
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 317F 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.emuparadise.me/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.emuparadise.me/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Tue, 16 Mar 2021 15:19:39 GMT
expires
Wed, 16 Mar 2022 15:19:39 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22188
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 5C18 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197948
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
pagead2.googlesyndication.com/bg/ Frame 317F 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OqSalp92o-4AtfYt583RauVJYevBmhjij2pcg0zPe10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 14:30:19 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 08 Mar 2021 17:45:00 GMT
server
sffe
age
197948
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
expires
Mon, 14 Mar 2022 14:30:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9BB5 		42 B
89 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSDbMpmQa2fCeJwHQYRSQXA_hgdGdPxB5pNXa4kqoMgMaocLLGlL9OhueCHr7WL8p90O36g7X5th3ETqmQLG5JAeoqoItJ5KHpcPHWiYcowYaetoGIjBZpkG0sCA&sai=AMfl-YQNXPFRZzGXu0NwwtvxiaRjZjbH6DhOaDJ598q5mDqJ9ykFaVfnmOxuCKgEavvXjVzAE8xyne_4IhwXEzH1uxkVL5gQ7t0ChsU&sig=Cg0ArKJSzFWPxPOTBhifEAE&cid=CAASF-RoZtedqS-z_eUROAcWZw58iN41n3xJ&id=osdim&mcvt=1033&p=0,0,600,160&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20210315&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1179831814&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615930166003&dlt=603&rpt=69&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B39B 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210310&jk=1429224313040930&bg=!GBulG1jNAAUO7zDoDjsAKQB2-DxabhmMPMrHvMc9WjqfbAjZdmeoJscTsnyoMmmv3V6sGUflvyH_AgAAAOZSAAAAIWgBBwoAKhfB1R0BqLZt5IJXXJU9qvz-csk6t5_LRFTAkUhcQdnvcZVP1lufn2E6pZkB7hp_bBxy9pWMPbGLqK0R2iUYf-m4RKI3DjmipOxctJOABE_6sbYZWT-FekVkXJ-bUK-d_tGG4s3CR04yGzBDNtTi8X0aZcRcRSNRWrVKqtbhr50x1VPRPGAG-FVusHvS6qaXtprS_H1iodW-CiN-Er5esBE6RSFHWB7WM1C4OVLYZCEew2uS6wxvmaOKKYRRRr7Qax-WdFPLwjHpWg-vQabcEdtmTgrHKek8vpEvlzGNPRugSEFa5QLnE55zOteAw5qy9-PbK2Zl58H9AFhr7Ez59jxkx16YncjNm8sH9Qk4hCaELCkBErI3jgP2g-QXrV9fat6weSyii9yFCMQNlIPhbTcVFYwzmJwjkZhUcI1FW6N6FeNW0XTyN_L4u1DomCDHQQLJ3_XDg4zODJaitpJUPUVpFcPq3e0aEnh5gryA5G9QMq_b-ngTuYpjZYR-shiB8NxvPGGLLkb022hwJkKpRGEiJafEQ3krYg5HworCmCJ0eB1bQicR9yXk00lF9OOPqHZ9-Z96ri5ROBc_exvwwhZIjFRw2W9Olao61oFxvqBV2OotoXoGQc46xCrmlj5V0FezhOzDu-0oXuw0LknZt82yf3Nx9jm13r74Jvn6ZkfvfgWzypuNTU6Ieb3ldGaFM5Mcltiuh-LeCnTY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 26EF 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210310&jk=3368437590945677&bg=!-vml-brNAAUO7zDoDjsAKQB2-DxaZlZSE66SjROmM90tjqctNTHm1QTa1AJrK0K73HGm9nxAqwldAgAAAN1SAAAAFWgBBwoAWh2KE-pOkGZAb98vyi-mx6jqts_dOLAPGqpKrcFJBBAc4e-FbEdi6lxo51DwIhNyHuPNuLKA2ZNJ4qAuOHPiH_zO4qF75eLoGpzhM3Wc3i-y7wKADaEEVVA-lJkCAwHKz_spwqiqaUecJCZDIfoWlXQD8_CqRgLmExfdxSgKrlVBJmBC23LKr9TocuSdp9QFaYwDUF0KMdj8l6dcGhKhQuGRC0D0682_4QSCauhzr-2K6ykRGgQV-qICM6UuPGLTQiZzJm2F_FtIwi-oVS_6D3T-xjPhOa2QbExQeIfD6gKIIjq6V-h9YWuHkxg3b9Ue7z11vOw5WLkCLYJ0ELhL13FF7iBwPjd2qBD9K7St8yha9Ylpv4tDCiH3z-5f5FMf1s8iNHE1stOu_FXjeQiSPjEWPHhZSxFeV_w_qt1c4IewsHJzKAur7J_z-gyNRYN0pkC6m7Mifp_f9-ncLIOzyii8QMRQ1ucRqyMBuKFa97LoXESCcdb4gdWtKcW0dprKOTlRADIro4DQddIhm4aRr8ribK-w2q80GBToFGbrBFjWnkIHV71bA-y33iU__isHVqu748MiQ8KzRfFYM8TbsZZChxdPENSTjK8lMZs3BNxUzAQr-xRt9X9NcBIC9rQgKmLTkLPoOnuG0-fcgkOnjzd9CJisDIgTZlho_UED3hBNfbMU6DpSbhYl_kjdZ1Ke1KQ53eCOUXm1B0DLuMsAjNDdIPMJP_SYq-H_7TQcDlqGxQOtW7xWTzVNtO2macTyNf4a_H6QXx0G8IgMPEIYrxOQ0rQG7g8Vw5sRocsfUX3c
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EBC 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210310&jk=583225004334856&bg=!JSalJmXNAAUO7zDoDjsAKQB2-DxaF-iP94OOpWmNk5av14ayiercMhUAnDo_EZ9dDxQZxE-5SZEWAgAAANBSAAAAC2gBBwoAai1FAlP65yZviXMbZ0ol5niFzCkOCjOf4g2KlNjV6-CKi9u0csDPz5ukSweNJ2Ll_Wvie-2jJyw5TBKlZl81AZiJ-6xy1ZIANQ61xqYpUKiOILhZTv66ug8Q7MEfm3za3gPo1yOGDJ9pXD-ZAe5og23RwcDjHaY8maBz0JBt6Bin_nFhvcZokjmx2acnSsxi1T71Bl4AkI05sfzkzPaQq7ePWyLLEhcTlugAgtvL00GY7qJGbJtNy6EUn_x8IhMxwLkbvJYw-OCobVeMDq9VlMYxNAVVmUUDX2Wd83vzjmz1jTgFnqX2UtYIZRJj09z0nNb6TS_UjUNYRF9Bkqbtwsw2ZI37TB-CqTKJu-3_LUhXxfrOzeUNiPO1mou46MpyrKJ4JZcM-5j6yq9J1DhO6Rny3Cdfsa8x59n4jigDIRAACb11WICAtMT1BcvJQ2jJnY3MBv9AvuP7yNFpIb2x8OaQcg-wjmT9P1Y1wZlxtv59IuE5DGQSA6fOFhJAp_97nA9EYauq8qTL8u75riaKYR2L0OZ5LuHQc47czqqMAM65uDXS4fDKhcx_7g9J9IUtReojrJFqUvHegYXIJN04SZ6ZLDeqrGjI036DQmyWHrLywrUbZVfYUXTbPdWMYJz5KxNeVYUkbW4_vCznFp4SNOeuYOWhkVKpJ5MMhB3bQe87CiHflVjY6rqwFb54MHUYnealy4_qXsUvzN3f5l1lkGmXrEeg1Gm-mjR00As64_DodECGw5y1n5wtULLs9fY5gOcCbLa4mhFHp0pLBBLrqckhm0ykihRj8YL84Q
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.emuparadise.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FABF 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5VWGa3YnahvWp5KbFX-_2VinMYXzlC5IIN5xWIW-JIiESXdYywYciB8EFpPBx7mQ3XfRRSCQ7PrV7qkqZYHBTHEE_UZmqNGulUPwlMtqcuN17jWsZcpQR7TC0zA&sai=AMfl-YSCUeEYC5zKNvC15HqnhCnRdTVW1U1Jbzwgv7T3NmJAisOvse8oVeLadtlJ_mVFnYWZ0a29_3s9p5GAwUcLxGJE6BRcrgZGP60iJC5m0ZPmbeFSqfNj8lE-5pim&sig=Cg0ArKJSzPY04zk6hZSCEAE&cid=CAASF-RoXLR_QYksflwGqyqHXa2vDs87LmVI&id=osdim&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210315&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3045338941&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1615930166763&dlt=510&rpt=245&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 16 Mar 2021 21:29:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
kp2A_grey.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/ Frame 22C4 		24 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/kp2A_grey.jpg
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc8f3e87a3536ba14d63346e2294ca19e47a6c48d5cdfc787ec3d3331ae27a8e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
142143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24691
x-xss-protection
0
last-modified
Tue, 03 May 2016 14:44:13 GMT
server
sffe
date
Mon, 15 Mar 2021 06:00:31 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Mar 2022 06:00:31 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 09D4 		28 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/b2e56c01/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/UZMBXSqGIEY
X-YouTube-Client-Version
1.20210314.0.0
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtVZ2J4dUZuT2dwdyi1xsSCBg%3D%3D
X-YouTube-Ad-Signals
dt=1615930165360&flash=0&frm=2&u_tz=60&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C632%2C365&vis=1&wgl=true&ca_type=image&bid=ANyPxKp6JPoFlHhQJR3g5dFZ451QYshbg1YyemCAGLvMvxOMxfLC8o1Vo3mpXXR3U68d8MhDY_1obBQEvlTvqSzPbaC8obYeCQ

Response headers

date
Tue, 16 Mar 2021 21:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Tue, 16 Mar 2021 21:29:35 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.po.st
URL
https://i.po.st/static/v4/post-widget.js

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| is_mobile_domain string| os string| key string| bookmark_snippet object| msgs function| DetectReferrer function| findMatch function| is_Push object| _comscore string| post_src function| Swipe string| GoogleAnalyticsObject function| ga object| Tynt undefined| adsStart undefined| TIMEOUT undefined| googletag undefined| pbjs undefined| adUnits undefined| a9Slots undefined| a9BidsBack undefined| tableBreakSize undefined| mobileBreakSize undefined| device undefined| dfpNetwork undefined| len undefined| detectWidth undefined| initAdServer boolean| hb number| header_bidding_allocation undefined| displayOnDevices object| e9 object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _33Across function| __uspapi function| udm_ object| ns_p object| COMSCORE object| _tynt_jp number| wc function| JsMutationObserver object| TyntRT object| TyntSIC object| e9Loader object| e9Manager undefined| e9AdSlots object| e9ObjectMap object| e9WaitingSlotsQueue function| getRealTagsScript function| getCurrentTagsScript function| createSameDomainIframeTag function| writeContentInIframe function| getFrameID function| getDivID function| createAndWriteContentInIframe function| processMultiTagsRequest function| processSingleTagsRequest function| canAsyncFrameBeDrawn function| getMaxSize object| jQuery17203813088963218889 number| _tynt_gpt_iframe_id object| e9PageData object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner

9 Cookies

Domain/Path Name / Value
.tribalfusion.com/ Name: ANON_ID
Value: atnxvYriIt6P3PTReFyRx36TYoTqgqxvZdSZbyEZcu8THoUrZbFhWTsXYiYq3unq8ZbwZdW7IO3jq61b4bnWYKUZaNmgVGvoEZa9L7ZdN8W7XQ3oELxBADiSbK2SFICSp3KviYOdeZauAx
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: UgbxuFnOgpw
.doubleclick.net/ Name: IDE
Value: AHWqTUkLTPgjF4hV9sjzfYMRwvuV8O0f9HvTQZLDMuJ7LyNZdvZ9oq86PEH6Tqzsdb4
.youtube.com/ Name: YSC
Value: kGI1H5q2Mrc
.emuparadise.me/ Name: __gads
Value: ID=ee09cebb973fcb0a-224c4ce7c9ba00c3:T=1615930166:RT=1615930166:S=ALNI_MamKpWebcQtbtc68Dv5Fr3dt9LfRw
.emuparadise.me/ Name: _gat
Value: 1
.emuparadise.me/ Name: _gid
Value: GA1.2.399923423.1615930165
.doubleclick.net/ Name: DSID
Value: NO_DATA
.emuparadise.me/ Name: _ga
Value: GA1.2.1610831270.1615930165

5 Console Messages

Source Level URL
Text
console-api info URL: https://acdn.adnxs.com/ast/ast.js(Line 1)
Message:
AST library loaded: 0.36.0
console-api log URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html(Line 83)
Message:
bin drin
console-api log URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html(Line 72)
Message:
0px
console-api log URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html(Line 72)
Message:
-175px
console-api log URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12156485942197279468/index.html(Line 72)
Message:
-350px

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2921a1983bf3d20d382a90a83f6db872.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b64459531885200b3efb-5206a7b3a50a3f5974248375cd863061.ssl.cf1.rackcdn.com
beacon.krxd.net
c.amazon-adsystem.com
cdn-sic.33across.com
cdn.tynt.com
cm.g.doubleclick.net
de.tynt.com
dsum-sec.casalemedia.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.po.st
i.ytimg.com
ib.adnxs.com
ic.tynt.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.rubiconproject.com
public-prod-dspcookiematching.dmxleo.com
s.tribalfusion.com
sb.scorecardresearch.com
sc.tynt.com
securepubads.g.doubleclick.net
sic.33across.com
simage2.pubmatic.com
ssc.33across.com
static.doubleclick.net
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
us-u.openx.net
www.emuparadise.me
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
i.po.st
104.108.144.152
104.108.145.8
104.16.38.14
104.16.88.26
13.226.158.204
142.250.186.162
151.101.113.108
151.101.194.109
18.156.0.31
184.30.210.81
185.64.190.78
185.64.190.80
185.94.180.125
2.20.130.64
208.100.17.184
208.100.17.187
23.209.68.189
2606:4700::6812:417
2606:4700::6812:c05
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::2016
2a00:1450:4001:80f::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200e
34.120.25.144
34.98.64.218
35.156.153.71
37.252.172.45
52.28.42.15
52.45.248.59
63.32.181.48
67.202.110.23
69.173.144.165
00894913a7543e134c06713d0c30bf0cd514d192d68f3dc4ad4dcb1c8e9e3e57
0198672078ef55a4f30d2410a6497f2d55be965ccdec99b38a58e4f12be037ad
01e45a16046c93a2ef181433dba24e253cbdbe4910a3fa3b3ca197c50c9e68fc
03335f1a509ac5ccedc3ec1bc271122f4376b21d72f06087bccdd2c388820217
0451c6618bc970528456fe09331b1aea64c20892d29b8e578e31e41ab515032e
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d6d87d86843ed0bc023cba55f7d1d2078ea087f968c8dc3e1cf65d59e26560b
0e498f3b097a3ec0d7bac08c85fb412497dd21cb14f0498f2c0df630042ee9cd
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ec9dc99e8e7db9c1048749c68a76e2738e2a60ffa59dc79bad31f8f6eab5bba
1ffb3eb67476de4a642893eefb2ffd33e62c7474808fc21438d5a961cd4982f6
21e199d83d59ba6255575e4e94c726c5a341fcda3f1d03865ed0718dfc8ae994
25562b9d70816656e6aad12af08bfb418a7ed70554ec2aff892931f4298529d0
2720e283fb9cf4e5ffdbba290c0d563ccedecc8537971cd6b7668bd6b36523b6
2f05f8e01af4400f7e8ef47aaec6245ed6904b9552fee0f2448a80225adf1bc5
34a83b5deedbc6b2c2739d8189b62f5e9af1a46ebc75ec4e1b50a0a81c301f43
3662e730660123dee499c32eb0257f23761ca6d837d79344eb1715784520d6b4
3719639dfece97a334d11515af09822dd2774b88a3698a04339871773244d475
3aa49a969f76a3ee00b5f62de7cdd16ae54961ebc19a18e28f6a5c834ccf7b5d
3c9e41971a8a43eeb4a4b7a5a5c04323f9d8bf038dab81dad8b2ac7d0b0b5d93
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
40223267adc012c6a36ddaa9c244ad14e87993bc9919cbcf87acdc218fd909e5
4265eaa975ba51f71d28969829a092f38c84dd0ad29ded35534eefe503db5d24
432c736872d32e23225a118a9ee55f26126de76a49be04adbf2ddba534bb717d
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
476e55b7d10aaeb7ddd39212d5a22f590ac9355c2356fe7075b8c52f207edae2
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
49aca7ccb818a50f7a6561a332134a44d47f868550e97eb6d25f57cc4755130d
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bb12d70c666a520e92ce5323623ef456da29d874de55b2900f6938b860ce458
4c821f2d169369324022057e9948ed8f9d45794d18b6c8c3fbbba900bb65158c
4de988825e637dc6d834c34d509a40b73b65f2daccb3923cb4434bd000a17bcc
4e82bd8f567840279d47dc169ac57460b3195b6e9d8c138964534620fcbdce6f
4f3d44464550faae5daa4a090d801ef80ffb455b2c82e9a41b2864b1b5edc7c2
4fe80ddb8795f462b0daf46041199cf5a2350ee54b012b0c8cb4951d86181489
51b5cb15f29ab4955072d1c18f479b57df59a8da4113b1d41d889a49b84a9e0d
55462839d9801e93af44e1d4d11cb92676f599032a610a23e906f24a65838537
57532d07103088a868f37b813377ca409585e04802671b9c442ca39d8ee70cf0
5d61ca3e7e8a15ea0b45ae62105c7fbb784d5f89137e0d5fd411f3d603511346
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60771abc316551273848c992d2f6ffbda94e9e3a18b2723953897a972781465e
60bc3c2c04bf671a1a0037719ace07a0b5886abc52ae34b4998acdce991e8d7b
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
63e9a240ee3511a5ee44625ff99c3036112dda160ba0114118bb54eac2e5c9b3
654c3f5c543c41840f7671c9e6807a0de62bdce3125a32b795b460f015b8cbe6
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6a2a699fa7e4ce101b9db469452f2631cc2ac7c887abe082617497274e243f0e
6b5ccfd601813e09d5ae117f252fb69e1b4b4d9324cee665b781e01ee21c89a4
73072df2ceee0b19042a48dc6df79d2ac088b9674a7fa454d8feb6e012c3a81b
74757a4e7cee9276f80edcbb472a0d53d9b434f85d6eadea846606eff7cabaa9
79c521a89112af803faa48f72e1f5f1b5d0685129a14b917317d1cc688613a18
7e915777546516e196d2b26c4eb393423c54174d61fbf7a98259c33a4efdefdc
80abef344a0bbe5285dfd4a48eee982f8ee404d1a7b62a90673ab7077570c1ec
81fa825a6ff562b0f4dcaab03843a6ef395182295148183c523fc1b805238252
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d3a0900f072692b80508a2776cedcc0dabf2dd73beac1b03f76e169ae6825f
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
8f535c47b77978bfb9f03aa2cfe9d9e4a17ae8a8eaf44b6464c54d44d66f43fb
904b9ef9800d10a68b36b5724805edd284bcc8160e10af24666746048bec8e80
91195dad806b4b551915daf1b1d36acde04ce33b920cb925a98a01b198248a52
9272deaba258052abfdca7f8a720c98f972e76dfbff62b73d8411c76c3e5088c
93a02d431d55e967ffa0b59a827875fefaf595cf5f4ade2c01499e96bc79a4c1
949ad0f499c08300c81d2bfe2071f334beecb1a2a91f7da2fe0969f7157b4a14
94cdce9a2bdb45d48434bfd158b0bcf4a0c2be0cd354328dada35365ea5cfa49
9835a69ecb524330162090fbfdd3c070e4598540584312915b1bfe547e258717
9a38ed42fd72929c1cdebc651707cad6af2f236e309a77ccba91b25e5a2eef05
9ad0a326c458274dbf46e0a37084e0fc91a0d301a82596c5146cc78d8d199917
9cbf6de3b1cd3e825dc1f6d8eddb1695ff6f0b8cca5a8e911e86102b9d3a619c
9e3b9ecf3258afd899081e6cf645e09ae51a031aeac11a0d0f59ea3b5ff8595b
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3638bd6ab11bf9c873ee5f541ebc394314779480f0bb15b264bf68a54642b02
a4253b8b215f5579facba0eb01333d3d2e3c16c576d7502b75472e432cd45ef3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d8bbf6264fc196cff0594b42812ff6a044c03f68c826100117e942d6973d17
a5d4be9135e0400a2357c358d9f967d4a7d5ccc13c272b657932aae568e2ca61
a74a80d43a37c518ea91c88f9dc8bb8629bcce019628e59736d2d2a4fb3e7ad8
a84259c72b73df2aba612b5340566771a14bd1ca1ee6c50088359c82a08a9a15
ab16a1ad496f459be07367c6971b30989700db351a07be650550ac2263c58cb4
ac0cb50eb29f9e15069680ccb0093fdca7faefc603c0892664b6b3dd125682d6
ad0eecb433f40d4c1556e9189b9e2593c0bcc5bdf575c3169ade7a27b5eadd29
b26f556876de085b6c553a279dc07e31281ad46eac3ef494bab4d75c7d3a811f
b5d7a28c9d4b8b842b5dd259ae0ee10b5366b532a90e2881d8ed17f3da9b645f
b6a9011161e91a9025d71047a662a9a7365397db6b90c4be62d70d08b90b45b2
b8d43bec55c2b869d4be312e1107dd87eda62d2fe4ea33ac9f37b8e1271a8d8d
bfbb4513e0ac4c42361b2b239c2f4a1c2e10fba9bfc81821b682da58c3041095
c0e84e667672bf1c1c675beab334b374919c2a76172ddf890e48ac57b182f5ee
c288271bcc1ba8345a3bb2f92c355864ae3cda997a9f418292fe6d1f7c2ea99f
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c5a0b8523ed52dfff8b07b61549ed61cc80c8b75529ce84a591bc25c9d7289e0
c630d95f52bcabc37edd62982500d487ee97f36b54a5627bffeca6f4723159ba
c725a3df28f1e5ee7df6d08047f98c58c4e1d29c1a7aa698244bedf4b82e69a9
c74bb5c1458b133170c0151c5fafcf56f0fb2cf110f5fe17da942fd1074ba4fe
c8904e0a7c240a0a799bf4873ac2ffca3284498a9a7d4661eced58f1d6e88d78
cc54d49a204cf8a8440884a769b3bc5a01030ce4f1d45582adc2170c95752ee1
cc8f3e87a3536ba14d63346e2294ca19e47a6c48d5cdfc787ec3d3331ae27a8e
cd2890594b4584d2735dd78049aea9ebc7c395cb5cc97bee9e3ab6176a0c299d
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6da0ca764e8868359ebf6451c2c650a06163d1112c9dc8378bf88ce5e486895
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcdc6d08c55dacf94f6a80c70f33a211542ae3d54755efa8a6f27c2fef7b7e18
ddccee94532e36265390e5c93503c8bc30525834a36ec19fd8aef385d3e842d9
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e623d9b6fd7a451f1abcb5d5ffa8a8552c129c3a1feba26c78d98e9a8d3dd928
e8fd36555511bebb4ea6f4520ab3eb3de4acb772452cd9d37f461dfd3b93e994
ea35543b772514bff4f7078b02a469d5390c44f068c11abf4154d6f508ade1b8
ebc0f207781486fc7dde23d81868a8d1107656031c87103e337abfee7ab50dbe
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee15fb2bcca127e2d2a69ee5c69bca55d68b15c62ac9a43f227d03f378fd83ab
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb256db1f146bc6eec35caaa907522e7deb2b699374a0b1b293e80829d0c884
f01896091a084104c84263fff729df8827eb74bf6cdc9462edd43ce3d7e412a2
f14a53d6e112f5652255e499e109659fe79678b0de2eec4f42a1ac48c9ce72bd
f52fbe229dad0f89d6f23bc012d2c886c3cafc5e3b099c88aadbb0a7ccf4c779
f52fcaad39fb61ed178796dcc4e97b42933cb23b4547cb8a46be18ad0f406057
f641029235051bae3bca0cfb6834a15f387c4c68bf9b1163cbe464fcaaa6a624