www.memuplay.com Open in urlscan Pro
205.185.216.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Submission: On April 30 via manual (April 30th 2021, 3:05:09 pm UTC) from TR

Summary HTTP 144 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 25 domains to perform 144 HTTP transactions. The main IP is 205.185.216.42, located in United States and belongs to HIGHWINDS3, US. The main domain is www.memuplay.com.
TLS certificate: Issued by RapidSSL TLS DV RSA Mixed SHA256 2020... on September 30th 2020. Valid for: a year.

This is the only time www.memuplay.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
17	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:211... 2600:9000:211e:c000:5:1aa6:b840:21	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2 16	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
4 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	52.41.112.73 52.41.112.73	16509 (AMAZON-02) (AMAZON-02)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	79.137.69.120 79.137.69.120	16276 (OVH) (OVH)
1 1	63.33.127.66 63.33.127.66	16509 (AMAZON-02) (AMAZON-02)
1 1	18.195.77.77 18.195.77.77	16509 (AMAZON-02) (AMAZON-02)
144	27

21 205.185.216.42 (United States) 1 redirects

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

www.memuplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

dl.memuplay.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:c000:5:1aa6:b840:21 (United States)

ASN16509 (AMAZON-02, US)

d1dsppboztgfdt.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 172.217.23.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.41.112.73 (Boardman, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-112-73.us-west-2.compute.amazonaws.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 79.137.69.120 (France) 2 redirects

ASN16276 (OVH, FR)
PTR: gcm10.host.hit.gemius.pl

googlecm.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.33.127.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-127-66.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.77.77 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	memuplay.com 1 redirects www.memuplay.com dl.memuplay.com	1 MB
36	doubleclick.net 2 redirects googleads.g.doubleclick.net static.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	77 KB
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	265 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	150 KB
8	youtube.com www.youtube.com	693 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com ssum-sec.casalemedia.com	5 KB
6	google.com 2 redirects adservice.google.com www.google.com	323 B
4	pubmatic.com 2 redirects image6.pubmatic.com	2 KB
4	openx.net 4 redirects rtb.openx.net	1 KB
4	googletagservices.com www.googletagservices.com	133 KB
2	gemius.pl 2 redirects googlecm.hit.gemius.pl	378 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com	919 B
2	addthis.com 2 redirects e.dlx.addthis.com	2 KB
2	rlcdn.com 2 redirects id.rlcdn.com	890 B
2	googleapis.com fonts.googleapis.com	626 B
2	google.de adservice.google.de	287 B
2	google-analytics.com www.google-analytics.com	19 KB
1	agkn.com 1 redirects d.agkn.com	761 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	quantserve.com cms.quantserve.com	398 B
1	2mdn.net s0.2mdn.net	105 KB
1	ytimg.com i1.ytimg.com	1 KB
1	googleadservices.com partner.googleadservices.com	257 B
1	cloudfront.net d1dsppboztgfdt.cloudfront.net
1	googletagmanager.com www.googletagmanager.com	35 KB
144	25

	Domain	Requested by
21	www.memuplay.com	1 redirects www.memuplay.com
18	pagead2.googlesyndication.com	www.memuplay.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.youtube.com googleads.g.doubleclick.net
17	dl.memuplay.com	www.memuplay.com
16	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net www.memuplay.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
8	www.youtube.com	www.memuplay.com www.youtube.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
4	image6.pubmatic.com	2 redirects www.memuplay.com googleads.g.doubleclick.net
4	rtb.openx.net	4 redirects
4	www.google.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.gstatic.com	www.youtube.com googleads.g.doubleclick.net
2	googlecm.hit.gemius.pl	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ssum-sec.casalemedia.com	1 redirects
1	d.agkn.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	s0.2mdn.net	googleads.g.doubleclick.net
1	i1.ytimg.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d1dsppboztgfdt.cloudfront.net	www.memuplay.com
1	www.googletagmanager.com	www.memuplay.com
144	33

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
discord.gg

Subject Issuer	Validity	Valid
*.memuplay.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2020-09-30` - `2021-10-01`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Frame ID: 557510D373A15CE93EB1E706A4F665BE
Requests: 52 HTTP requests in this frame

Frame: https://d1dsppboztgfdt.cloudfront.net/files/hu54ulqgjg/34.1170/Memu-Installer.exe
Frame ID: EC450B9AFFCD446E27BB0172F9530FB2
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube.com/embed/lPiXRSRff9g
Frame ID: 8C18272C2E303C4054BB8FB727ECA6FB
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html
Frame ID: 7365104DF0D721C33F4CE97604E24743
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&adk=1812271804&adf=3025194257&lmt=1619795090&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090516&bpp=35&bdt=479&idt=366&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2095913704416&frm=20&pv=2&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=439
Frame ID: 2461D7018BEBE4C8B67499C60A90B9F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462
Frame ID: E07BDC3559E794A1000A54E154EF2B53
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
Frame ID: A764098EBF6438F5C035AF81D0BE10B0
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
Frame ID: 9E695BDB598A301CC96C10CA59E5E131
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: B99D24B4451184AEE13BBA146393BF6E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhj5xcueATAB&v=APEucNUKc8v6wBOmamHPMRvbptZf3CTravC2Lcy3jUOmdLLubt7MeOENlSHYjROJV4gckAdC_Nyr7QzYE9lCliYwEYSFxLt5pAXyTGn38zK4pLnLu1YNSaqm0EN4NXzAga1RJZeFHFguaMk3Ww_MC-unamYjYo3P-JqLMq1VJTFvkukLLJqImhcaa14C5Nd3HErX6_LcV5MVwYIjRW8OVMjjkCki0UJUvg
Frame ID: 8D00AB4D0728DEE9D44EBCC9C5DBAA68
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js
Frame ID: 2676CE0AEA542E48EC76E8D05DD9B9F9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: BBB698C36A231F79ADE572765206C267
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1D45525255B6DB85849EE97170E82EAA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5DFDA62309BD5F0458A68AA5B72257DC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9BFA23A11FA29B46FC0AFB8F66CCC0A
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js
Frame ID: 725AF75B3D44B5055366653A91DBA7B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 675E64330A27DCC22AFAFB13109450E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

144
Requests

100 %
HTTPS

58 %
IPv6

25
Domains

33
Subdomains

27
IPs

5
Countries

2851 kB
Transfer

5432 kB
Size

5
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/memuplayer
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/MicrovirtMEmu
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCoe1kDAmGeiffK_RyfC8xDg
Title: YouTube

Search URL Search Domain Scan URL

URL: https://twitter.com/microvirtmemu
Title: Twitter

Search URL Search Domain Scan URL

URL: https://discord.gg/jqSJV7Y
Title: Discord

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://www.memuplay.com/download-en.php?file_name=Memu-Setup&from=app_details_tr_Brawl_Stars HTTP 302
https://d1dsppboztgfdt.cloudfront.net/files/hu54ulqgjg/34.1170/Memu-Installer.exe

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1&C=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIwclJ5UAepzPLySrfy3rwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1

Request Chain 116

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJoMPa4BppohKOxNdRuA0Coxp8H4GOVV9LgNmjrJd_f_8l4BWx3AUICq5Z0VKS2hZrdX5RjEVglLc4x5xvyjDePLyITsdJRMQ&google_gid=CAESENV-64_Ff1ZJ2pT1_HMnwIs&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJS5sIQGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVKb01QYTRCcHBvaEtPeE5kUnVBMENveHA4SDRHT1ZWOUxnTm1qckpkX2ZfOGw0Qld4M0FVSUNxNVowVktTMmhacmRYNVJqRVZnbExjNHg1eHZ5akRlUEx5SVRzZEpSTVE HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNUsxNmVselFpR3doQ1g1dEhicnB0aDY0LVp5R09xdk1FZ0NUc0RlbmZVOA==&google_push

Request Chain 117

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIBN7AhYUfrMP126wezq6l4ErpLKDDH3skAdu7Vtxk7Z8j1cyQYw8phPckshJwg0rT3JGugHa8sfeja8lVwC79PDa4R8WD2ew&google_gid=CAESEEfI1olMou66IyRArqUeABM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIBN7AhYUfrMP126wezq6l4ErpLKDDH3skAdu7Vtxk7Z8j1cyQYw8phPckshJwg0rT3JGugHa8sfeja8lVwC79PDa4R8WD2ew&google_gid=CAESEEfI1olMou66IyRArqUeABM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MzAxNTA0NTMwNjU0MjA1NjE1NDIxNw%3D%3D&google_push=AQvitUIBN7AhYUfrMP126wezq6l4ErpLKDDH3skAdu7Vtxk7Z8j1cyQYw8phPckshJwg0rT3JGugHa8sfeja8lVwC79PDa4R8WD2ew

Request Chain 118

https://rtb.openx.net/sync/dds?google_gid=CAESECHHrbo_IdFfpqxAI-xDD4k&google_cver=1&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESECHHrbo_IdFfpqxAI-xDD4k&google_cver=1&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ

Request Chain 119

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPMK3lUBMSz-kV4nvxLPDCg&google_cver=1&google_push=AQvitULxfhlyB9SJIppxwjm-srsLAbaPoI5djVn9CKgW7W34EG-aFcF2zNbhLswioN5Wv20bieHR3M-HxXQnrfHO4y3XDhQjyRC0kw HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPMK3lUBMSz-kV4nvxLPDCg&google_cver=1&google_push=AQvitULxfhlyB9SJIppxwjm-srsLAbaPoI5djVn9CKgW7W34EG-aFcF2zNbhLswioN5Wv20bieHR3M-HxXQnrfHO4y3XDhQjyRC0kw&rdf=1

Request Chain 120

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENscO3UlNgOaSTZWlR185tM&google_cver=1&google_push=AQvitUL5efLMmu6dag3qF5_yr2U3gs62Po96em2Nev_0M3ZsWRBypCHzSkD0bgNmoDycnHkgrp66qMHJSilxDv5TF4RCvYrwMzZYBQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDT1ctQi1MSjBL&google_push=AQvitUL5efLMmu6dag3qF5_yr2U3gs62Po96em2Nev_0M3ZsWRBypCHzSkD0bgNmoDycnHkgrp66qMHJSilxDv5TF4RCvYrwMzZYBQ

Request Chain 121

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJml82LidigYI5ntM773Afg&google_cver=1&google_push=AQvitUKaT4L_UhTNGGT22xksZc252HGqtEk7K9Hyk0gwkA69ED2BlSROYBMO9Yf-8V6mxwSMolBSm9ouWz9Znfwuaey6yRNMVc3Bg-Y HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKaT4L_UhTNGGT22xksZc252HGqtEk7K9Hyk0gwkA69ED2BlSROYBMO9Yf-8V6mxwSMolBSm9ouWz9Znfwuaey6yRNMVc3Bg-Y&google_hm=

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 126

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUI3SFUi-SOrSYwIbewh6CFZo06w16HOvsHri2b7IdSvGmVUjg0eYcbHrezXqsZic2clhuPEjD5HfXbwzy1VdNNKTJOAxwcu&google_gid=CAESEPpP5LzOX4s7vYH-TRGFQZQ&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl3Y2xBQUFBT1NEWXl1Uw&google_push=AQvitUI3SFUi-SOrSYwIbewh6CFZo06w16HOvsHri2b7IdSvGmVUjg0eYcbHrezXqsZic2clhuPEjD5HfXbwzy1VdNNKTJOAxwcu

Request Chain 127

https://d.agkn.com/pixel/2175/?google_gid=CAESEN7j8ld7HXnZ_turX5YQTkU&google_cver=1&google_push=AQvitUINFx7_okvfAXxiY-dhUyLEeob-1Anq8f6wVbqOtS3jmKSZH2Xph0gpY8Cu25MnpbW0GYqJkvQrfzR4r-R5ZfYlUWUtq3g2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUINFx7_okvfAXxiY-dhUyLEeob-1Anq8f6wVbqOtS3jmKSZH2Xph0gpY8Cu25MnpbW0GYqJkvQrfzR4r-R5ZfYlUWUtq3g2&google_hm=Q0FFU0VON2o4bGQ3SFhuWl90dXJYNVlRVGtV

Request Chain 128

https://rtb.openx.net/sync/dds?google_gid=CAESEDzKhxpjISOzum1QeXBYqp4&google_cver=1&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDzKhxpjISOzum1QeXBYqp4&google_cver=1&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA

Request Chain 129

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEYWes0PEFmhTac3yfV7w6I&google_cver=1&google_push=AQvitUIWb-gYz5H5x8N_bsjAM2QYpL61cUnz_MKve2SgMc8-ppBqOEfgmoH0QdyohefGhMhqS6ygbCiPoxoVq2sknc1KPaIVDvk HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEYWes0PEFmhTac3yfV7w6I&google_cver=1&google_push=AQvitUIWb-gYz5H5x8N_bsjAM2QYpL61cUnz_MKve2SgMc8-ppBqOEfgmoH0QdyohefGhMhqS6ygbCiPoxoVq2sknc1KPaIVDvk&rdf=1

Request Chain 130

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHvcIYTBauDw4GKKZ3Y7ie8&google_cver=1&google_push=AQvitUKDaWFXA7A77JbEYO5jFsmAmFKPPuU2EY2XQs3UBibSoSpF8YEn0xm7NhC_wnP-lqw_BGIww9yDK-CuQVK0e2vSZxiCU84 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDUTgtMVYtOEFHNA==&google_push=AQvitUKDaWFXA7A77JbEYO5jFsmAmFKPPuU2EY2XQs3UBibSoSpF8YEn0xm7NhC_wnP-lqw_BGIww9yDK-CuQVK0e2vSZxiCU84

Request Chain 131

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECQo-8DkS7RsAJdyaivJt40&google_cver=1&google_push=AQvitUJYYqRbgqtZ-koj--uPZGpZysRz0Q0H4mhMwbMe_NJwceBGxES864YgX-dC2iSmMUq0dQq_NBlVUAw9ZUzfg9VKAId7asnO HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIwclJ5UAepzPLySrfy3rwAABx0AAAIB&google_push=AQvitUJYYqRbgqtZ-koj--uPZGpZysRz0Q0H4mhMwbMe_NJwceBGxES864YgX-dC2iSmMUq0dQq_NBlVUAw9ZUzfg9VKAId7asnO&google_gid=CAESECQo-8DkS7RsAJdyaivJt40&google_cver=1

Request Chain 132

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB0keQK9zmv_ZwJlZIFKi2o&google_cver=1&google_push=AQvitULuisN93W609lJIqUknhWyUeUF7OnPILGGdtU6sGUEqnZYSSZfd166b8c-1N0pVvsTITL-IsxFSZWX9OTgjaHXTkwgHSwnNOQ HTTP 301
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULuisN93W609lJIqUknhWyUeUF7OnPILGGdtU6sGUEqnZYSSZfd166b8c-1N0pVvsTITL-IsxFSZWX9OTgjaHXTkwgHSwnNOQ&google_hm=

144 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request download-Brawl-Stars-on-pc.html Show response
www.memuplay.com/tr/ 67 KB
68 KB 99ms
31ms Document
text/html 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e54223f2102d19001adeeee9bf605ffc2e884ff68ff55fc1e7cb2681493c247b

Request headers

Host: www.memuplay.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Connection: Keep-Alive
Cache-Control: max-age=6684
Content-Length: 69052
Content-Type: text/html; charset=UTF-8
Accept-Ranges: bytes
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds038.sk1.c

GET
H/1.1 200
OK public.css
www.memuplay.com/home/Public/css/ 19 KB
19 KB 72ms
31ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/css/public.css
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 59517e881e08560adf129f46d72f4626f34610fcdf7b8123f21a76cb0caf6f80

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 08 Jan 2021 09:03:23 GMT
ETag: "1610096603"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds036.sk1.c
Content-Type: text/css
Cache-Control: max-age=3192
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 19292

GET
H/1.1 200
OK swiper-3.4.2.min.css
www.memuplay.com/home/Public/css/ 17 KB
18 KB 99ms
34ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/css/swiper-3.4.2.min.css
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sat, 02 Nov 2019 06:59:33 GMT
ETag: "1572677973"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds042.sk1.c
Content-Type: text/css
Cache-Control: max-age=2843
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 17759

GET
H/1.1 200
OK napps.css
www.memuplay.com/home/Public/css/ 43 KB
44 KB 99ms
34ms Stylesheet
text/css 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/css/napps.css
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 971829a5098e78718f62c001ff5571030d969319d7f6432b04bd6dfc23f00267

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Wed, 30 Dec 2020 01:49:15 GMT
ETag: "1609292955"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds029.sk1.c
Content-Type: text/css
Cache-Control: max-age=940
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 44508

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 19ms
17ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-75186244-10

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b211fbd3d9e60e25170a02c07e3b3b757e98949eca734ef96f02079a840a1d9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35850
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:50 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
47 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98c0adaacf714eabab770bb3ace8444615a1efa27b44086a96b1346c1f0bc96e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47844
x-xss-protection: 0
server: cafe
etag: 8628118129743853783
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:04:50 GMT

GET
H/1.1 200
OK com.supercell.brawlstars.icon.2021-04-20-21-31-20.png
dl.memuplay.com/new_market/img/ 12 KB
13 KB 94ms
30ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.brawlstars.icon.2021-04-20-21-31-20.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 92e3f88b7451882573c993ae1ac41c66bb718bd3a3b1d45d740bff06c5496207

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 20 Apr 2021 13:31:23 GMT
ETag: "1618925483"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds225.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12611

GET
H/1.1 200
OK com.supercell.brawlstars.sc0.2021-04-20-21-31-20.jpg
dl.memuplay.com/new_market/img/ 81 KB
82 KB 95ms
31ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.brawlstars.sc0.2021-04-20-21-31-20.jpg
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c5b09bf0023d53aa599e25b4317fa8fb6bbbbdb2335925fddb88002ef6237fb4

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 20 Apr 2021 13:31:23 GMT
ETag: "1618925483"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds012.sk1.c
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 83277

GET
H/1.1 200
OK facebook3.png
www.memuplay.com/home/Public/img/ 1 KB
2 KB 64ms
31ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/facebook3.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 5724ecc22cf4c88a6c7fa686942deb302226238a710aedf898d6217cede97cff

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 27 Nov 2020 02:53:37 GMT
ETag: "1606445617"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds221.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1503

GET
H/1.1 200
OK twitter3.png
www.memuplay.com/home/Public/img/ 3 KB
3 KB 65ms
32ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/twitter3.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a62e4e3a56af248e4cf7c7171d84b770a1574bf38d3903facbbbab13926870b5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sat, 02 Nov 2019 06:59:33 GMT
ETag: "1572677973"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds069.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2937

GET
H/1.1 200
OK youtube.png
www.memuplay.com/home/Public/img/ 1 KB
2 KB 70ms
35ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/youtube.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: bcb19924877ee0223dca75af549d354d1db0798ba8f3a4ebe296a7859d6b86c0

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 27 Nov 2020 02:53:37 GMT
ETag: "1606445617"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds022.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1231

GET
H/1.1 200
OK com.supercell.brawlstars.sc1.2021-04-20-21-31-20.jpg
dl.memuplay.com/new_market/img/ 71 KB
71 KB 106ms
36ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.brawlstars.sc1.2021-04-20-21-31-20.jpg
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 78c10c792fabd916e2ade8794bb1096d39f866efb5cbdfd4113cdb535d722467

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 20 Apr 2021 13:31:24 GMT
ETag: "1618925484"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds049.sk1.c
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 72541

GET
H/1.1 200
OK com.supercell.brawlstars.sc2.2021-04-20-21-31-20.jpg
dl.memuplay.com/new_market/img/ 81 KB
81 KB 101ms
37ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.brawlstars.sc2.2021-04-20-21-31-20.jpg
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 162a85b982f0b655889e8bd96fda4952406c4e7fc46e7d6b74e063e740b4b4c6

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 20 Apr 2021 13:31:25 GMT
ETag: "1618925485"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds208.sk1.c
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 82790

GET
H/1.1 200
OK com.supercell.brawlstars.sc3.2021-04-20-21-31-20.jpg
dl.memuplay.com/new_market/img/ 90 KB
90 KB 108ms
32ms Image
image/jpeg 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.brawlstars.sc3.2021-04-20-21-31-20.jpg
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 818ecd6e0c14f3f28f23ae64ea9803c2c393783b41e80ae03ace477b6fbb5517

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 20 Apr 2021 13:31:26 GMT
ETag: "1618925486"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds001.sk1.c
Content-Type: image/jpeg
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 92216

GET
H/1.1 200
OK jquery-1.11.0.min.js Show response
www.memuplay.com/home/Public/js/libs/ 94 KB
94 KB 32ms
32ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/js/libs/jquery-1.11.0.min.js
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sat, 02 Nov 2019 06:59:33 GMT
ETag: "1572677973"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds018.sk1.c
Content-Type: application/javascript
Cache-Control: max-age=566
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 96380

GET
H/1.1 200
OK jquery.lazyload.js Show response
www.memuplay.com/home/Public/js/libs/ 6 KB
6 KB 34ms
32ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/js/libs/jquery.lazyload.js
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c02be89b2ec96232ab4f8abb022f03e4613a6676d245b0be38bb357835a95b67

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sat, 02 Nov 2019 06:59:33 GMT
ETag: "1572677973"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds041.sk1.c
Content-Type: application/javascript
Cache-Control: max-age=1134
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5649

GET
H/1.1 200
OK swiper-3.4.2.jquery.min.js Show response
www.memuplay.com/home/Public/js/libs/ 85 KB
85 KB 33ms
31ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/js/libs/swiper-3.4.2.jquery.min.js
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 3e5eb7885cd58a769515cdd0aab42fab70e2985d5f78fe96a9e926e634da6d7a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sat, 02 Nov 2019 06:59:33 GMT
ETag: "1572677973"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds050.sk1.c
Content-Type: application/javascript
Cache-Control: max-age=304
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 86923

GET
H/1.1 200
OK public.js Show response
www.memuplay.com/home/Public/js/ 3 KB
3 KB 32ms
30ms Script
application/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://www.memuplay.com/home/Public/js/public.js
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 8d0b7961aa9f703d352bf481f9bc493aa889faaefde5f4b2977e7106a7baa073

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 23 Jul 2020 09:34:06 GMT
ETag: "1595496846"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds216.sk1.c
Content-Type: application/javascript
Cache-Control: max-age=1817
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2951

GET
H/1.1 200
OK xiazai-d.png
www.memuplay.com/home/Public/img/ 3 KB
4 KB 49ms
31ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/xiazai-d.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/home/Public/css/public.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 5a526105acda1cc5cb1ae0f10acfea913a9c8d28b606b3ea2109b5438e56e95d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/home/Public/css/public.css
Connection: keep-alive
Referer: https://www.memuplay.com/home/Public/css/public.css
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Mon, 23 Mar 2020 21:54:27 GMT
ETag: "1585000467"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds025.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3477

GET
H/1.1 200
OK icons3.png
www.memuplay.com/home/Public/img/ 33 KB
34 KB 48ms
30ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/icons3.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/home/Public/css/public.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 296d1ac12faef047d5603bf15c90e3a5a1bd6c66ebfabda4310f4b6540148ddb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/home/Public/css/public.css
Connection: keep-alive
Referer: https://www.memuplay.com/home/Public/css/public.css
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 29 Sep 2020 05:58:13 GMT
ETag: "1601359093"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds206.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 34151

GET
H2

200

Memu-Installer.exe
d1dsppboztgfdt.cloudfront.net/files/hu54ulqgjg/34.1170/ Frame EC45
Redirect Chain

https://www.memuplay.com/download-en.php?file_name=Memu-Setup&from=app_details_tr_Brawl_Stars
https://d1dsppboztgfdt.cloudfront.net/files/hu54ulqgjg/34.1170/Memu-Installer.exe

0
0

280ms
278ms

Document
application/octet-stream

2600:9000:211e:c000:5:1aa6:b840:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1dsppboztgfdt.cloudfront.net/files/hu54ulqgjg/34.1170/Memu-Installer.exe
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:c000:5:1aa6:b840:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: d1dsppboztgfdt.cloudfront.net
:scheme: https
:path: /files/hu54ulqgjg/34.1170/Memu-Installer.exe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

content-type: application/octet-stream
content-length: 704064
access-control-allow-origin: *
cache-control: private, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-disposition: attachment; filename="Memu-Installer_v2.78.45.070.81.exe"; filename*=UTF-8''Memu-Installer_v2.78.45.070.81.exe
content-transfer-encoding: binary
date: Fri, 30 Apr 2021 15:04:52 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
pragma: public
x-cache: Miss from cloudfront
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 9f3oK8aXpmQD7VXF1KT5NJ2KdEjwyMUnr7TF9hryuYWPDp-Awfq1jw==
age: 0

Redirect headers

Date: Fri, 30 Apr 2021 15:04:52 GMT
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=utf-8
Server: nginx/1.10.3 (Ubuntu)
Location: https://d1dsppboztgfdt.cloudfront.net/files/hu54ulqgjg/34.1170/Memu-Installer.exe
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds227.sk1.sc,1619795092.cds227.sk1.p

GET
H/1.1 200
OK downloadBg.png
www.memuplay.com/home/Public/img/ 699 B
1 KB 39ms
37ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/downloadBg.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e584422a48b23d34c7e84ef1b5c4482a9c938ecd950b0bd0aaf751a1c93909da

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 13 Feb 2020 12:27:21 GMT
ETag: "1581596841"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds204.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 699

GET
H/1.1 200
OK icons.png
www.memuplay.com/home/Public/img/ 13 KB
13 KB 39ms
34ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/icons.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: c71f4a5f63dd40dcc21e8fcf88eb71f0603031b80c4619b1909bf30cb135c540

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 13 Feb 2020 09:58:57 GMT
ETag: "1581587937"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds023.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 13047

GET
H/1.1 200
OK nusernote5.png
www.memuplay.com/home/Public/img/ 2 KB
2 KB 45ms
33ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/nusernote5.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/home/Public/css/napps.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 60c9ba57c71d89711c13b200284a0ed3f39b26eca62c73564a5b16babb0f0e96

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/home/Public/css/napps.css
Connection: keep-alive
Referer: https://www.memuplay.com/home/Public/css/napps.css
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 27 Mar 2020 11:59:41 GMT
ETag: "1585310381"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds224.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2191

GET
H2 200 lPiXRSRff9g Show response
www.youtube.com/embed/ Frame 8C18 27 KB
9 KB 50ms
49ms Document
text/html 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/lPiXRSRff9g

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2d383e9d1f640d5702e8103b899f5cef9deb84ef21bef9ab0ffad9162885c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/lPiXRSRff9g
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 30 Apr 2021 15:04:50 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=AuRz7JSjoMQ; Domain=.youtube.com; Path=/; Secure; HttpOnly VISITOR_INFO1_LIVE=oBFfOjFKCJc; Domain=.youtube.com; Expires=Wed, 27-Oct-2021 15:04:50 GMT; Path=/; Secure; HttpOnly CONSENT=PENDING+211; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/ 248 KB
89 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama.js?client=ca-pub-4201334306964693&plah=www.memuplay.com&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97a17f5f78c4b25f640a9ca3ff4f88e678a07a0865a62dd4584b63f227071f6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90886
x-xss-protection: 0
server: cafe
etag: 5066256339181730912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 30 Apr 2021 15:04:50 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/ Frame 7365 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210428/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210428/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Apr 2021 01:20:46 GMT
expires: Fri, 14 May 2021 01:20:46 GMT
content-type: text/html; charset=UTF-8
etag: 10446291943670460780
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4644
x-xss-protection: 0
age: 49444
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK nusernote1.png
www.memuplay.com/home/Public/img/ 3 KB
3 KB 34ms
34ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/nusernote1.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a738258143155bca88ac66123b36a5efe7cfb42723a0c0e6c5f09d2bc577c131

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 02 Apr 2020 10:51:49 GMT
ETag: "1585824709"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds204.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2753

GET
H/1.1 200
OK nusernote2.png
www.memuplay.com/home/Public/img/ 8 KB
8 KB 34ms
33ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/nusernote2.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: f7e2725c8ab071f33f6abbb2142b305f99840813b6f3c7cc22d08922b6e18c37

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 02 Apr 2020 10:52:45 GMT
ETag: "1585824765"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds201.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8105

GET
H/1.1 200
OK nusernote3.png
www.memuplay.com/home/Public/img/ 4 KB
4 KB 42ms
41ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/nusernote3.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: a4f64af8cf9eb47610a44919b9270a6cf66037544703936068594f52146a875b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 27 Mar 2020 11:59:41 GMT
ETag: "1585310381"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds212.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3830

GET
H/1.1 200
OK nusernote6.png
www.memuplay.com/home/Public/img/ 4 KB
5 KB 43ms
41ms Image
image/png 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.memuplay.com/home/Public/img/nusernote6.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 1d7cccc0693cc3f3ef3d3c587256f44ebf6f6dffff796c8f96629b3c5906eac7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.memuplay.com
Accept-Language: en-US
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Connection: keep-alive
Referer: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Wed, 22 Apr 2020 06:47:45 GMT
ETag: "1587538065"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds202.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4420

GET
H/1.1 200
OK com.supercell.clashofclans.icon.2021-04-28-21-34-51.png
dl.memuplay.com/new_market/img/ 59 KB
59 KB 50ms
47ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.clashofclans.icon.2021-04-28-21-34-51.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 16d7e9946dda694174092676224f545a69c29c8509c39d338caf21238a5d439f

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Wed, 28 Apr 2021 13:35:06 GMT
ETag: "1619616906"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds020.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 60364

GET
H/1.1 200
OK com.supercell.clashroyale.icon.2021-04-29-11-59-20.png
dl.memuplay.com/new_market/img/ 19 KB
19 KB 49ms
47ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.clashroyale.icon.2021-04-29-11-59-20.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 78fb018fecd8929141af968eb315c7c29eb03b26d638418fdf9e0e238b576bc2

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 29 Apr 2021 03:59:21 GMT
ETag: "1619668761"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds069.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 19379

GET
H/1.1 200
OK com.supercell.clashquest.icon.2021-04-08-20-36-02.png
dl.memuplay.com/new_market/img/ 49 KB
49 KB 53ms
49ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.supercell.clashquest.icon.2021-04-08-20-36-02.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: ee4b0387dd65f67faa0662f32dc374ea119614f83b468e6b75affcf1239a05cb

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 08 Apr 2021 12:36:08 GMT
ETag: "1617885368"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds017.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 49702

GET
H/1.1 200
OK com.tencent.iglite.icon.2021-04-13-21-37-29.png
dl.memuplay.com/new_market/img/ 59 KB
59 KB 52ms
49ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.tencent.iglite.icon.2021-04-13-21-37-29.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 9bfa3072400b4e13e500853cd56f75db48e47550dca444d797ef622d2edc2313

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Tue, 13 Apr 2021 13:37:51 GMT
ETag: "1618321071"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds017.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 60511

GET
H/1.1 200
OK com.tencent.ig.icon.2021-03-10-09-36-54.png
dl.memuplay.com/new_market/img/ 59 KB
59 KB 51ms
48ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.tencent.ig.icon.2021-03-10-09-36-54.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: aceb417736ce2ec780b30cb62cade34db275bc6cbb8a4af73fb305e970c4e9b1

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Wed, 10 Mar 2021 01:36:55 GMT
ETag: "1615340215"
X-HW: 1619795090.dop212.sk1.shc,1619795090.dop212.sk1.t,1619795090.cds046.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 59943

GET
H/1.1 200
OK com.innersloth.spacemafia.icon.2021-04-03-09-29-42.png
dl.memuplay.com/new_market/img/ 11 KB
11 KB 89ms
32ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.innersloth.spacemafia.icon.2021-04-03-09-29-42.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: cbdcd704fb3dde1c229e9f461d90b554806060cd05a6fd91690a705b5777de4e

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sat, 03 Apr 2021 01:30:01 GMT
ETag: "1617413401"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds028.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 10948

GET
H/1.1 200
OK com.mobile.legends.icon.2021-04-16-09-31-01.png
dl.memuplay.com/new_market/img/ 76 KB
77 KB 43ms
40ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.mobile.legends.icon.2021-04-16-09-31-01.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7ea4afa96c5e64b98867028582a7e8e64346505da8b39c8ea352d0c50df5e70a

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 16 Apr 2021 01:31:08 GMT
ETag: "1618536668"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds024.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 78267

GET
H/1.1 200
OK com.masomo.headball2.icon.2021-04-29-21-34-10.png
dl.memuplay.com/new_market/img/ 64 KB
64 KB 42ms
39ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.masomo.headball2.icon.2021-04-29-21-34-10.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 53a71abbdc01a24adc568a294f2611da4d30add7711959acf28b29fb3700b024

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 29 Apr 2021 13:34:30 GMT
ETag: "1619703270"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds001.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 65568

GET
H/1.1 200
OK com.axlebolt.standoff2.icon.2021-04-25-21-42-25.png
dl.memuplay.com/new_market/img/ 15 KB
16 KB 41ms
39ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.axlebolt.standoff2.icon.2021-04-25-21-42-25.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: e76ff426982cb1a2971dbdaf622c8e7d02f77ab59c77d37f1ce79e18a90f9b4a

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Sun, 25 Apr 2021 13:42:56 GMT
ETag: "1619358176"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds072.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15577

GET
H/1.1 200
OK com.zakg.scaryteacher.hellgame.icon.2021-03-11-17-21-58.png
dl.memuplay.com/new_market/img/ 44 KB
44 KB 46ms
34ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.zakg.scaryteacher.hellgame.icon.2021-03-11-17-21-58.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 448c45d380e39b33cdfdb0ced777a4712106b9fdf9259592e04d8bdf17acd9cf

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Thu, 11 Mar 2021 09:21:59 GMT
ETag: "1615454519"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds231.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 44965

GET
H/1.1 200
OK com.dts.freefireth.icon.2021-04-14-21-33-59.png
dl.memuplay.com/new_market/img/ 77 KB
78 KB 49ms
30ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.dts.freefireth.icon.2021-04-14-21-33-59.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 40624df25c2ada995ded8210f8da9c23f20d6231d1fb2f8e1f0ff031e69c8067

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Wed, 14 Apr 2021 13:34:00 GMT
ETag: "1618407240"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds072.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 79124

GET
H/1.1 200
OK com.qjzjzd.an.en4399.icon.2021-04-09-21-33-18.png
dl.memuplay.com/new_market/img/ 80 KB
80 KB 51ms
33ms Image
image/png 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.memuplay.com/new_market/img/com.qjzjzd.an.en4399.icon.2021-04-09-21-33-18.png
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 81f906245e8f00f969804bf51c3e66496eacc02120b4c95cc1a4c56f940a7e7c

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:50 GMT
Last-Modified: Fri, 09 Apr 2021 13:33:24 GMT
ETag: "1617975204"
X-HW: 1619795090.dop204.sk1.shc,1619795090.dop204.sk1.t,1619795090.cds216.sk1.c
Content-Type: image/png
Cache-Control: max-age=86400
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 81684

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-75186244-10

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5695
date: Fri, 30 Apr 2021 13:29:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 30 Apr 2021 15:29:55 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 202 B
257 B 93ms
93ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.memuplay.com&callback=_gfp_s_&client=ca-pub-4201334306964693

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210428/r20190131/show_ads_impl_with_ama.js?client=ca-pub-4201334306964693&plah=www.memuplay.com&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

4ac1460fa891eca9d83159de667802193c5db0a2cfd2196ce84414bd4dd59a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 23ms
20ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.memuplay.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 24ms
20ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.memuplay.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&tn=DIV&cls=nav-con%20not-first%20light&ign=false

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2461 54 B
56 B 104ms
101ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&adk=1812271804&adf=3025194257&lmt=1619795090&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090516&bpp=35&bdt=479&idt=366&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2095913704416&frm=20&pv=2&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=439

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4201334306964693&output=html&adk=1812271804&adf=3025194257&lmt=1619795090&plat=1%3A32776%2C2%3A16809992%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090516&bpp=35&bdt=479&idt=366&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2095913704416&frm=20&pv=2&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&dtd=439
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 15:04:51 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Apr-2021 15:19:50 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 15:04:51 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631702402874"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:50 GMT

GET
H3-29 200 www-player.css
www.youtube.com/s/player/901932ee/ Frame 8C18 358 KB
53 KB 13ms
10ms Stylesheet
text/css 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/901932ee/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lPiXRSRff9g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04f9ca8648a6038fcebd6bab226662dc2799a746f5fd62c46a1e6d158156c8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lPiXRSRff9g
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 14:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 00:22:39 GMT
server: sffe
age: 87334
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53832
x-xss-protection: 0
expires: Fri, 29 Apr 2022 14:49:16 GMT

GET
H3-29 200 www-embed-player.js Show response
www.youtube.com/s/player/901932ee/www-embed-player.vflset/ Frame 8C18 188 KB
66 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/901932ee/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lPiXRSRff9g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe55c799ed546766e3f0a15d716eb94d68939f03fecc2661522a994cc16978f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lPiXRSRff9g
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 14:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 00:22:39 GMT
server: sffe
age: 87490
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67928
x-xss-protection: 0
expires: Fri, 29 Apr 2022 14:46:40 GMT

GET
H3-29 200 base.js Show response
www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/ Frame 8C18 2 MB
522 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lPiXRSRff9g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb29383fbbf48af577987123a1b47ef9318c3b99650a3d9b89774d0b37ff1c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lPiXRSRff9g
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 10:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 00:22:39 GMT
server: sffe
age: 17483
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 534579
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:27 GMT

GET
H3-29 200 fetch-polyfill.js Show response
www.youtube.com/s/player/901932ee/fetch-polyfill.vflset/ Frame 8C18 8 KB
3 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/901932ee/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lPiXRSRff9g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lPiXRSRff9g
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 14:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 00:22:39 GMT
server: sffe
age: 87490
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3027
x-xss-protection: 0
expires: Fri, 29 Apr 2022 14:46:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxM.woff
fonts.gstatic.com/s/roboto/v18/ Frame 8C18 19 KB
19 KB 9ms
7ms Font
font/woff 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxM.woff

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lPiXRSRff9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 10:13:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:56 GMT
server: sffe
age: 17482
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19824
x-xss-protection: 0
expires: Sat, 30 Apr 2022 10:13:28 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E07B 58 KB
20 KB 728ms
726ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d5d03cddbe709b311c8ca8d1af5c479c0ac9ea9e07ca0c7efbaa99e22461ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 15:04:51 GMT
server: cafe
content-length: 19981
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Apr-2021 15:19:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 15:04:51 GMT
cache-control: private

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
23 B 18ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=343458024&t=pageview&_s=1&dl=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ul=en-us&de=UTF-8&dt=MEmu%20ile%20PC%27de%20Brawl%20Stars%20indirin&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1515939274&gjid=360594553&cid=112099067.1619795091&tid=UA-75186244-10&_gid=2070438426.1619795091&_r=1&gtm=2ou4l3&z=1168187558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.memuplay.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A764 59 KB
21 KB 696ms
695ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46deee22aa2e3e3ab2e17731d9fb0794274aac2a957fd092018ba54f749f6b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 15:04:51 GMT
server: cafe
content-length: 21232
x-xss-protection: 0
set-cookie: IDE=AHWqTUkZhDXicWnZ73l-jyore5Eur-OWyIO3TInVeUYEi_MS-RyXOG615Qznj1tywYY; expires=Wed, 25-May-2022 15:04:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 15:04:51 GMT
cache-control: private

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.memuplay.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 33ms
14ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.memuplay.com

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E69 16 KB
9 KB 740ms
739ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fef163f2f4cd8a915963124f5930deda62fab88b8b1f4ea98a7ef52c3ffd47a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 30 Apr 2021 15:04:52 GMT
server: cafe
content-length: 9162
x-xss-protection: 0
set-cookie: IDE=AHWqTUlAIfaz-CLFzQEqNhVdaaT2TmNk-u7hxQ32xym-DkrBoDDB8B4scjR0MPo8Mno; expires=Wed, 25-May-2022 15:04:51 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 15:04:52 GMT
cache-control: private

GET
H3-29 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame 8C18 113 B
161 B 16ms
16ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/901932ee/www-embed-player.vflset/www-embed-player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

335f35a5da7c9bd626304d6c0341619aabccfd409ff2b2c50a92dcc62b66c4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 8C18 29 B
90 B 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/901932ee/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:03:11 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 100
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:18:11 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/ Frame 8C18 97 KB
32 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2a795dee0936729f60808f865befd924f63fe1278d44d5e29b8f34f1e9004c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lPiXRSRff9g
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 14:54:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 00:22:39 GMT
server: sffe
age: 87016
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32900
x-xss-protection: 0
expires: Fri, 29 Apr 2022 14:54:35 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/ Frame 8C18 24 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fae518af313153041754e41d6f946d10744be832f6ae01f0efee0f03079d2a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/lPiXRSRff9g
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 14:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 00:22:39 GMT
server: sffe
age: 86980
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7793
x-xss-protection: 0
expires: Fri, 29 Apr 2022 14:55:11 GMT

GET
DATA 200
OK truncated
/ Frame 8C18 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Content-Type: image/png

GET
H2 404 hqdefault.jpg
i1.ytimg.com/vi/lPiXRSRff9g/ Frame 8C18 1 KB
1 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/lPiXRSRff9g/hqdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/lPiXRSRff9g

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:51 GMT
x-content-type-options: nosniff
server: sffe
vary: Origin
content-type: image/jpeg
cache-control: public, max-age=30
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1097
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:05:21 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 8C18 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:51 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E07B 451 B
363 B 26ms
21ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0da50f78231a135a4bd11dbd7d4d6f24cdaa0ef1393447a38f5c79da2867a34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:51 GMT

GET
H2 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame E07B 2 KB
1 KB 12ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bc3d695c45fc0a4d3bfc67fe64f3be04b08307d5f8ec6eba1a9b54581be178b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 14:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 919
x-xss-protection: 0
server: cafe
etag: 13171116582022050760
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 14:17:16 GMT

GET
H3-29 200 icon.png
googleads.g.doubleclick.net/pagead/images/abg/ Frame E07B 344 B
368 B 20ms
19ms Image
image/png 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/abg/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 15:07:49 GMT
x-content-type-options: nosniff
server: cafe
age: 86222
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:07:49 GMT

GET
H3-29 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame E07B 22 KB
8 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 14:46:22 GMT

GET
H3-29 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame E07B 2 KB
1 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1186
x-xss-protection: 0
server: cafe
etag: 6564122956844895608
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:03:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E07B 116 KB
35 KB 42ms
15ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:51 GMT

GET
H3-29 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame E07B 15 KB
6 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

653d929953aacff5ceade3eecaa393808a7ab086e8f87712fc4a5d4c0f9f178c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6466
x-xss-protection: 0
server: cafe
etag: 3684863267384468287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:02:53 GMT

GET
H3-29 200 9e4de17b07f2bb721461915d5452e5bf.js Show response
www.gstatic.com/mysidia/ Frame E07B 33 KB
13 KB 36ms
7ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e4de17b07f2bb721461915d5452e5bf.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9285255a80c21fa0dc175c1870645bc55d4ca110ec3bf4e4ee9ab913afc53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 08:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 109937
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13026
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:32:34 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame E07B 0
0 56ms
23ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CluP6kxyMYJKuApq1gQf29a_gBL6jisBixbD_xsgNloLNhYgWEAEglcGbRWCViriCyAegAe_g2roByAEBqQJQ8OCtvkm0PqgDAcgDywSqBO8BT9CpR2ZzLWoBG6V6Essdgy3E3mwtKTdL0j6pUFaMa0Sh7rKN5iOXe_5CLUWLA3W_Y_lGe9aDJx2eiyFICS1g7W_xtp-DmGkkozaBL8ePqtyikNWhnFirehFmpBnhVqUBgcy1VzJnbb5Cjc5gsNmE1W5hqskAzxaKUzxsCABPuqL2DFUEiRyA10giQLWNvw17x60p_pLCFNJx8TEfWga7YRQAhqTLjbYWfrQ5OrLRwB0oY63JmVLI3MgTLTf5iDm1lQdxkRrda3ofbUQxnk86y9_0aDTAEnD2J9Jt_7ap2VX_SkoU2xMexrYkiRura-fABIvgyabDA5IFBAgEGAGSBQQIBRgEgAf5nqXFAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDWpQnSCAkIgOGAEBABGB-ACgHICwHYEw2IFAGyFxoKGAgAEhRwdWItNDIwMTMzNDMwNjk2NDY5Mw&sigh=BVR_YNbJEps

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 30 Apr 2021 15:04:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B99D 143 B
163 B 13ms
7ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkZhDXicWnZ73l-jyore5Eur-OWyIO3TInVeUYEi_MS-RyXOG615Qznj1tywYY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=90&slotname=2454828016&adk=3699759644&adf=2725398064&pi=t.ma~as.2454828016&w=940&fwrn=4&fwrnh=100&lmt=1619795090&rafmt=2&psa=0&format=940x90&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090552&bpp=17&bdt=515&idt=426&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=90&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=462

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Apr 2021 14:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 476
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff
fonts.gstatic.com/s/googlesans/v27/ Frame E07B 26 KB
26 KB 20ms
16ms Font
font/woff 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4070911a1bb9cc52c4e4cd5e85ca186dcde89308a0517a8faa4715c2e0a9d45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 03:57:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 40060
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26464
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:12 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owpg.woff
fonts.gstatic.com/s/googlesans/v27/ Frame E07B 26 KB
26 KB 16ms
13ms Font
font/woff 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owpg.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce48d9e9d748ad4686094d3cc33f5ae1e272a5b618f5c6d146c4d12ef02e4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Tue, 27 Apr 2021 08:46:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 281915
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26228
x-xss-protection: 0
expires: Wed, 27 Apr 2022 08:46:17 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame A764 451 B
263 B 26ms
20ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0da50f78231a135a4bd11dbd7d4d6f24cdaa0ef1393447a38f5c79da2867a34c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:52 GMT

GET
H3-29 200 bgl.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame A764 5 KB
2 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/bgl.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d882a889b3e70586ae22bb8b70cb1f74592b952be9cf5caa2c4c8d1f0ce28f25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 22:57:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2462
x-xss-protection: 0
server: cafe
etag: 5076081580678933940
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 13 May 2021 22:57:05 GMT

GET
H3-29 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame A764 2 KB
946 B 22ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bc3d695c45fc0a4d3bfc67fe64f3be04b08307d5f8ec6eba1a9b54581be178b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 14:17:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2856
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 919
x-xss-protection: 0
server: cafe
etag: 13171116582022050760
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 14:17:16 GMT

GET
H3-29 200 icon.png
googleads.g.doubleclick.net/pagead/images/abg/ Frame A764 344 B
368 B 21ms
14ms Image
image/png 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/abg/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 15:07:49 GMT
x-content-type-options: nosniff
server: cafe
age: 86223
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:07:49 GMT

GET
H3-29 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame A764 22 KB
8 KB 25ms
10ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 14:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1110
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 14:46:22 GMT

GET
H3-29 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame A764 2 KB
1 KB 18ms
12ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1186
x-xss-protection: 0
server: cafe
etag: 6564122956844895608
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:03:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A764 116 KB
35 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:52 GMT

GET
H3-29 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame A764 15 KB
6 KB 16ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

653d929953aacff5ceade3eecaa393808a7ab086e8f87712fc4a5d4c0f9f178c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6466
x-xss-protection: 0
server: cafe
etag: 3684863267384468287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:02:53 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame A764 0
0 22ms
18ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbL7RD_v5xaimzeNcpAGPf5d8ZMYgJAferxjpvoAHX4DbxOW3WqxCsVtZub2En6-oenAmd5dazSKHasUdPir9aZJMzpQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

GET
H3-29 200 9e4de17b07f2bb721461915d5452e5bf.js Show response
www.gstatic.com/mysidia/ Frame A764 33 KB
13 KB 19ms
15ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9e4de17b07f2bb721461915d5452e5bf.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9285255a80c21fa0dc175c1870645bc55d4ca110ec3bf4e4ee9ab913afc53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Thu, 29 Apr 2021 08:32:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 21:04:36 GMT
server: sffe
age: 109938
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13026
x-xss-protection: 0
expires: Wed, 28 Jul 2021 08:32:34 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9E69 42 B
63 B 43ms
42ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-An93oPCNKP2kq-EMJ3ayGQUCOGdKeNHe5BLnH-CmyI_aSh-mRHK2fJr57nPQCOTLueFj_8JdSWtv-MbgWWZX80LOSXJFXAwmm_4Y9zd0y3dg-wv2M

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9E69 2 KB
1 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/window_focus.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:03:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1186
x-xss-protection: 0
server: cafe
etag: 6564122956844895608
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:03:25 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E69 116 KB
35 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619631691980669"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36080
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:52 GMT

GET
H3-29 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/ Frame 9E69 15 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210428/r20110914/client/qs_click_protection.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

653d929953aacff5ceade3eecaa393808a7ab086e8f87712fc4a5d4c0f9f178c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:02:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6466
x-xss-protection: 0
server: cafe
etag: 3684863267384468287
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:02:53 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9E69 0
0 41ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTLvHL-lQJRGdai2GqV-p0nuCVXJHBCb97O4UezdvMgHLTr8fAEV1XT7Kvx3P1MJ3LZnCHo0AXDLK690lONB8M6PyzxLg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8D00 478 B
251 B 35ms
20ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhj5xcueATAB&v=APEucNUKc8v6wBOmamHPMRvbptZf3CTravC2Lcy3jUOmdLLubt7MeOENlSHYjROJV4gckAdC_Nyr7QzYE9lCliYwEYSFxLt5pAXyTGn38zK4pLnLu1YNSaqm0EN4NXzAga1RJZeFHFguaMk3Ww_MC-unamYjYo3P-JqLMq1VJTFvkukLLJqImhcaa14C5Nd3HErX6_LcV5MVwYIjRW8OVMjjkCki0UJUvg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfwggIQpb6JAhj5xcueATAB&v=APEucNUKc8v6wBOmamHPMRvbptZf3CTravC2Lcy3jUOmdLLubt7MeOENlSHYjROJV4gckAdC_Nyr7QzYE9lCliYwEYSFxLt5pAXyTGn38zK4pLnLu1YNSaqm0EN4NXzAga1RJZeFHFguaMk3Ww_MC-unamYjYo3P-JqLMq1VJTFvkukLLJqImhcaa14C5Nd3HErX6_LcV5MVwYIjRW8OVMjjkCki0UJUvg
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlAIfaz-CLFzQEqNhVdaaT2TmNk-u7hxQ32xym-DkrBoDDB8B4scjR0MPo8Mno
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Apr 2021 15:04:52 GMT
server: cafe
cache-control: private
content-length: 230
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9E69 39 KB
18 KB 56ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B69y2Hzv-SIeNZM5_WN0HsWINkiklZh7Yqn_38Nfbo-oHZO126S-pG5SWoXKFRNQHv91CX3jJua5G-wna9FB3_2aBiTS0L0eVOh8iXLIfx7e3GwbCbrDl7-fvkkAORrHnFfMNc106qATUP2Q-akOvyc4PcUw&dbm_d=AKAmf-AbsKQi16lfU8J1o1lI-ioCDi5JuMU65AXLW0DDqHcuuKj0YDu21oidO3BEBv-bcTBagvnqi3XwIR6Bdv2vh1Y8gCQEiglOxG3ag9IlEAJ9sNGJERrDxTIn-z7TCvsf4quh-8X1_aQdX9Q4pWbPTrFjjc1fRk5FXGEYYkaJOeOYp2ttwzrJh3CcgqwErORuCLa-5T3iOfs1agZjBdOFgUGvyCgVHuVX7jha3_Vss_e7YXcz6uq8Kw7Z7TvpJ9PBeM3J-ac_dgvtR2t6HM2cCT3XszSdZrOjovAkBnfQdSObUUD9Dj2WIzL_WBe92NFnfDh5pleg86oQvOgUOR6okjDzYS8p_u1YtM_B2wxpw8kRqun5UpoTDk8zL810ZWsIMPXBMHA8jQc5gz4SeG_kGcvTZZ9aOcoMHfclQaHEaeKVahxJRUeE300l5zI4DCy69qJ6ON8bmXII0Ww-MKjG_nL87ae0fMdTerR66E2-59i9PUwcTtXceEdT4uoR6O0EvJoH3euGV_t7JRZ-9PSSGaC6emCT701pPzZ0uDjvCkJ0kvyod8maavu6rgCyPdPN0kb0CHPRhN9aZ7IolirGZDsfH9b_xBp7zm2570kuvz2qmJYZVpqqLat9t3DoxN6aZBN64zNqWWWXuGLgNPEPTUEE51zg-ra-icBRUmoAFPLrFbeH7ZNtuygu6cKpNsvoE2vl02LnZvGpeGbs-SQDGoGS6obRE6kRxetKWWw_uw4WhvVe7jjjzcDhXQofPIv8q-epJudEb66zji596k5kd15hYDXKRFPqH9sJ_U9tGhiN99sUYmZ7yGZoBiw0Owftvci-CgAhCgZ7z0Viie-akHmyUZjC0LjmHNq9RDPFxkYV0qZgBilLSlmNOcHSZp7P5mzGtrciJdZvsss1htd_rid5Qqgcn5fn3xbmx5O00DSkg58jaaj_-6VQ2rxH0ZU368Hjah5m4pLxAt496hbjR6weyGA5RmGfGJneahi27eeyie6leUPqInDf5xxQetoVGTgwM_TnnKHhS-Xx4iw4KX-4zCmGMDWsR5pW9L2kJvTuqOeHpzQ5jQO6Uo65v-fcGqWKfGuXZYsm-PqWrWQ8sP3lyS65XxvqtOSQIIwHgeofgw6pIYPiP5Az9HPF7yHxZMbteoqPNStQ1m0f4lRp2OJw5uYoVaur64h1dL3E53_sdUY3yi7F6GUZxJOtNrFvxi2KBG7KUsOHxCml559kwwNtbW5G9hscy_Q-6xI2tX8J60X57UiG1nlAhYUt_6l2eQnoGCyZK3buhab5C0Wi3rAYgiXVVqtfGLt9z9QYKmwaOkZj8imq5_3XAONmt9Yt_QvUHzCnZOKq0hCM2flw-Gi8BQDWdscSgmbPselSADOSdPCJ871IwUM1NDU7jNO48jHx0uXKAlqvdj4_yuyLTwA3wArQJdRylRR_-UFoBOGZlWVjJJQtF_quBJ_lTeU_pX4QxdfMg8Oa-kLNoFSyL04y5zEELDsenmxYaeATwrvLbS2WbVrcNtL-snn7MgIIMP8dejV1tkYwamSH4CyEAEWQqjMblKN97b8JXWmuIBJmFPRZT-JaFsFw8ZlAnOst39GC8UZMJFpTxuJibwlkZaAYRi4HuP8P_qDIvIJOHUChE4jRqvEez10y8oCzVmVmSiDNWXJb7ZyX5xiV0LOdn6xbBtc7ffr5bqv9l3_t_e3DXdCVlB5nI3VjDtvwt7SkRINf3UiYQw2Yb_AdSxbzEZw3bHJP6YpHo6I6OEpnhm0w9JUxfYm1Xrtle9hbEvubgwZhGCjX_kMYQSA2Aj45CYsOEYEcw7-FoQgsYz0FMgOclVjnjBhYCUZUhjlqkticuStxsAXW7VCMhTPFqCgBU9XoYhC9ZYhorvCEPTg_DVmlFvq_7eJSPwfoiWq82-x8d0oR9doTt1p8v4kes_6v8xp6nPYMSU4gTbFnp5RAr__-Az9uBFncgKayhHG_ZNrEmLZCS0Q66cAcCUlOWDLlsRAUQE-SzJeRxDFJpoV4ta6BXataq7rrjimhPkz1i3h3E9_AawIpmXieU0NrCqpQ1p0xLj47BIpKWfqe8joowCPM2wdZDmdvQOzrH1xQsRfhL-GKlMNP0C2AWgDWbJrPsdsjTxiKYhVWrpuPobaaTUyyRhyeio6FWN4aUvzEalCVhSLc2JBm9C1y9SbHWMTW5CJZH8HuuS8dPkSe-NCBU-qqglmTJAk7Ogz_ctTa04qZGps3XGij754qz3JYSmhDWLDo3eRtH-X-4Pt9Wa52xvKBpZYSXk7CQH5SH-xpIKXxeBy99-AxFUHumJRSSAC5g850Vw2imV46X539-b0AIThaaC0tsLiXr90v2jdGRCudY8356jw0O_m0RU9zatoMwc1SlvJgL4UhOxrxvZQdAzXP3mDrLg7fsamWQlh6B6T3awieD6oOgmRpaDZoZKJMGCJu4IJdvPd_OP_agUMVfcfdybscQ0iP8Pd-zCF8LP7yW1I0Ap2vVDnFVuqHMIX3h-EDUicAba8O0HlJ36xirV7ZlUJQ9t3TUpj0MpII8UGTrE_bMMN1oHuuEZa5o0hPtc1MkycSUdMtLRimwZ238wrsISqbJvRSgabP8gz_Bjspc2NqHGAx2Bb3ha2UnYr8D8gCKRIWPvIqD-XRCFouc-xHuTo_o3un19mlygorPrA2zdimuagTGj1ZuGX92mZDZ-oWFgkmWg_3UXkrl_lp4O-iYnAvbNCvhKLumVS4wUAAs_Gmbe_gFSRrZvos7agjwwJQTIRp7PXBAz8anlK5-9HfUJ55RRnExgFBlZPF7-c0sX9cNsNEj26ppuAHwL7ZncwY6fGEDhKCskjRtiv44DyKkZjYB1nM--Qk1IkFFhPfl7L-AyBRz8qVHlkTc4UFehUhVeYDCi_6bWcJC5eybpvXFsZY5_Be4zORFfk7lGii2lIxL_lSnVCkjJseZYuBo4OOguMp1g&cid=CAASEuRoqsIoCpBmdIkB5lwtiCGwyg&rfl=1%2Chttps%253A%252F%252Fwww.memuplay.com%252F%240

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfbf5bbeceb3914deb34cead73f53c93e715932d877774fcba843b1a75fede0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18162
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame A764 0
0 56ms
50ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqlKYkxyMYM3nDNyvx_APqf-osAy-o4rAYsWw_8bIDZaCzYWIFhABIJXBm0VglYq4gsgHoAHv4Nq6AcgBAakCUPDgrb5JtD6oAwHIA8sEqgTwAU_QArthAegMv8dh5E_HcySzW4qugolMmG6KIvc2mtdWOYHG6Yc-XosKDKIvG4wy4IwZPimIKV2qSLPMUkLYSXDj2BM5z2sZ-olhUUE_SjkLBrcaxAQ5ixzHF6bDOzn2Hx3Eg8514fZZlbBox9sqeroD9HWfuPH15zUSOIqB8FWfgLgwP_ufkUuj4BOsNeDPjqnmKfAr2ohwGupaUXeQK2D7BQqOhtVKSQchyl43fTCZeXGfYpIkKBqE9--hgB4Pf6rE-v69ZvmSYTmBDeUAOiW1e01_YudGGelPpH2B_5RgnXLqyCLMcXJv86Z4A9hfjMAEi-DJpsMDkgUECAQYAZIFBAgFGASAB_mepcUCqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcFEMiPwQTSCAkIgOGAEBABGB-ACgHICwHYEw2IFAGyFxoKGAgAEhRwdWItNDIwMTMzNDMwNjk2NDY5Mw&sigh=ZIkQHnUI8XE

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 30 Apr 2021 15:04:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B99D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
14ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlAIfaz-CLFzQEqNhVdaaT2TmNk-u7hxQ32xym-DkrBoDDB8B4scjR0MPo8Mno
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 15:04:52 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 30-Apr-2021 16:04:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 15:04:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 15:04:52 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js Show response
pagead2.googlesyndication.com/bg/ Frame 2676 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea77f736ee3c84c4acd2bca16845991a1cc04f62716e21c1d2c3a724cc9bc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Sat, 24 Apr 2021 04:09:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 557740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7906
x-xss-protection: 0
expires: Sun, 24 Apr 2022 04:09:12 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBB6 143 B
163 B 11ms
8ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlAIfaz-CLFzQEqNhVdaaT2TmNk-u7hxQ32xym-DkrBoDDB8B4scjR0MPo8Mno
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 30 Apr 2021 14:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 477
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1D45 1 KB
749 B 15ms
12ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Apr 2021 03:14:09 GMT
expires: Sat, 01 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42643
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 icon.png
googleads.g.doubleclick.net/pagead/images/abg/ Frame 9E69 344 B
368 B 14ms
13ms Image
image/png 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/abg/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B69y2Hzv-SIeNZM5_WN0HsWINkiklZh7Yqn_38Nfbo-oHZO126S-pG5SWoXKFRNQHv91CX3jJua5G-wna9FB3_2aBiTS0L0eVOh8iXLIfx7e3GwbCbrDl7-fvkkAORrHnFfMNc106qATUP2Q-akOvyc4PcUw&dbm_d=AKAmf-AbsKQi16lfU8J1o1lI-ioCDi5JuMU65AXLW0DDqHcuuKj0YDu21oidO3BEBv-bcTBagvnqi3XwIR6Bdv2vh1Y8gCQEiglOxG3ag9IlEAJ9sNGJERrDxTIn-z7TCvsf4quh-8X1_aQdX9Q4pWbPTrFjjc1fRk5FXGEYYkaJOeOYp2ttwzrJh3CcgqwErORuCLa-5T3iOfs1agZjBdOFgUGvyCgVHuVX7jha3_Vss_e7YXcz6uq8Kw7Z7TvpJ9PBeM3J-ac_dgvtR2t6HM2cCT3XszSdZrOjovAkBnfQdSObUUD9Dj2WIzL_WBe92NFnfDh5pleg86oQvOgUOR6okjDzYS8p_u1YtM_B2wxpw8kRqun5UpoTDk8zL810ZWsIMPXBMHA8jQc5gz4SeG_kGcvTZZ9aOcoMHfclQaHEaeKVahxJRUeE300l5zI4DCy69qJ6ON8bmXII0Ww-MKjG_nL87ae0fMdTerR66E2-59i9PUwcTtXceEdT4uoR6O0EvJoH3euGV_t7JRZ-9PSSGaC6emCT701pPzZ0uDjvCkJ0kvyod8maavu6rgCyPdPN0kb0CHPRhN9aZ7IolirGZDsfH9b_xBp7zm2570kuvz2qmJYZVpqqLat9t3DoxN6aZBN64zNqWWWXuGLgNPEPTUEE51zg-ra-icBRUmoAFPLrFbeH7ZNtuygu6cKpNsvoE2vl02LnZvGpeGbs-SQDGoGS6obRE6kRxetKWWw_uw4WhvVe7jjjzcDhXQofPIv8q-epJudEb66zji596k5kd15hYDXKRFPqH9sJ_U9tGhiN99sUYmZ7yGZoBiw0Owftvci-CgAhCgZ7z0Viie-akHmyUZjC0LjmHNq9RDPFxkYV0qZgBilLSlmNOcHSZp7P5mzGtrciJdZvsss1htd_rid5Qqgcn5fn3xbmx5O00DSkg58jaaj_-6VQ2rxH0ZU368Hjah5m4pLxAt496hbjR6weyGA5RmGfGJneahi27eeyie6leUPqInDf5xxQetoVGTgwM_TnnKHhS-Xx4iw4KX-4zCmGMDWsR5pW9L2kJvTuqOeHpzQ5jQO6Uo65v-fcGqWKfGuXZYsm-PqWrWQ8sP3lyS65XxvqtOSQIIwHgeofgw6pIYPiP5Az9HPF7yHxZMbteoqPNStQ1m0f4lRp2OJw5uYoVaur64h1dL3E53_sdUY3yi7F6GUZxJOtNrFvxi2KBG7KUsOHxCml559kwwNtbW5G9hscy_Q-6xI2tX8J60X57UiG1nlAhYUt_6l2eQnoGCyZK3buhab5C0Wi3rAYgiXVVqtfGLt9z9QYKmwaOkZj8imq5_3XAONmt9Yt_QvUHzCnZOKq0hCM2flw-Gi8BQDWdscSgmbPselSADOSdPCJ871IwUM1NDU7jNO48jHx0uXKAlqvdj4_yuyLTwA3wArQJdRylRR_-UFoBOGZlWVjJJQtF_quBJ_lTeU_pX4QxdfMg8Oa-kLNoFSyL04y5zEELDsenmxYaeATwrvLbS2WbVrcNtL-snn7MgIIMP8dejV1tkYwamSH4CyEAEWQqjMblKN97b8JXWmuIBJmFPRZT-JaFsFw8ZlAnOst39GC8UZMJFpTxuJibwlkZaAYRi4HuP8P_qDIvIJOHUChE4jRqvEez10y8oCzVmVmSiDNWXJb7ZyX5xiV0LOdn6xbBtc7ffr5bqv9l3_t_e3DXdCVlB5nI3VjDtvwt7SkRINf3UiYQw2Yb_AdSxbzEZw3bHJP6YpHo6I6OEpnhm0w9JUxfYm1Xrtle9hbEvubgwZhGCjX_kMYQSA2Aj45CYsOEYEcw7-FoQgsYz0FMgOclVjnjBhYCUZUhjlqkticuStxsAXW7VCMhTPFqCgBU9XoYhC9ZYhorvCEPTg_DVmlFvq_7eJSPwfoiWq82-x8d0oR9doTt1p8v4kes_6v8xp6nPYMSU4gTbFnp5RAr__-Az9uBFncgKayhHG_ZNrEmLZCS0Q66cAcCUlOWDLlsRAUQE-SzJeRxDFJpoV4ta6BXataq7rrjimhPkz1i3h3E9_AawIpmXieU0NrCqpQ1p0xLj47BIpKWfqe8joowCPM2wdZDmdvQOzrH1xQsRfhL-GKlMNP0C2AWgDWbJrPsdsjTxiKYhVWrpuPobaaTUyyRhyeio6FWN4aUvzEalCVhSLc2JBm9C1y9SbHWMTW5CJZH8HuuS8dPkSe-NCBU-qqglmTJAk7Ogz_ctTa04qZGps3XGij754qz3JYSmhDWLDo3eRtH-X-4Pt9Wa52xvKBpZYSXk7CQH5SH-xpIKXxeBy99-AxFUHumJRSSAC5g850Vw2imV46X539-b0AIThaaC0tsLiXr90v2jdGRCudY8356jw0O_m0RU9zatoMwc1SlvJgL4UhOxrxvZQdAzXP3mDrLg7fsamWQlh6B6T3awieD6oOgmRpaDZoZKJMGCJu4IJdvPd_OP_agUMVfcfdybscQ0iP8Pd-zCF8LP7yW1I0Ap2vVDnFVuqHMIX3h-EDUicAba8O0HlJ36xirV7ZlUJQ9t3TUpj0MpII8UGTrE_bMMN1oHuuEZa5o0hPtc1MkycSUdMtLRimwZ238wrsISqbJvRSgabP8gz_Bjspc2NqHGAx2Bb3ha2UnYr8D8gCKRIWPvIqD-XRCFouc-xHuTo_o3un19mlygorPrA2zdimuagTGj1ZuGX92mZDZ-oWFgkmWg_3UXkrl_lp4O-iYnAvbNCvhKLumVS4wUAAs_Gmbe_gFSRrZvos7agjwwJQTIRp7PXBAz8anlK5-9HfUJ55RRnExgFBlZPF7-c0sX9cNsNEj26ppuAHwL7ZncwY6fGEDhKCskjRtiv44DyKkZjYB1nM--Qk1IkFFhPfl7L-AyBRz8qVHlkTc4UFehUhVeYDCi_6bWcJC5eybpvXFsZY5_Be4zORFfk7lGii2lIxL_lSnVCkjJseZYuBo4OOguMp1g&cid=CAASEuRoqsIoCpBmdIkB5lwtiCGwyg&rfl=1%2Chttps%253A%252F%252Fwww.memuplay.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Thu, 29 Apr 2021 15:07:49 GMT
x-content-type-options: nosniff
server: cafe
age: 86223
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:07:49 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/ Frame 9E69 22 KB
8 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:03:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 13470574408442207528
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:03:10 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/ Frame 9E69 8 KB
3 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210428/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:02:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 May 2021 15:02:54 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E69 0
575 B 245ms
106ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssQzsMqW87LOkKWL4Y-zjbfPYZj3owveOa9Nu34nNghE8w9t2oap4mlyPVQCHiQbKt9hIalhpnXTopER7MklPRC2I1Kl4zwY7ylBCBMxc_IriXxvxvzIduhUrr9S0Ve-uvgd-zGl9Zo6LKPiVi-1zWF6LiRwpU49NstwXSv8E1UiNv_UOu1Vk2dMRt3LpTd4g6z9hZXZOkG0GiTwlVvS36VHV_622Z8LLHQvLDSIw9Jkp64d6--ZoY1d1RKDMv6XdZx3y-2MvJEHyoxMm9q2cb3G6x7v3HS8klvFNA8Dmy30-EZpYusWMI2yR_A1p0RZBN0gz8Vr2-FChPb_3W9Gupkb7dPD-C7iM4XZOBBRVFohaaz-rXxo4ab_i7Kai4zpeEBP4a43X60zmIfo5H3zQ62a500w-dsEJuLzTQLd1jGzjOwdvQHKCBig-EdI6nbYzjEwDrw6_M3Brbm82rq1FD_VbktFb0v4fl5vUU33cu7TEE1IQbnz9Yr6B0bGhROgWX36hfbOywCrvKRYHN07lq5lkDtBZXcBAzIdLooSaGdpyLvaGLedfSbwkUodrz9VZAm7bkKdq_h1DpXFy9GpIEmk7m-L3q7w_t_mo3dbP3Xf4kES7WJmT7sXTq0Ub-ONtbXpMgPMuG81jdviWJYYb_MdOQlHD5deqLSXinmLIjkTuesFk8VTlsh63QEtCPIlkwmoyWydcmHAmxW2RvKJkVXfFmohwZwMFNKRaAuxOvH3TjVOMG_z5ww5rH0ySpQTMzioU7flCRuLylf3CymnUtYDvKSUD-fBZkO7bknyT6N-iHFGY-4PjOXjthVcXxIllbunwkhxO894_4znAui3i0fqEeqMvHG32CiGuCpSSs-lBe5RlECBTP4odvwr8vMvISivdEh-e19G_6zlaXZLt0BGS2nKjbyYxKuyd8eekx4KTQB-iQlI3JC1j-b1vghjKYc4Hr8A2U-WCYz_qVrhP1zuouh_C8JPRdtgr5qQSaN9s5ymqnrqVGhK0bvJEcEYqmD-eBwEnv11NrcpXA6SoBk7Gn23XE4wCshS_Rb7U9goc_SWjkoW2phgWzchxCVAZ2qkJkAn9T__67z-_ajnJ_mcdZC7ikr3e5dH4yxDXTE7MP0V_AsK332gwR8rGnQT83TNnd0kRN_26T04a8WtsSrDKYX-Q&sai=AMfl-YRL4CMPgxL53t75pOiT5WynPJu5yQbhdHwAVGX0q38hyL7e9E8yvbDIa_52mJ1aL5mzmzF-WDV9VpcL0WWPY3Q2T8s8j5E4ORjtkkyJz3iqxFe5FlHQMFUUz1Jg7G_BRMGyYEy5qn3CuAurx01Kvf1_KSoc1Q&sig=Cg0ArKJSzNrh4jyWFuKqEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20210428.68046&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 30 Apr 2021 15:04:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9E69 41 KB
15 KB 18ms
9ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 14:31:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2025
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Apr 2022 14:31:07 GMT

GET
H2 200 gw_features-syos_de_green-man_img_300x600.png
s0.2mdn.net/9331222/ Frame 9E69 104 KB
105 KB 43ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9331222/gw_features-syos_de_green-man_img_300x600.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f789ca98935777af6392eee04689b83e9093246018b1af59c029bfbf1aff1766

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 07:07:35 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 Feb 2021 18:42:07 GMT
server: sffe
age: 28637
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106848
x-xss-protection: 0
expires: Sat, 01 May 2021 07:07:35 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 8D00 170 B
329 B 70ms
69ms Image
image/png 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhj5xcueATAB&v=APEucNUKc8v6wBOmamHPMRvbptZf3CTravC2Lcy3jUOmdLLubt7MeOENlSHYjROJV4gckAdC_Nyr7QzYE9lCliYwEYSFxLt5pAXyTGn38zK4pLnLu1YNSaqm0EN4NXzAga1RJZeFHFguaMk3Ww_MC-unamYjYo3P-JqLMq1VJTFvkukLLJqImhcaa14C5Nd3HErX6_LcV5MVwYIjRW8OVMjjkCki0UJUvg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8D00
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1&C=1

43 B
1013 B

72ms
71ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhj5xcueATAB&v=APEucNUKc8v6wBOmamHPMRvbptZf3CTravC2Lcy3jUOmdLLubt7MeOENlSHYjROJV4gckAdC_Nyr7QzYE9lCliYwEYSFxLt5pAXyTGn38zK4pLnLu1YNSaqm0EN4NXzAga1RJZeFHFguaMk3Ww_MC-unamYjYo3P-JqLMq1VJTFvkukLLJqImhcaa14C5Nd3HErX6_LcV5MVwYIjRW8OVMjjkCki0UJUvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 15:04:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Apr 2021 15:04:52 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 15:04:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 30 Apr 2021 15:04:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8D00
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIwclJ5UAepzPLySrfy3rwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1

43 B
893 B

71ms
70ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQpb6JAhj5xcueATAB&v=APEucNUKc8v6wBOmamHPMRvbptZf3CTravC2Lcy3jUOmdLLubt7MeOENlSHYjROJV4gckAdC_Nyr7QzYE9lCliYwEYSFxLt5pAXyTGn38zK4pLnLu1YNSaqm0EN4NXzAga1RJZeFHFguaMk3Ww_MC-unamYjYo3P-JqLMq1VJTFvkukLLJqImhcaa14C5Nd3HErX6_LcV5MVwYIjRW8OVMjjkCki0UJUvg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 15:04:53 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 30 Apr 2021 15:04:53 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESELeLntxq1X3bZnRpcxYyCDE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff
fonts.gstatic.com/s/googlesans/v27/ Frame A764 26 KB
26 KB 8ms
7ms Font
font/woff 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwA.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4070911a1bb9cc52c4e4cd5e85ca186dcde89308a0517a8faa4715c2e0a9d45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 03:57:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 40060
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26464
x-xss-protection: 0
expires: Sat, 30 Apr 2022 03:57:12 GMT

GET
H3-29 200 4UaGrENHsxJlGDuGo1OIlL3Owpg.woff
fonts.gstatic.com/s/googlesans/v27/ Frame A764 26 KB
26 KB 11ms
10ms Font
font/woff 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owpg.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ce48d9e9d748ad4686094d3cc33f5ae1e272a5b618f5c6d146c4d12ef02e4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Tue, 27 Apr 2021 08:46:17 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 281915
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26228
x-xss-protection: 0
expires: Wed, 27 Apr 2022 08:46:17 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5DFD 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Fri, 30 Apr 2021 14:31:09 GMT
expires: Sat, 30 Apr 2022 14:31:09 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2023
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E9BF 1 KB
749 B 10ms
9ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Apr 2021 03:14:09 GMT
expires: Sat, 01 May 2021 03:14:09 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42643
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9E69 0
23 B 161ms
95ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:04:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame 1D45 35 B
398 B 9ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEKlNGvMa8OyD0aSF4ANFdjI&google_cver=1&google_push=AQvitUJo5o6OoK7icdF7FTQDqbijit-iOBSqfTcy3ITxF1H35GUyuatNbhJnPGiLbgp2w8qbUwTgL5EjVZpIsdWNf0H6lsjfAioKqQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=280&slotname=2905336534&adk=1945225558&adf=801841579&pi=t.ma~as.2905336534&w=940&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=1&psa=0&format=940x280&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090569&bpp=1&bdt=531&idt=594&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=135&ady=595&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&dtd=620
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D45
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAQvitUJoMPa4BppohKOxNdRuA0Coxp8H4GOVV9LgNmjrJd_f_8l4BWx3AUICq5Z0VKS2hZrdX5RjEVglLc4x5xvyjDePLyITsdJRMQ&google_gid=CAESENV-64_Ff1ZJ2pT1_HMnwIs&g...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCJS5sIQGEgUI6AcQAEIASnJnb29nbGVfcHVzaD1BUXZpdFVKb01QYTRCcHBvaEtPeE5kUnVBMENveHA4SDRHT1ZWOUxnTm1qckpkX2ZfOGw0Qld4M0FVSUNxNVowVktTMmhacmRYNVJqRVZnbExjNHg1eH...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNUsxNmVselFpR3doQ1g1dEhicnB0aDY0LVp5R09xdk1FZ0NUc0RlbmZVOA==&google_push

170 B
188 B

68ms
66ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNUsxNmVselFpR3doQ1g1dEhicnB0aDY0LVp5R09xdk1FZ0NUc0RlbmZVOA==&google_push

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 30 Apr 2021 15:04:52 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwNUsxNmVselFpR3doQ1g1dEhicnB0aDY0LVp5R09xdk1FZ0NUc0RlbmZVOA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D45
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIBN7Ah...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIBN7Ah...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MzAxNTA0NTMwNjU0MjA1NjE1NDIxNw%3D%3D&google_push=AQvitUIBN7AhYUfrMP126wezq6l4ErpLKDDH3skAdu7Vtxk7Z8j1cyQYw8phPckshJwg0r...

170 B
188 B

69ms
68ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MzAxNTA0NTMwNjU0MjA1NjE1NDIxNw%3D%3D&google_push=AQvitUIBN7AhYUfrMP126wezq6l4ErpLKDDH3skAdu7Vtxk7Z8j1cyQYw8phPckshJwg0rT3JGugHa8sfeja8lVwC79PDa4R8WD2ew

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA0MzAxNTA0NTMwNjU0MjA1NjE1NDIxNw%3D%3D&google_push=AQvitUIBN7AhYUfrMP126wezq6l4ErpLKDDH3skAdu7Vtxk7Z8j1cyQYw8phPckshJwg0rT3JGugHa8sfeja8lVwC79PDa4R8WD2ew
Pragma: no-cache
Date: Fri, 30 Apr 2021 15:04:53 GMT
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D45
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESECHHrbo_IdFfpqxAI-xDD4k&google_cver=1&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ
https://rtb.openx.net/sync/dds?google_gid=CAESECHHrbo_IdFfpqxAI-xDD4k&google_cver=1&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ

170 B
188 B

67ms
65ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJ62JSMiLQQk9_kVObpJhSv5yPSbiq74XxUawa7McyvPaBmSVydd0ThClA9S6xrmejK6sfde8bYJhLi9tn9EXt9UCHlQ0w5oQ
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: cdpro0n52m92pcetnqe869m2mme3korm

GET
H/1.1

200
OK

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 1D45
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
240 B

63ms
62ms

Image
text/html

185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPMK3lUBMSz-kV4nvxLPDCg&google_cver=1&google_push=AQvitULxfhlyB9SJIppxwjm-srsLAbaPoI5djVn9CKgW7W34EG-aFcF2zNbhLswioN5Wv20bieHR3M-HxXQnrfHO4y3XDhQjyRC0kw&rdf=1
Requested by: Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPMK3lUBMSz-kV4nvxLPDCg&google_cver=1&google_push=AQvitULxfhlyB9SJIppxwjm-srsLAbaPoI5djVn9CKgW7W34EG-aFcF2zNbhLswioN5Wv20bieHR3M-HxXQnrfHO4y3XDhQjyRC0kw&rdf=1
Date: Fri, 30 Apr 2021 15:04:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D45
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENscO3UlNgOaSTZWlR185tM&google_cver=1&google_push=AQvitUL5efLMmu6dag3qF5_yr2U3gs62Po96em2Nev_0M3ZsWRBypCHzSkD0bgNmoDycnHkgrp6...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDT1ctQi1MSjBL&google_push=AQvitUL5efLMmu6dag3qF5_yr2U3gs62Po96em2Nev_0M3ZsWRBypCHzSkD0bgNmoDycnHkgrp66qMHJSilxDv5TF4RCvYrwMzZYBQ

170 B
188 B

68ms
67ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDT1ctQi1MSjBL&google_push=AQvitUL5efLMmu6dag3qF5_yr2U3gs62Po96em2Nev_0M3ZsWRBypCHzSkD0bgNmoDycnHkgrp66qMHJSilxDv5TF4RCvYrwMzZYBQ

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDT1ctQi1MSjBL&google_push=AQvitUL5efLMmu6dag3qF5_yr2U3gs62Po96em2Nev_0M3ZsWRBypCHzSkD0bgNmoDycnHkgrp66qMHJSilxDv5TF4RCvYrwMzZYBQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 1D45
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJml82LidigYI5ntM773Afg&google_cver=1&google_push=AQvitUKaT4L_UhTNGGT22xks...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKaT4L_UhTNGGT22xksZc252HGqtEk7K9Hyk0gwkA69ED2BlSROYBMO9Yf-8V6mxwSMolBSm9ouWz9Znfwuaey6yRNMVc3Bg-Y&google_hm=

170 B
188 B

70ms
69ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKaT4L_UhTNGGT22xksZc252HGqtEk7K9Hyk0gwkA69ED2BlSROYBMO9Yf-8V6mxwSMolBSm9ouWz9Znfwuaey6yRNMVc3Bg-Y&google_hm=

Requested by

Host: www.memuplay.com
URL: https://www.memuplay.com/tr/download-Brawl-Stars-on-pc.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitUKaT4L_UhTNGGT22xksZc252HGqtEk7K9Hyk0gwkA69ED2BlSROYBMO9Yf-8V6mxwSMolBSm9ouWz9Znfwuaey6yRNMVc3Bg-Y&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Thu, 29 Apr 2021 15:04:52 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 1D45 0
12 B 75ms
72ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUnJMLpSbUHTBq3398N-fMG_8U4QlwkZUMyPTn6gjJDuVFL9l7hsBRqDvBAoSiuS7Eeegsiw

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BBB6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

16ms
15ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlAIfaz-CLFzQEqNhVdaaT2TmNk-u7hxQ32xym-DkrBoDDB8B4scjR0MPo8Mno
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 15:04:52 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 30-Apr-2021 16:04:52 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 30 Apr 2021 15:04:52 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 30 Apr 2021 15:04:52 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js Show response
pagead2.googlesyndication.com/bg/ Frame 725A 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea77f736ee3c84c4acd2bca16845991a1cc04f62716e21c1d2c3a724cc9bc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Sat, 24 Apr 2021 04:09:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 557740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7906
x-xss-protection: 0
expires: Sun, 24 Apr 2022 04:09:12 GMT

GET
H3-29 200 Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5DFD 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea77f736ee3c84c4acd2bca16845991a1cc04f62716e21c1d2c3a724cc9bc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Sat, 24 Apr 2021 04:09:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 557740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7906
x-xss-protection: 0
expires: Sun, 24 Apr 2022 04:09:12 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9BF
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAQvitUI3SFUi-SOrSYwIbewh6CFZo06w16HOvsHri2b...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl3Y2xBQUFBT1NEWXl1Uw&google_push=AQvitUI3SFUi-SOrSYwIbewh6CFZo06w16HOvsHri2b7IdSvGmVUjg0eYcbHrezXqsZic2clhuPEjD5HfXbwzy1VdNNKTJOAxwcu

170 B
188 B

69ms
68ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl3Y2xBQUFBT1NEWXl1Uw&google_push=AQvitUI3SFUi-SOrSYwIbewh6CFZo06w16HOvsHri2b7IdSvGmVUjg0eYcbHrezXqsZic2clhuPEjD5HfXbwzy1VdNNKTJOAxwcu

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WUl3Y2xBQUFBT1NEWXl1Uw&google_push=AQvitUI3SFUi-SOrSYwIbewh6CFZo06w16HOvsHri2b7IdSvGmVUjg0eYcbHrezXqsZic2clhuPEjD5HfXbwzy1VdNNKTJOAxwcu
Date: Fri, 30 Apr 2021 15:04:52 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9BF
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEN7j8ld7HXnZ_turX5YQTkU&google_cver=1&google_push=AQvitUINFx7_okvfAXxiY-dhUyLEeob-1Anq8f6wVbqOtS3jmKSZH2Xph0gpY8Cu25MnpbW0GYqJkvQrfzR4r-R5ZfYlUWUtq3g2
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUINFx7_okvfAXxiY-dhUyLEeob-1Anq8f6wVbqOtS3jmKSZH2Xph0gpY8Cu25MnpbW0GYqJkvQrfzR4r-R5ZfYlUWUtq3g2&google_hm=Q0FFU0VON2o4bGQ3SFhuW...

170 B
188 B

66ms
66ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUINFx7_okvfAXxiY-dhUyLEeob-1Anq8f6wVbqOtS3jmKSZH2Xph0gpY8Cu25MnpbW0GYqJkvQrfzR4r-R5ZfYlUWUtq3g2&google_hm=Q0FFU0VON2o4bGQ3SFhuWl90dXJYNVlRVGtV

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 15:04:52 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AQvitUINFx7_okvfAXxiY-dhUyLEeob-1Anq8f6wVbqOtS3jmKSZH2Xph0gpY8Cu25MnpbW0GYqJkvQrfzR4r-R5ZfYlUWUtq3g2&google_hm=Q0FFU0VON2o4bGQ3SFhuWl90dXJYNVlRVGtV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9BF
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDzKhxpjISOzum1QeXBYqp4&google_cver=1&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA
https://rtb.openx.net/sync/dds?google_gid=CAESEDzKhxpjISOzum1QeXBYqp4&google_cver=1&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA

170 B
188 B

67ms
65ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:51 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AQvitUJJDoBWWP570nARYWo4cPj1K-wQn3_Yf3NX8SvGNj082uLQnfQ2RZ9MRHIjqxilQGv7MuobEX7ia_zTfmETfeCYj70jvAA
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 27f23mvtcol5ela9rt9qk52ke6ofiou6

GET
H/1.1

200
OK

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame E9BF
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
240 B

63ms
62ms

Image
text/html

185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEYWes0PEFmhTac3yfV7w6I&google_cver=1&google_push=AQvitUIWb-gYz5H5x8N_bsjAM2QYpL61cUnz_MKve2SgMc8-ppBqOEfgmoH0QdyohefGhMhqS6ygbCiPoxoVq2sknc1KPaIVDvk&rdf=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4201334306964693&output=html&h=600&slotname=4058161092&adk=748843944&adf=1946173592&pi=t.ma~as.4058161092&w=300&fwrn=4&fwrnh=100&lmt=1619795091&rafmt=4&psa=0&format=300x600&url=https%3A%2F%2Fwww.memuplay.com%2Ftr%2Fdownload-Brawl-Stars-on-pc.html&ea=0&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&dt=1619795090570&bpp=1&bdt=532&idt=688&shv=r20210428&cbv=%2Fr20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C940x90%2C940x280&nras=1&correlator=2095913704416&frm=20&pv=1&ga_vid=112099067.1619795091&ga_sid=1619795091&ga_hid=343458024&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1165&ady=210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31060840&oid=3&pvsid=3592491561516361&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&dtd=700
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

Date: Fri, 30 Apr 2021 15:04:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEYWes0PEFmhTac3yfV7w6I&google_cver=1&google_push=AQvitUIWb-gYz5H5x8N_bsjAM2QYpL61cUnz_MKve2SgMc8-ppBqOEfgmoH0QdyohefGhMhqS6ygbCiPoxoVq2sknc1KPaIVDvk&rdf=1
Date: Fri, 30 Apr 2021 15:04:52 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9BF
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHvcIYTBauDw4GKKZ3Y7ie8&google_cver=1&google_push=AQvitUKDaWFXA7A77JbEYO5jFsmAmFKPPuU2EY2XQs3UBibSoSpF8YEn0xm7NhC_wnP-lqw_BGI...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDUTgtMVYtOEFHNA==&google_push=AQvitUKDaWFXA7A77JbEYO5jFsmAmFKPPuU2EY2XQs3UBibSoSpF8YEn0xm7NhC_wnP-lqw_BGIww9yDK-CuQVK0e2vSZxiCU84

170 B
188 B

72ms
66ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDUTgtMVYtOEFHNA==&google_push=AQvitUKDaWFXA7A77JbEYO5jFsmAmFKPPuU2EY2XQs3UBibSoSpF8YEn0xm7NhC_wnP-lqw_BGIww9yDK-CuQVK0e2vSZxiCU84

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S080RzZDUTgtMVYtOEFHNA==&google_push=AQvitUKDaWFXA7A77JbEYO5jFsmAmFKPPuU2EY2XQs3UBibSoSpF8YEn0xm7NhC_wnP-lqw_BGIww9yDK-CuQVK0e2vSZxiCU84
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9BF
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECQo-8DkS7RsAJdyaivJt40&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIwclJ5UAepzPLySrfy3rwAABx0AAAIB&google_push=AQvitUJYYqRbgqtZ-koj--uPZGpZysRz0Q0H4mhMwbMe_NJwceBGxES864YgX-dC2iSmMUq0dQq_NBlVUAw9ZUzfg9...

170 B
188 B

73ms
72ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIwclJ5UAepzPLySrfy3rwAABx0AAAIB&google_push=AQvitUJYYqRbgqtZ-koj--uPZGpZysRz0Q0H4mhMwbMe_NJwceBGxES864YgX-dC2iSmMUq0dQq_NBlVUAw9ZUzfg9VKAId7asnO&google_gid=CAESECQo-8DkS7RsAJdyaivJt40&google_cver=1

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 30 Apr 2021 15:04:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YIwclJ5UAepzPLySrfy3rwAABx0AAAIB&google_push=AQvitUJYYqRbgqtZ-koj--uPZGpZysRz0Q0H4mhMwbMe_NJwceBGxES864YgX-dC2iSmMUq0dQq_NBlVUAw9ZUzfg9VKAId7asnO&google_gid=CAESECQo-8DkS7RsAJdyaivJt40&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Fri, 30 Apr 2021 15:04:52 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9BF
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB0keQK9zmv_ZwJlZIFKi2o&google_cver=1&google_push=AQvitULuisN93W609lJIqUkn...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULuisN93W609lJIqUknhWyUeUF7OnPILGGdtU6sGUEqnZYSSZfd166b8c-1N0pVvsTITL-IsxFSZWX9OTgjaHXTkwgHSwnNOQ&google_hm=

170 B
188 B

67ms
66ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULuisN93W609lJIqUknhWyUeUF7OnPILGGdtU6sGUEqnZYSSZfd166b8c-1N0pVvsTITL-IsxFSZWX9OTgjaHXTkwgHSwnNOQ&google_hm=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:52 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AQvitULuisN93W609lJIqUknhWyUeUF7OnPILGGdtU6sGUEqnZYSSZfd166b8c-1N0pVvsTITL-IsxFSZWX9OTgjaHXTkwgHSwnNOQ&google_hm=
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Thu, 29 Apr 2021 15:04:52 GMT

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame E9BF 0
12 B 71ms
64ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSrmSePi-SJSte7W3ZU1YrKS47YdQ9mxMDiRNDBHnoLcBaKVSGeqkB1vqpyK3o6c0wFLmFNQ

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:52 GMT
server: HTTP server (unknown)
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 23ms
22ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210428&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99bdd06dd88ff200b4a2da8a94fa5b52dad4f277fdeca23bf34cc2cb9a128172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

timing-allow-origin: *
date: Fri, 30 Apr 2021 15:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6672
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5DFD 0
20 B 42ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bc7SnlByMYN-qEIvu3gPDnLPIDwAAAAA4AeAEAg&bg=!T0ylTAjNAAaCKPYIgig7ACkAdvg8WtbJy2-ssEFJ-PIlUBKGWABYOJSoB18NDTQ-ldp82HuwqBrAYAIAAACZUgAAABJoAQcKAaZwxDJ4I_B3zeTtT2eLuRaeqRh9VAX-3CNqsJ29yYKl73BV6i4AlOJXMWaNR5puKlVp7vV7OVGJp0Lup-XRM0iP6gtcGHSXzN6QDnb4OKjRLZws3Bqor1kC_mpGh7FX0WvDWxGBgs9etLAkOQaX1KSjko52WipYZH4w3MOGl5vFNSL2cI61dg-EUl-OIDHzo4KPeDDrGbu0h5mSu-ATo9fAxQ6GduPRFBlQti33Su9MP0soS0ngPzxGhEDnLVnzw2wg4AY8i1gmq2pgxOet_NTIDbeHRVpq0RGuQepOYgqGVahTsdFSiqbCEPI4xvNNHM2aRoQjEN41FarbF92_8EH8RIzAv_oMci5pfwcIDDeg0sqV1kQYsUJ-59EuWb8nNI3Xud2XbdMuD5sJaGj1PsJKt9Tvn9G6Hzrpt5FV6sdhiBKHrkxLIpSsOoRe4w9QFegph7JXYGOQ_CH1kWNz7YmqUeySVXcMmUuIutXRPI2AOeR9MKwEOaGMKeRTvXc1jt6scVl8AXZ0qO9GqK1qoQvQnL2gK3tMarWEt3XulD52MI0iQrDNrJkB2aLAeibl_FVVIpfvgKNbbb-KEsx13H6YJ3rUWD5iX03CtO8a8uWcTPXr9ubQNAXrGeZcFPrry6rsoN2406XMe44Zz-dcOWr_gkuQ6dfvBonTD4d0DoXehVHHy4wXJk9TcmB_p6-O6DJZ_MBggCDJij7Q4JtZqzsNgMKNhIDzZSjHs7NxY4DkPIFLUVasBH5tVsPb41Ezy51tepnCxS57jpLfPmyxQmjpKkLbBwTW-69qMVQBdcMbwlfA7rOn5ogI_45Dy5KpN-xSZ2Y7eq2IN5SMoJL_UTKqKEZK-viCVI9rWxlz6n2YRbcKerxheu8tOcQq3l6hQjVQIbnv22sCWTYVUFLjHpyxhY8mb7GyDThX8q8ohYmQ1njE8NEwoooZAO1pjTKv3e7MdRqWx51kWlIUuZqyY0PFdR5TT3yaw_3KQ31-iTWjjbETp6iRRuwkdDaSpYPjaxoWzTR95ZzWMkmSrXkX8ldVf0CCmzSHHKyAfYMtFGtEa5A-L2gLFYk6-0D3pJ6V1vOwfSrTiy5uoRILI_OqBlDpsP9sDdVSnqZ3VlqIffTsPu7VhqseW_-b-ct1G3ce-wDRqm1-A4yVthPpD1dedfr6DYYCucJRcI8NOjJa43ddagVV

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Fri, 30 Apr 2021 15:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:04:53 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 675E 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.memuplay.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Referer: https://www.memuplay.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 30 Apr 2021 14:31:14 GMT
expires: Sat, 30 Apr 2022 14:31:14 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2019
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js Show response
pagead2.googlesyndication.com/bg/ Frame 675E 21 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dqd_c27jyExKzSvKFoRZkaHMBPYnFuIcHSw6ckzJvE0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ea77f736ee3c84c4acd2bca16845991a1cc04f62716e21c1d2c3a724cc9bc4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

date: Sat, 24 Apr 2021 04:09:12 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 557741
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7906
x-xss-protection: 0
expires: Sun, 24 Apr 2022 04:09:12 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 39ms
39ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gda_r20210428&jk=3592491561516361&bg=!JySlJGDNAAaCKPYIgig7ACkAdvg8WhdRNiLXeOi8wGsmxvwWWNAtVhBnTz5DjQKEdDnFmVty6sf63gIAAABVUgAAABJoAQcKAIp6b9ahY3AsCduC89UYj19HuliHKRbjJfR8pw6UVSr487r1BBxikcm7Fltcqt0owV_f3tMRxhOkPWkmjY5M8kt_srMiIC7R-lkvLRVMfggeT01SvHLHpiFeUNRAqtx3QD4mO5MJl5cwrdtOdWdolptXvkLk2R1rZIndpSTlg2ODFnGolpD5aOstcmGZAc86sWSOBVjawR3_DNf0WN66dR0_Ian6AvaiVkilpxAHi42R7pZzOlKcy5pqyfaOyFajGIQKz9FKyrnkCIXrjMKnT3cioCFLny9uVpH6DDUUnGvKtCOLAlSN2JuQZHlNKy_HxwTRwlmvdbv9VmEVIvk1Gm_4myGnV4PQkYs3KAXU7yG23YMMmYmuibv9WWprrfaGv8VTYrvZZ36iKlbiuKm0UXChXrd57l0GyStCWm2PLpVJj0gfRh7kVdlF47Q4bXqSXyAN9lQ-_ovUNhtmT-7Ca42IFbw1cubZE1Ww1cOFzO0FyT8Fr4tzevHPlUuhz9gKpddv5Xo_TyP9FPNKty9aSy7aYHC9fDCzWxRE8QYPO6d6qRw-0po0zVouYoTyG3c-GBglZMwkN7V44-vb5qo2nZzngTBe4uHgHCCPxx_izZKJR30aWO_aPrD7Bl5Qv2YWpiPN2ehxeNBPrqRR8MEx6VB6woauCwKhFvKM5FpIcRJKgtKP11rMRThDyzXgqtfnNPCfqxsvlz3wKcYIoJFIXlVLmq2VwcP9YGNwb7rrRS-PPDD3XqJ_aVtLXeK52Ryn4rue1ummAQLiUhY4bVQtyCHMtLxIpMPvbTjD924q

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.memuplay.com/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E07B 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszroH0HeC3Y1KOSpVwETUnVXDwVe1oB5U9R92m-KP3F1kLUV7VIEF5qSoHhubbSeqiKBKYwA9Un1iQBAtgahb8qWze5dM3PWG1XKEl0lmQyic6ST1lHY8crAq6yQ&sai=AMfl-YRbPo83BLbBvxlu458xGfY7tRAcKiOSRi45MXIaDdEaBg8B7zbR7aXdDNWf38Bu5ZS4C43zOhDu_R8O&sig=Cg0ArKJSzPYL4ufqL7j5EAE&id=lidar2&mcvt=1001&p=90,135,180,1075&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3699759644&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619795091019&dlt=742&rpt=300&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A764 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvTKeKlpxQQSPd57wKSKL8-onXvtxC9S4BErA_kyQqVEZ08dEbKnnVLTeQ-OM046-GuL_4IYc2Vw1nJkl5PB3130q5BWpuwaFwXag2H9Kp-4DnBw_0RTT3pRVvSg&sai=AMfl-YQhd1x1nTTmWW_x55NOrAJ5USbs8FizKrmM1v6nsxmwcTe1T6Y0RkUaa4KWmI4lqmadDHa0gSdteskNhSNtsNnboEGARLmJGRI&sig=Cg0ArKJSzK6UVdozSIzFEAE&cid=CAASF-RokZ_-mDvw57dAsChX5O1NASRxB9WO&id=lidar2&mcvt=1001&p=595,135,875,1075&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1945225558&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1619795091193&dlt=757&rpt=136&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E69 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudqGWf2sB2_-YaVcXO85ScvP4KJ0t4YZQ3kHZDCKhLYZ9LBcPWZ4hoQPQg-1cFpkDju_I9mcyGh7eUG2F4zsnv-37y7YyXgFQzkWwUSklSTeQVNb28D9EqMGZOow&sai=AMfl-YRSK6CgD6l1YsMbh9540C-wClu_hL11v6iVQZHEmNiPKgnqAyHn2UBi-g-Qoi5BaIaUAuJDvjkrdYtr1pJCcmppePsr1S2eb78&sig=Cg0ArKJSzOnGgQBpmPuWEAE&cid=CAASEuRoqsIoCpBmdIkB5lwtiCGwyg&id=lidar2&mcvt=1001&p=210,1165,814,1465&mtos=0,1001,1001,1001,1001&tos=0,1001,0,0,0&v=20210428&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=748843944&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619795091274&dlt=867&rpt=58&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36

Response headers

pragma: no-cache
date: Fri, 30 Apr 2021 15:04:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 8C18 28 B
191 B 20ms
20ms XHR
application/json 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/901932ee/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla / 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit / 537.36 (KHTML, Gecko gibi) Chrome / 89.0.4389.72 Safari / 537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/lPiXRSRff9g
X-YouTube-Client-Version: 1.20210428.1.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtvQkZmT2pGS0NKYyiSubCEBg%3D%3D
X-YouTube-Ad-Signals: dt=1619795091418&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1536%2C864&vis=1&wgl=true&ca_type=image&bid=ANyPxKo5DhuqGRUt01sdJN055Z4xolkDTN5-3brC9DEJ3DvH8Z0DWkJlVi-OLkcN2wxsNlV0cXW2hTZcMUe-RhnFOJX6FcRy7w

Response headers

date: Fri, 30 Apr 2021 15:05:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 30 Apr 2021 15:05:01 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.memuplay.com/	1970-01-19 17:56:35	Name: _gat_gtag_UA_75186244_10 Value: 1
.doubleclick.net/	1970-01-20 03:18:11	Name: IDE Value: AHWqTUlAIfaz-CLFzQEqNhVdaaT2TmNk-u7hxQ32xym-DkrBoDDB8B4scjR0MPo8Mno
.memuplay.com/	1970-01-20 03:18:11	Name: __gads Value: ID=87d8e428b40ad648-22329221f8c70023:T=1619795090:RT=1619795090:S=ALNI_MZ2sfQW4nBl3a7kT11QdGEhRfDw1A
.memuplay.com/	1970-01-19 17:58:01	Name: _gid Value: GA1.2.2070438426.1619795091
.memuplay.com/	1970-01-20 11:27:47	Name: _ga Value: GA1.2.112099067.1619795091

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
d1dsppboztgfdt.cloudfront.net
dl.memuplay.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
i1.ytimg.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.memuplay.com
www.youtube.com
142.250.185.66
142.250.185.98
172.217.23.98
18.195.77.77
185.64.190.78
2.18.234.21
205.185.216.10
205.185.216.42
2600:9000:211e:c000:5:1aa6:b840:21
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2008
35.227.252.103
35.244.174.68
52.41.112.73
63.33.127.66
69.173.144.139
79.137.69.120
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04f9ca8648a6038fcebd6bab226662dc2799a746f5fd62c46a1e6d158156c8ba
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da50f78231a135a4bd11dbd7d4d6f24cdaa0ef1393447a38f5c79da2867a34c
0ea77f736ee3c84c4acd2bca16845991a1cc04f62716e21c1d2c3a724cc9bc4d
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1570f866bf6eae82041e407280894a86ad2b8b275e01908ae156914dc693a4ed
162a85b982f0b655889e8bd96fda4952406c4e7fc46e7d6b74e063e740b4b4c6
166a4ec3cb90d525f7f744c7616c01b36bebd6dcecd486c8f5be14ccc0a7b3da
16d7e9946dda694174092676224f545a69c29c8509c39d338caf21238a5d439f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d7cccc0693cc3f3ef3d3c587256f44ebf6f6dffff796c8f96629b3c5906eac7
20e9aab22032d85684d7d916a1013f7c577a132a5b10ea3fd3578e8d0b28a711
23c061e7d440b7804c374dae567e47162a04cacc44e35b5c35065629d8f2b3ce
258467714b990f7336f9d25902acb907cdb0cc27261bb2645e862d547b2198da
296d1ac12faef047d5603bf15c90e3a5a1bd6c66ebfabda4310f4b6540148ddb
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
335f35a5da7c9bd626304d6c0341619aabccfd409ff2b2c50a92dcc62b66c4e5
3e5eb7885cd58a769515cdd0aab42fab70e2985d5f78fe96a9e926e634da6d7a
3fe55c799ed546766e3f0a15d716eb94d68939f03fecc2661522a994cc16978f
40624df25c2ada995ded8210f8da9c23f20d6231d1fb2f8e1f0ff031e69c8067
4070911a1bb9cc52c4e4cd5e85ca186dcde89308a0517a8faa4715c2e0a9d45e
448c45d380e39b33cdfdb0ced777a4712106b9fdf9259592e04d8bdf17acd9cf
46deee22aa2e3e3ab2e17731d9fb0794274aac2a957fd092018ba54f749f6b9b
47b0e7129add982c0e394f0dfa8d9621e6c9e4126859b26e1ad25c18def0d812
4ac1460fa891eca9d83159de667802193c5db0a2cfd2196ce84414bd4dd59a5c
4fef163f2f4cd8a915963124f5930deda62fab88b8b1f4ea98a7ef52c3ffd47a
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53a71abbdc01a24adc568a294f2611da4d30add7711959acf28b29fb3700b024
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5724ecc22cf4c88a6c7fa686942deb302226238a710aedf898d6217cede97cff
59517e881e08560adf129f46d72f4626f34610fcdf7b8123f21a76cb0caf6f80
5a526105acda1cc5cb1ae0f10acfea913a9c8d28b606b3ea2109b5438e56e95d
5ce48d9e9d748ad4686094d3cc33f5ae1e272a5b618f5c6d146c4d12ef02e4a6
60c9ba57c71d89711c13b200284a0ed3f39b26eca62c73564a5b16babb0f0e96
653d929953aacff5ceade3eecaa393808a7ab086e8f87712fc4a5d4c0f9f178c
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78c10c792fabd916e2ade8794bb1096d39f866efb5cbdfd4113cdb535d722467
78fb018fecd8929141af968eb315c7c29eb03b26d638418fdf9e0e238b576bc2
7ea4afa96c5e64b98867028582a7e8e64346505da8b39c8ea352d0c50df5e70a
7fae518af313153041754e41d6f946d10744be832f6ae01f0efee0f03079d2a2
818ecd6e0c14f3f28f23ae64ea9803c2c393783b41e80ae03ace477b6fbb5517
81f906245e8f00f969804bf51c3e66496eacc02120b4c95cc1a4c56f940a7e7c
86d901e0a6ee217d1d01c25901304e01ab4f7a705b0542b8db7b69d79b1371b7
8bc3d695c45fc0a4d3bfc67fe64f3be04b08307d5f8ec6eba1a9b54581be178b
8d0b7961aa9f703d352bf481f9bc493aa889faaefde5f4b2977e7106a7baa073
8d5d03cddbe709b311c8ca8d1af5c479c0ac9ea9e07ca0c7efbaa99e22461ed4
8f9285255a80c21fa0dc175c1870645bc55d4ca110ec3bf4e4ee9ab913afc53a
92e3f88b7451882573c993ae1ac41c66bb718bd3a3b1d45d740bff06c5496207
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
971829a5098e78718f62c001ff5571030d969319d7f6432b04bd6dfc23f00267
97a17f5f78c4b25f640a9ca3ff4f88e678a07a0865a62dd4584b63f227071f6e
98c0adaacf714eabab770bb3ace8444615a1efa27b44086a96b1346c1f0bc96e
99bdd06dd88ff200b4a2da8a94fa5b52dad4f277fdeca23bf34cc2cb9a128172
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfa3072400b4e13e500853cd56f75db48e47550dca444d797ef622d2edc2313
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f64af8cf9eb47610a44919b9270a6cf66037544703936068594f52146a875b
a5cb642ef22434a24612329870579fbb272cb9fa7475360035596ea56fb0431a
a62e4e3a56af248e4cf7c7171d84b770a1574bf38d3903facbbbab13926870b5
a738258143155bca88ac66123b36a5efe7cfb42723a0c0e6c5f09d2bc577c131
aceb417736ce2ec780b30cb62cade34db275bc6cbb8a4af73fb305e970c4e9b1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b211fbd3d9e60e25170a02c07e3b3b757e98949eca734ef96f02079a840a1d9e
bcb19924877ee0223dca75af549d354d1db0798ba8f3a4ebe296a7859d6b86c0
c02be89b2ec96232ab4f8abb022f03e4613a6676d245b0be38bb357835a95b67
c2a795dee0936729f60808f865befd924f63fe1278d44d5e29b8f34f1e9004c8
c5b09bf0023d53aa599e25b4317fa8fb6bbbbdb2335925fddb88002ef6237fb4
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c71f4a5f63dd40dcc21e8fcf88eb71f0603031b80c4619b1909bf30cb135c540
c76a6cc9369273b7e5f07285be49006b00775eefeefd725334e4235c4c29c9cf
cbdcd704fb3dde1c229e9f461d90b554806060cd05a6fd91690a705b5777de4e
cfbf5bbeceb3914deb34cead73f53c93e715932d877774fcba843b1a75fede0c
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d882a889b3e70586ae22bb8b70cb1f74592b952be9cf5caa2c4c8d1f0ce28f25
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e2d383e9d1f640d5702e8103b899f5cef9deb84ef21bef9ab0ffad9162885c8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54223f2102d19001adeeee9bf605ffc2e884ff68ff55fc1e7cb2681493c247b
e584422a48b23d34c7e84ef1b5c4482a9c938ecd950b0bd0aaf751a1c93909da
e76ff426982cb1a2971dbdaf622c8e7d02f77ab59c77d37f1ce79e18a90f9b4a
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee4b0387dd65f67faa0662f32dc374ea119614f83b468e6b75affcf1239a05cb
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f789ca98935777af6392eee04689b83e9093246018b1af59c029bfbf1aff1766
f7e2725c8ab071f33f6abbb2142b305f99840813b6f3c7cc22d08922b6e18c37
fb29383fbbf48af577987123a1b47ef9318c3b99650a3d9b89774d0b37ff1c09

www.memuplay.com Open in urlscan Pro 205.185.216.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

144 Requests

100 %HTTPS

58 %IPv6

25 Domains

33 Subdomains

27 IPs

5 Countries

2851 kBTransfer

5432 kBSize

5 Cookies

5 Outgoing links

Redirected requests

144 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.memuplay.com Open in urlscan Pro
205.185.216.42 Public Scan

Screenshot
Live screenshot

Full Image

144
Requests

100 %
HTTPS

58 %
IPv6

25
Domains

33
Subdomains

27
IPs

5
Countries

2851 kB
Transfer

5432 kB
Size

5
Cookies

144 HTTP transactions
1 data transactions