www.gosunoob.com Open in urlscan Pro
173.249.152.49  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73

• https://ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/B24844156.288506216;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent= HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/B24844156.288506216;dc_pre=COL8_ISExu0CFcHGuwgdEm0L_A;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=

Request Chain 91

• https://pixel.adsafeprotected.com/rfw/st/535480/50565502/skeleton.js?adsafe_url=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:f74fba51-fbad-1a74-cb36-ba46cf4d977d,c:wANH9R,sl:inView,em:false,fr:true,mn:app31ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1600.1200,am:a,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,br:u,abv:na,an:n,oam:0,scm:sg1,nbld:0,fm:siRT0mW+1*.535480-50565502|11|12|13|14,idMap:1*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,thd:1,et:98,oid:99cc587f-3bb4-11eb-b6b3-06cc0da90f4d,v:19.8.149,sp:1,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/	248 KB 48 KB	517ms 249ms	Document text/html	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash 25b2ca662d7e8aedda6ab29ec6a0bfdca3f4ddb53a6d9fc6501c40390443c398 Request headers :method GET :authority www.gosunoob.com :scheme https :path /zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers content-type text/html; charset=UTF-8 link <https://www.gosunoob.com/wp-json/>; rel="https://api.w.org/" <https://www.gosunoob.com/wp-json/wp/v2/posts/81266>; rel="alternate"; type="application/json" <https://www.gosunoob.com/?p=81266>; rel=shortlink </wp-content/litespeed/cssjs/14000.css?bf925>; rel=preload; as=style,</wp-includes/js/comment-reply.min.js?ver=5.5.3>; rel=preload; as=script etag "726632-1607626958;br" x-litespeed-cache hit content-encoding br vary Accept-Encoding date Fri, 11 Dec 2020 13:27:09 GMT server LiteSpeed set-cookie ls_smartpush=20002; path=/; expires=Tue, 09 Feb 2021 13:27:09 GMT; secure; SameSite=Strict alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
GET H2	200	14000.css www.gosunoob.com/wp-content/litespeed/cssjs/	108 KB 19 KB	302ms 0ms	Stylesheet text/css	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash c636bd6528aa610ce12c8112b7b136fe5c6966604f86731d7983aecf9dea54ac Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:09 GMT content-encoding br last-modified Thu, 10 Dec 2020 19:02:21 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 19825 expires Fri, 18 Dec 2020 13:27:09 GMT
GET H2	200	comment-reply.min.js Show response www.gosunoob.com/wp-includes/js/	3 KB 1 KB	302ms 0ms	Script application/javascript	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://www.gosunoob.com/wp-includes/js/comment-reply.min.js?ver=5.5.3 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:09 GMT content-encoding br last-modified Thu, 29 Oct 2020 22:08:02 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 1238 expires Fri, 18 Dec 2020 13:27:09 GMT
GET H2	200	serge_comb_min.js Show response static.gosunoob.com/js/	181 KB 55 KB	223ms 222ms	Script application/x-javascript	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://static.gosunoob.com/js/serge_comb_min.js Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash 4d9b0093ee6cd3532ccf124649505e834aaefa257d620a80de1ef232a11345ff Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:09 GMT content-encoding br last-modified Wed, 23 Jan 2019 21:09:22 GMT server LiteSpeed etag "2d2f6-5c48d802-0;br" vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control public accept-ranges bytes content-length 55906 expires Sat, 12 Dec 2020 13:27:09 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	96 KB 38 KB	22ms 22ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-37184768-1 Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7f9b039c6c30316477ef348f92550c601522b90e3893be4ddad86ed1c36cf037 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:11 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38976 x-xss-protection 0 last-modified Fri, 11 Dec 2020 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 11 Dec 2020 13:27:11 GMT
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 5 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:824::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 14:52:16 GMT content-encoding gzip x-content-type-options nosniff age 81295 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 10 Dec 2021 14:52:16 GMT
GET H/1.1	200 OK	atrk.js Show response d31qbv1cthcecs.cloudfront.net/	4 KB 5 KB	109ms 35ms	Script text/javascript	65.9.73.127 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d31qbv1cthcecs.cloudfront.net/atrk.js Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.73.127 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Mon, 31 Aug 2020 11:51:48 GMT Via 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront) Connection keep-alive Last-Modified Sat, 16 Mar 2019 16:01:33 GMT Server AmazonS3 Age 8818524 ETag "96c08723796affab377d9bb08d631cd0" X-Cache Hit from cloudfront Content-Type text/javascript Cache-Control max-age=26920000 X-Amz-Cf-Pop AMS1-C1 Accept-Ranges bytes Content-Length 4264 X-Amz-Cf-Id OLlOM_18aykACqqKabdXJdN01o20GTuUi891yYaAP5rMoo_4Vzuv2A==
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	18ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6a3221f266bb36f86dae7efac2466a1ac67e5b3c362740c864ef1ff01e2cc45a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 1VSRoVB5sJvVOA4Z/3DKRw== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 1779 etag "8bed0097f024a8bffbae9784f767b81c" x-fb-debug pF2eltgAfjSP8yCgU4ZpWe3LrTmsAUiR+WPMtae23hyVU5/DEjdmWwObcv6kkV/W9RfHd1f7izFZlzNQ4uzn5A== x-fb-trip-id 603378373 x-fb-content-md5 10c0aa2ea5532e99200a4bd9e8cc7f5d x-frame-options DENY date Fri, 11 Dec 2020 13:27:11 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 timing-allow-origin * expires Fri, 11 Dec 2020 13:40:48 GMT
GET DATA	200 OK	truncated /	142 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 787e3ad85ce12880e4c413abe0805c2145eeb1a07a345eb2711054a6235ca67d Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	logo.png www.gosunoob.com/wp-content/themes/serge_gosunoob/img/	3 KB 3 KB	448ms 147ms	Image image/png	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.gosunoob.com/wp-content/themes/serge_gosunoob/img/logo.png Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash cd72da015cb9cf222b1d944fce2068926852fcdb9742510342c6102286b6f9d4 Request headers Referer https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:10 GMT last-modified Fri, 21 Jul 2017 12:57:25 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 3031 expires Fri, 18 Dec 2020 13:27:10 GMT
GET H2	200	theme-icons.woff2 static.gosunoob.com/css/font/	7 KB 7 KB	391ms 129ms	Font application/woff2	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://static.gosunoob.com/css/font/theme-icons.woff2 Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash e44c5b0235ac63241dd864a22141348b0908f89b459c52b9e66cade5528fd107 Request headers Origin https://www.gosunoob.com Referer https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:10 GMT last-modified Tue, 15 Aug 2017 12:59:48 GMT server LiteSpeed content-type application/woff2 access-control-allow-origin * cache-control public, max-age=604800 accept-ranges bytes alt-svc quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000 content-length 7068 expires Fri, 18 Dec 2020 13:27:10 GMT
GET H2	200	zelda-botw-shrines-map-1024x810.jpg static.gosunoob.com/img/1/2017/03/	163 KB 163 KB	131ms 131ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2017/03/zelda-botw-shrines-map-1024x810.jpg Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash 8565814c47ec334e4fccc0a89687f67f1ff113f756fa8b4111cf966e319eaed2 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:09 GMT last-modified Fri, 18 Aug 2017 13:31:14 GMT server LiteSpeed etag "28beb-5996ec22-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 166891 expires Sat, 11 Dec 2021 13:27:09 GMT
GET DATA	200 OK	truncated /	142 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 88372f78f8a4d7e670d2f80c342bc0bbc46043c374f7f61c6b30403da3f17138 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	142 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d554065851b4c6b996d8e9411694adccfc0d0b917b5fc9dec52e30c626b67d2a Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	35 B 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04c1bc744720c6e7542613e933c9a0f4bbd8f6ed45a5b1924223c256430dfd7b Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/gif
GET DATA	200 OK	truncated /	140 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4ad77c7738f90689ba5e20031a12ff27b56c53f48ab04626903036e02b33b8f2 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3-Q050	200	css fonts.googleapis.com/	4 KB 1 KB	41ms 28ms	Stylesheet text/css	2a00:1450:4001:81d::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans%7COswald&display=swap Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 33934a925bb48a76c2a7e58d2972e063ca4ac1ffc108d83a047dfd83ea22d03e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 11 Dec 2020 13:26:25 GMT server ESF date Fri, 11 Dec 2020 13:27:11 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 11 Dec 2020 13:27:11 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	46 KB 18 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-37184768-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 23 Oct 2020 03:00:57 GMT server Golfe2 age 5794 date Fri, 11 Dec 2020 11:50:37 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18817 expires Fri, 11 Dec 2020 13:50:37 GMT
GET H2	200	arrow-more.png static.gosunoob.com/img/	2 KB 2 KB	342ms 342ms	Image image/png	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/arrow-more.png Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash 819a1b87a2eddf3e17ee545116c7e8e6a6ec51d7a102ec89615b8be8b41601ba Request headers Referer https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Tue, 10 Jan 2017 15:18:02 GMT server LiteSpeed etag "800-5874fb2a-0;;;" content-type image/png access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 2048 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	theme-icons.png static.gosunoob.com/img/	5 KB 5 KB	338ms 338ms	Image image/png	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/theme-icons.png Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash ffac2d3b875be06d8778cdbbc016e6a1fcd54ea2fcab95288e17a01eb95d7dce Request headers Referer https://www.gosunoob.com/wp-content/litespeed/cssjs/14000.css?bf925 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Thu, 01 Jun 2017 09:12:50 GMT server LiteSpeed etag "120d-592fda92-0;;;" content-type image/png access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 4621 expires Sat, 11 Dec 2021 13:27:10 GMT
GET DATA	200 OK	truncated /	142 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 322eb33e80021d4cc05571e1224c6b71ecdbb1eb986e24ec1b1cf693d9fa049f Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	all.js Show response connect.facebook.net/en_US/	188 KB 57 KB	18ms 6ms	Script application/x-javascript	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=f720a633c59cb5cfc0cd9ad7f43e2992&ua=modern_es6 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8a2e21a16609864ffc348b85e0ddd88fada1b56c54691ef7a7d60bd778db0c3a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Origin https://www.gosunoob.com Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 OuyC/CeuS69pl8fw/7lTpA== cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 57678 etag "b468dd47b2a195c0fc64a89ca8667520" x-fb-debug RYw6/gJOifQkInRH7AqmtprFYyPWETK+1QC/3ffZhcQ7PtFEDSF09QrmETMytbAKcmrbrZNhkVPCHOxbm4LZlA== x-fb-trip-id 603378373 x-fb-content-md5 1c79135da0cb1e1d84657ba3d4eeabaa x-frame-options DENY cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Fri, 11 Dec 2020 13:27:11 GMT vary Accept-Encoding report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable timing-allow-origin * expires Sat, 11 Dec 2021 12:23:19 GMT
GET H3-Q050	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff fonts.gstatic.com/s/oswald/v35/	12 KB 12 KB	6ms 6ms	Font font/woff	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v35/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%7COswald&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gosunoob.com Referer https://fonts.googleapis.com/css?family=Open+Sans%7COswald&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 10:03:23 GMT x-content-type-options nosniff last-modified Mon, 13 Jul 2020 19:17:24 GMT server sffe age 185028 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12672 x-xss-protection 0 expires Thu, 09 Dec 2021 10:03:23 GMT
GET H3-Q050	200	mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 fonts.gstatic.com/s/opensans/v18/	9 KB 9 KB	7ms 6ms	Font font/woff2	2a00:1450:4001:809::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans%7COswald&display=swap Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.gosunoob.com Referer https://fonts.googleapis.com/css?family=Open+Sans%7COswald&display=swap User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 19:41:37 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:28 GMT server sffe age 150334 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 9132 x-xss-protection 0 expires Thu, 09 Dec 2021 19:41:37 GMT
GET H/1.1	200 OK	ad-manager.min.js Show response hb.vntsm.com/v3/live/ Frame AD61	2 MB 535 KB	147ms 48ms	Script application/javascript	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v3/live/ad-manager.min.js Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash c7222b8974763d6c3cb180e1c2fb1a52c62ad926f04b2cf64f9a2f1be43153f2 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 13:27:11 GMT Content-Encoding gzip Venatus-CDN-HB-Rule-Version 1.1 X-IP 185.216.34.99 Connection keep-alive Content-Length 547260 Last-Modified Tue, 08 Dec 2020 11:22:25 GMT ETag "9b6da1bcb68c1544b65833bcd9e351e5" Access-Control-Allow-Methods GET, OPTIONS X-HW 1607693231.cds031.lo4.hn,1607693231.cds211.lo4.c Content-Type application/javascript Access-Control-Allow-Origin https://www.gosunoob.com Access-Control-Expose-Headers X-Geo, Content-Type,x-bl Cache-Control max-age=159 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers X-Geo, Content-Type X-Geo AT
GET H/1.1	200 OK	atrk.gif certify.alexametrics.com/	43 B 551 B	108ms 34ms	Image image/gif	65.9.73.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Zelda%20BotW%20Shrine%20Locations%20Map%20-%20Find%20%26%20Complete%20all%20120&time=1607693231715&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&random_number=19531402875&sess_cookie=38bdc73717651fbe662d71318ea&sess_cookie_flag=1&user_cookie=38bdc73717651fbe662d71318ea&user_cookie_flag=1&dynamic=true&domain=gosunoob.com&account=Vv6qh1aMQV00Mc&jsv=20130128&user_lang=en-US Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 65.9.73.125 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Thu, 10 Dec 2020 17:39:40 GMT Via 1.1 609487f3e9c1fd7ddcc7b01d9818bfed.cloudfront.net (CloudFront) Last-Modified Mon, 17 Jan 2011 20:41:40 GMT Server AmazonS3 Age 71251 ETag "221d8352905f2c38b3cb2bd191d630b0" X-Cache Hit from cloudfront Content-Type image/gif Connection keep-alive Accept-Ranges bytes X-Amz-Cf-Pop AMS1-C1 x-amz-meta-alexa-last-modified 20110117123941 Content-Length 43 X-Amz-Cf-Id r4MqAFGEapapufj74YqraVb8p-r6uZ4Ov3hErptLPaBrUvJyXexcXQ==
POST H3-Q050	200	collect Show response www.google-analytics.com/j/	1 B 66 B	13ms 13ms	XHR text/plain	2a00:1450:4001:820::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1238315022&t=pageview&_s=1&dl=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&ul=en-us&de=UTF-8&dt=Zelda%20BotW%20Shrine%20Locations%20Map%20-%20Find%20%26%20Complete%20all%20120&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=700280599&gjid=555666563&cid=634750001.1607693232&tid=UA-37184768-1&_gid=1802147582.1607693232&_r=1&gtm=2oubu0&z=1756096762 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 11 Dec 2020 13:27:11 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.gosunoob.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	status www.facebook.com/x/oauth/	0 0	49ms 36ms	Fetch text/plain	2a03:2880:f11c:8183:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/x/oauth/status?client_id=404905972919579&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&sdk=joey&wants_cookie_data=false Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js?hash=f720a633c59cb5cfc0cd9ad7f43e2992&ua=modern_es6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff Request headers Referer https://www.gosunoob.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=15552000; preload x-content-type-options nosniff alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 0 pragma no-cache x-fb-debug 30ROb8cV/iMF6PoncfJI/JZFJ0HY+ejsHXAaYRINNKwFhCC/WRNZjsdM/1mfD9rgPnBxC6D58hcaN+kP59LlVw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" fb-s unknown date Fri, 11 Dec 2020 13:27:11 GMT report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.gosunoob.com access-control-expose-headers fb-s cache-control private, no-cache, no-store, must-revalidate access-control-allow-credentials true expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	localstore.js Show response script.4dex.io/ Frame AD61	450 B 985 B	69ms 33ms	Script application/javascript	2606:4700:e2::ac40:8620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/localstore.js Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:12 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 793 x-amz-request-id 2227CAEB6CFE3D58 x-amz-id-2 vSNmDF60V0fqwhf/Mzbc6+Kt1AxC6uSdTphWFZh8qTXoUXAAG3wXrVAvKDA+huvKq2xcbCn1XiU= last-modified Wed, 09 Dec 2020 15:13:38 GMT server cloudflare etag W/"bfa52622781c173885812009122c3f7c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FA6b92vovtBEX2KOJ4uIdtEntnbATgKxvpn8WCm65CnH2ZmhNg52V7NaKma26jZUmg0IOUWYUhznw2z6JgKyRTdXWzXAU2b%2BC0Iw5C4epkOWNXkXMpOfN5bEAw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=1800 cf-request-id 06f394ffae0000fa74de39a000000001 cf-ray 5fff8aac4b92fa74-AMS
GET H2	200	freewheel-mapping.json Show response cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame AD61	14 KB 2 KB	19ms 6ms	XHR application/json	2a04:4e42:3::621 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a04:4e42:3::621 , Ascension Island, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 39647 x-cache HIT cross-origin-resource-policy cross-origin content-length 1386 etag W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8" x-served-by cache-fra19142-FRA date Fri, 11 Dec 2020 13:27:12 GMT vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	58d2538946e0fb0001e4b3e5.enc Show response hb.vntsm.com/v2/live/ Frame AD61	70 KB 11 KB	146ms 60ms	XHR text/plain	151.139.128.11 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://hb.vntsm.com/v2/live/58d2538946e0fb0001e4b3e5.enc Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 345790ba1d4f60c25abe5b315680ef911bca415a430fb12a3fb9c854e44e6a62 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 13:27:12 GMT Content-Encoding gzip venatus-cdn-hb-rule-version 1.1 Transfer-Encoding chunked x-ip 185.216.34.99 Connection keep-alive Last-Modified Thu, 10 Dec 2020 20:36:13 GMT ETag "dd62181215997f0b97be57b34a41edcb" Access-Control-Allow-Methods GET, OPTIONS X-HW 1607693232.cds097.lo4.hn,1607693232.cds097.lo4.hc,1607693232.cds064.lo4.c,1607693232.cds097.lo4.sl Content-Type text/plain Access-Control-Allow-Origin https://www.gosunoob.com x-bl 0 Cache-Control max-age=600 Access-Control-Allow-Credentials true Accept-Ranges bytes Access-Control-Allow-Headers X-Geo, Content-Type x-geo AT Access-Control-Expose-Headers X-Geo, Content-Type,x-bl
GET H2	200	adagio.js Show response script.4dex.io/ Frame AD61	66 KB 19 KB	48ms 22ms	Fetch application/javascript	2606:4700:e2::ac40:8620 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://script.4dex.io/adagio.js Requested by Host: script.4dex.io URL: https://script.4dex.io/localstore.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8620 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0d732fc7378d090ef2854794915a98837f4a314c9090619d1e966ab7375362e9 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:12 GMT content-encoding br vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 69 access-control-allow-methods GET x-amz-request-id 10E6C6CED5BC7847 x-amz-id-2 /fTdAEfgy/OabMN91ljszBqySiyGv30TgDfsBVRwV1y+8dsh/z2nfNefwnS2SuyUvbWM1t4PqJM= last-modified Wed, 09 Dec 2020 15:13:35 GMT server cloudflare etag W/"cf2f73781eecf77c7d235706c134ff86" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wLnOQUXhhvbMgqpGd5Ys4HgMfabUdEg%2BgCMEwHQ%2FwL1NXk3BluoYoZ7ewU6QrE9nBujBIG5L03i40lh%2F0iqA5K%2FWAL6%2BlBz6WnjZE963cTvsSWPAIZ%2FnWSfBJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin * cache-control public, max-age=1800 cf-request-id 06f394ffe800000bf121372000000001 cf-ray 5fff8aacafd50bf1-AMS
GET H2	200	AC-Valhalla-Codex-Page-Locations-A-Brief-History-of-The-Hidden-Ones-209x117.jpg static.gosunoob.com/img/1/2020/11/	6 KB 6 KB	432ms 129ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2020/11/AC-Valhalla-Codex-Page-Locations-A-Brief-History-of-The-Hidden-Ones-209x117.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash ec2a60408d8d11f83d307f883509a2d365a71ef6acb561a8dfef4f20b1626138 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Tue, 10 Nov 2020 12:27:12 GMT server LiteSpeed etag "1659-5faa8720-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 5721 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	ghost-of-tsushima-hidden-forest-sword-kit-209x117.jpg static.gosunoob.com/img/1/2020/07/	7 KB 7 KB	434ms 130ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2020/07/ghost-of-tsushima-hidden-forest-sword-kit-209x117.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash 80baa2388777bb5edc319906a8bc5e6bbfb94d11d005bbdfdc785b2e23d3c17a Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Wed, 15 Jul 2020 12:47:44 GMT server LiteSpeed etag "1a9d-5f0efaf0-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 6813 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	76-PEYOTE-locations-GTA-ONLINE-209x117.jpg static.gosunoob.com/img/1/2019/11/	9 KB 9 KB	434ms 131ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2019/11/76-PEYOTE-locations-GTA-ONLINE-209x117.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash 85c4912c0c2337965548056c8985728e5cedd8dc99aad086ff5969e405b98895 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Fri, 01 Nov 2019 14:05:17 GMT server LiteSpeed etag "2233-5dbc3b9d-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 8755 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	zelda-breath-of-the-wild-shrines-209x117.jpg static.gosunoob.com/img/1/2017/03/	7 KB 7 KB	434ms 131ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2017/03/zelda-breath-of-the-wild-shrines-209x117.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Thu, 27 Jul 2017 14:15:38 GMT server LiteSpeed etag "1c16-5979f58a-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 7190 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	cyberpunk-2077-disable-double-tap-to-dodge-rebind-dodge-key-148x118.jpg static.gosunoob.com/img/1/2020/12/	4 KB 4 KB	545ms 242ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2020/12/cyberpunk-2077-disable-double-tap-to-dodge-rebind-dodge-key-148x118.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Thu, 10 Dec 2020 17:53:36 GMT server LiteSpeed etag "11b2-5fd260a0-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 4530 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	cyberpunk-2077-quick-money-farm-get-eddies-fast-148x118.jpg static.gosunoob.com/img/1/2020/12/	3 KB 3 KB	545ms 242ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2020/12/cyberpunk-2077-quick-money-farm-get-eddies-fast-148x118.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Thu, 10 Dec 2020 15:53:58 GMT server LiteSpeed etag "ac9-5fd24496-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 2761 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	cyberpunk-2077-rebind-controls-change-keybinds-148x118.jpg static.gosunoob.com/img/1/2020/12/	3 KB 3 KB	545ms 243ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2020/12/cyberpunk-2077-rebind-controls-change-keybinds-148x118.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Thu, 10 Dec 2020 16:05:17 GMT server LiteSpeed etag "c59-5fd2473d-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 3161 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	find-confront-anna-hamill-woman-of-la-mancha-gig-cyberpunk-2077-148x118.jpg static.gosunoob.com/img/1/2020/12/	4 KB 4 KB	545ms 243ms	Image image/jpeg	173.249.152.49 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://static.gosunoob.com/img/1/2020/12/find-confront-anna-hamill-woman-of-la-mancha-gig-cyberpunk-2077-148x118.jpg Protocol H2 Security TLS 1.3, , CHACHA20_POLY1305 Server 173.249.152.49 Chicago, United States, ASN36444 (NEXCESS-NET, US), Reverse DNS gosunoob.com Software LiteSpeed / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma public date Fri, 11 Dec 2020 13:27:10 GMT last-modified Thu, 10 Dec 2020 14:34:19 GMT server LiteSpeed etag "1115-5fd231eb-0;;;" content-type image/jpeg access-control-allow-origin * cache-control public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 4373 expires Sat, 11 Dec 2021 13:27:10 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	55 KB 19 KB	112ms 39ms	Script text/javascript	172.217.21.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.21.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s13-in-f226.1e100.net Software sffe / Resource Hash e0ef44b92a3d532fb9176442698e18d5c3b7545db0b081a52300661602f6c9c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:12 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "720 / 366 of 1000 / last-modified: 1607689179" vary Accept-Encoding content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18939 x-xss-protection 0 expires Fri, 11 Dec 2020 13:27:12 GMT
GET H2	200	choice.js Show response quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/gosunoob.com/	4 KB 2 KB	50ms 22ms	Script application/javascript	2600:9000:2104:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/gosunoob.com/choice.js?timestamp=1607693232315 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 94d84c9d6539838e328e7690ad924c9f314e8c68a763b5a2d0d427781aaf6a36 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:12 GMT content-encoding br etag "f2edcaee5e6d1d855104b87b2a179bcd" last-modified Fri, 13 Nov 2020 23:00:09 GMT server AmazonS3 x-amz-cf-pop AMS1-C1 x-amz-server-side-encryption AES256 vary Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront) cache-control max-age=900 x-amz-cf-id BQmGro0UkIAPn8MFvyKetk8PDQ_LtsQy65S6SZo-7mq7hQFDeM6LNw==
GET H3-Q050	200	pubads_impl_2020120301.js Show response securepubads.g.doubleclick.net/gpt/	279 KB 99 KB	87ms 47ms	Script text/javascript	172.217.21.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020120301.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.21.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s13-in-f226.1e100.net Software sffe / Resource Hash dc3842d1ad8fde688d7b47fb100be5a4bcf18b97af2dd23d02dbb3713f6d520b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:12 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 03 Dec 2020 09:42:05 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control private, immutable, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100510 x-xss-protection 0 expires Fri, 11 Dec 2020 13:27:12 GMT
GET H2	200	cmp2.js Show response quantcast.mgr.consensu.org/tcfv2/	266 KB 67 KB	14ms 14ms	Script text/javascript	2600:9000:2104:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/choice/Hwnr8j7tWA3Nu/gosunoob.com/choice.js?timestamp=1607693232315 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7baadf42bdd7151de787de3b98f1c65f55cc2b3d34d4fbe90a0e490756dd3a1b Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:26:23 GMT content-encoding br etag "1d55b13d85c9837da884d1e8594cc025" last-modified Fri, 04 Dec 2020 04:26:50 GMT server AmazonS3 age 50 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript;charset=UTF-8 via 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront) cache-control max-age=3600 x-amz-meta-qc-ineu True x-amz-cf-pop AMS1-C1 x-amz-cf-id t1wpBXDioSGHudLrriDG_nMg5JI9xs8CArNNimJanBrTz1gAEG_jAA==
GET H2	200	cmp-list.json Show response test.quantcast.mgr.consensu.org/GVL-v2/	7 KB 2 KB	43ms 13ms	XHR application/json	2600:9000:2104:f800:3:a4cd:8380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:f800:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ab60c872a21e9fb5c14a0a7a734542312d179192a88425ef33afb823b7bb9fa3 Request headers Accept application/json, text/plain, */* Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 03:03:40 GMT content-encoding br age 37413 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Thu, 10 Dec 2020 19:52:29 GMT server AmazonS3 etag W/"7578be7550b7afa8ca1acc6735e82d00" vary Accept-Encoding access-control-allow-methods GET x-amz-version-id ziq8cQxNBmXfP3_yjOFW9zBJQ.ejQTFZ via 1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop AMS1-C1 content-type application/json x-amz-cf-id N_5ttl-LQDjhGlw276o6ia7bHQe8x5KpO-I3rBPGYzINk92AH2ljDw==
GET H2	200	vendor-list.json Show response quantcast.mgr.consensu.org/GVL-v2/	210 KB 28 KB	42ms 14ms	XHR application/json	2600:9000:2104:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 86d2d96ba7decd3d46387c02b2cf2be197cd5635b6cb3a5483de17c637512da3 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 03:00:34 GMT content-encoding br vary Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method age 37599 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-allow-origin * last-modified Fri, 11 Dec 2020 03:00:32 GMT server AmazonS3 etag W/"fa4fa56f36731895afc03e4c7cc1bdec" access-control-max-age 3000 access-control-allow-methods GET content-type application/json via 1.1 2bf8812c27f5e451eba4aef5c1aff6ae.cloudfront.net (CloudFront) cache-control max-age=172800 access-control-allow-credentials true x-amz-cf-pop AMS1-C1 x-amz-cf-id -iHDrJY6RpO0_Uf2U7jEXtkA2akWWqHvPGSh0mjlAtEPHOgWml8TJw==
GET H2	200	cmp2ui-en.js Show response quantcast.mgr.consensu.org/tcfv2/23/	469 KB 124 KB	13ms 13ms	Script text/javascript	2600:9000:2104:c200:9:46dc:4700:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:c200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 10:58:18 GMT content-encoding br age 95335 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 86400 access-control-allow-origin * last-modified Fri, 04 Dec 2020 04:26:25 GMT server AmazonS3 etag "b999c652510fc4edd897a1d667aaee33" vary Accept-Encoding access-control-allow-methods GET content-type text/javascript;charset=UTF-8 via 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront) cache-control max-age=172800 x-amz-cf-pop AMS1-C1 x-amz-cf-id _B8KeT5Tj7QV45gY5ZTHlOH1y715Vbm3pItCUqBU4K7Fbdqk-TVwMw==
GET H2	200	/ audit-tcfv2.quantcast.mgr.consensu.org/	80 B 506 B	117ms 43ms	XHR text/html	65.9.73.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22www.gosunoob.com%22%2C%22publisher%22%3A%22gosunoob.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22CHlNHphYJXknV4FK90XDCg%22%2C%22clientTimestamp%22%3A1607693232601%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-q6lsdhe6q3tmvuqxt8rc%22%7D Requested by Host: quantcast.mgr.consensu.org URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.73.20 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Accept application/json, text/plain, */* Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Dec 2020 13:48:06 GMT via 1.1 f5046bb9ebd1a8f25b2025d7d9a283f3.cloudfront.net (CloudFront) age 85147 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront access-control-max-age 3000 content-length 80 last-modified Tue, 26 Nov 2019 14:21:44 GMT server AmazonS3 etag "0614149d8033903db5de46d6c184bbfd" vary Origin access-control-allow-methods GET content-type text/html access-control-allow-origin * x-amz-cf-pop AMS1-C1 accept-ranges bytes x-amz-cf-id Muf4DvR6bYo4eZEWwIurozgTWl0Fq3UKfDIpsrlJFCCk6JtDLVRJow==
GET H2	200	v1 prebid.digitru.st/id/ Frame AD61	425 B 1 KB	61ms 29ms	XHR application/json	2600:9000:2104:9e00:a:d79f:3100:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://prebid.digitru.st/id/v1 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:9e00:a:d79f:3100:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 11 Dec 2020 13:27:13 GMT via 1.1 f32f19f2f9b3c0c60a4ff31c809ed008.cloudfront.net (CloudFront) server CloudFront x-amz-cf-pop AMS1-C1 vary Accept-Encoding, Origin access-control-allow-methods GET, OPTIONS p3p CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" access-control-allow-origin https://www.gosunoob.com cache-control private, max-age=15552000 access-control-allow-credentials true x-cache LambdaGeneratedResponse from cloudfront content-type application/json content-length 425 x-amz-cf-id mIFvhGXoba6qFiF_g7czTapHUUZQGg0ErKRVxsP5x0LMgScic8eI3g==
GET H2	200	script.js d1oykxszdrgjgl.cloudfront.net/	104 KB 35 KB	51ms 14ms	Script application/javascript	2600:9000:2104:cc00:0:1651:6140:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1oykxszdrgjgl.cloudfront.net/script.js Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:cc00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:25:00 GMT content-encoding gzip last-modified Thu, 10 Dec 2020 21:40:57 GMT server AmazonS3 age 137 etag W/"612e4a6c08bc8427605aa67b7c1f5c83" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront) cache-control max-age=600,public,must-revalidate x-amz-cf-pop AMS1-C1 x-amz-cf-id E9wAnBg2oTtQ8gvhdhOPmz1gelLqwvTRZQFXgBFcJkJ8uscNVhivlg==
OPTIONS H2	204	1a i.clean.gg/ Frame	0 0	190ms 119ms	Other text/plain	34.95.69.49 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Protocol H2 Server 34.95.69.49 , United States, ASN15169 (GOOGLE, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.17.4 / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.gosunoob.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers server nginx/1.17.4 date Fri, 11 Dec 2020 13:27:16 GMT access-control-allow-origin * access-control-allow-methods GET, POST, OPTIONS access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key access-control-max-age 1728000 content-type text/plain; charset=utf-8 content-length 0 via 1.1 google alt-svc clear
POST H2	200	1a i.clean.gg/	0 104 B	120ms 120ms	XHR application/octet-stream	34.95.69.49 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://i.clean.gg/1a Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.95.69.49 , United States, ASN15169 (GOOGLE, US), Reverse DNS 49.69.95.34.bc.googleusercontent.com Software nginx/1.17.4 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers date Fri, 11 Dec 2020 13:27:16 GMT via 1.1 google server nginx/1.17.4 access-control-allow-headers DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key access-control-allow-methods GET, POST, OPTIONS content-type application/octet-stream access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range alt-svc clear content-length 0
POST H/1.1	200 OK	v1 prg.smartadserver.com/prebid/ Frame AD61	0 1 KB	239ms 160ms	XHR application/json	185.86.138.32 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 11 Dec 2020 13:27:21 GMT x-smrt-d 4%3b5%3b76 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.gosunoob.com cache-control no-cache,no-store access-control-allow-credentials true content-type application/json content-length 0
POST H/1.1	200 OK	v1 prg.smartadserver.com/prebid/ Frame AD61	0 1 KB	246ms 167ms	XHR application/json	185.86.138.32 SMARTADSERVER
General Check archive.org Show headers Download Go to Full URL https://prg.smartadserver.com/prebid/v1 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR), Reverse DNS Software / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 11 Dec 2020 13:27:21 GMT x-smrt-d 4%3b23%3b82 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" access-control-allow-origin https://www.gosunoob.com cache-control no-cache,no-store access-control-allow-credentials true content-type application/json content-length 0
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/ Frame AD61	259 B 2 KB	281ms 161ms	XHR application/json	213.19.162.21 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!venatusmedia.com,58d2538946e0fb0001e4b3e5,1,,,&dt.id=EOr2GuHtY0aZfxonsEmd7%2BfIpsbQ2HdhN%2BXLvQ5dZ9wQWMYR4p7LBppnJyFUdkY17lqFJIfR1GDyjfJICf3a0Tytni7UuicOiKV8zR%2FZlYOmlAmJRJNWeP9KYDB0%2FU0wlJ%2FfEBJlW5Bc59uCvZSYXD2v0MtAt79CUFegFCIz%2FlO5aijBJC07I8J0JXLrUNMEErZiiO7onPhUO%2B2okWZdx3GGa8BD4jUYd1hPXupwOjXHPlrPjsxVVdGaZOJFjzpgiJHsiNPnrH2byDJ4wVSNRTA7QGeEV2SviO2U%2BjjOA1nC3oH6n1G2wdfTGVsM%2FktbLs4Xfgy16IjQHouZCAUmdg%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&tk_flint=pbjs_lite_v3.23.0&x_source.tid=722e7dca-4acd-4d66-b14f-8faa50ae58ef&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.3318596131266569 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:22 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.gosunoob.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 259 Expires Wed, 17 Sep 1975 21:32:10 GMT
GET H/1.1	200 OK	fastlane.json fastlane.rubiconproject.com/a/api/ Frame AD61	239 B 2 KB	252ms 123ms	XHR application/json	213.19.162.21 RUBICONPROJECT
General Check archive.org Show headers Download Go to Full URL https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=65512&zone_id=308542&size_id=15&gdpr=0&rp_schain=1.0,1!venatusmedia.com,58d2538946e0fb0001e4b3e5,1,,,&dt.id=EOr2GuHtY0aZfxonsEmd7%2BfIpsbQ2HdhN%2BXLvQ5dZ9wQWMYR4p7LBppnJyFUdkY17lqFJIfR1GDyjfJICf3a0Tytni7UuicOiKV8zR%2FZlYOmlAmJRJNWeP9KYDB0%2FU0wlJ%2FfEBJlW5Bc59uCvZSYXD2v0MtAt79CUFegFCIz%2FlO5aijBJC07I8J0JXLrUNMEErZiiO7onPhUO%2B2okWZdx3GGa8BD4jUYd1hPXupwOjXHPlrPjsxVVdGaZOJFjzpgiJHsiNPnrH2byDJ4wVSNRTA7QGeEV2SviO2U%2BjjOA1nC3oH6n1G2wdfTGVsM%2FktbLs4Xfgy16IjQHouZCAUmdg%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&tk_flint=pbjs_lite_v3.23.0&x_source.tid=723a52d3-897d-4265-81e2-6067e537cc29&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.21483290252628984 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, RSA, AES_128_GCM Server 213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software nginx/1.16.0 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:22 GMT Server nginx/1.16.0 Vary Accept-Encoding P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin https://www.gosunoob.com Cache-Control no-cache, no-store, max-age=0, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json Keep-Alive timeout=5 Content-Length 239 Expires Wed, 17 Sep 1975 21:32:10 GMT
POST H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/ Frame AD61	261 B 1 KB	182ms 110ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:21 GMT X-Proxy-Origin 185.216.34.99; 185.216.34.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.142:80 AN-X-Request-Uuid e3fa2c68-32bf-4b28-b55d-e47a7b59aace Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin https://www.gosunoob.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=utf-8 Content-Length 261 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H/1.1	200 OK	bid ap.lijit.com/rtb/ Frame AD61	96 B 762 B	254ms 173ms	XHR application/json	72.251.249.9 VOXEL-DOT-NET
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 11 Dec 2020 13:27:22 GMT Content-Encoding gzip Server nginx Vary Accept-Encoding, User-Agent Access-Control-Allow-Methods GET, POST, DELETE, PUT Content-Type application/json Access-Control-Allow-Origin https://www.gosunoob.com Access-Control-Allow-Credentials true X-Sovrn-Pod ad_ap3ams1 Access-Control-Allow-Headers X-Requested-With, Content-Type Content-Length 101
POST H2	200	v1 hb-api.omnitagjs.com/hb-api/prebid/ Frame AD61	188 B 608 B	315ms 238ms	XHR application/json	185.255.84.150 IGUANE-
General Check archive.org Show headers Download Go to Full URL https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&CanonicalUrl=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.255.84.150 , France, ASN200271 (IGUANE-, FR), Reverse DNS Software ayl-lb-fra02 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 11 Dec 2020 13:27:21 GMT content-encoding gzip x-content-type-options nosniff p3p CP="CAO PSA OUR" x-envoy-upstream-service-time 201 vary Accept-Encoding content-length 145 pragma no-cache server ayl-lb-fra02 access-control-max-age 3600 access-control-allow-methods OPTIONS, POST content-type application/json; charset=utf-8 access-control-allow-origin https://www.gosunoob.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept-Encoding, Content-Type expires 0
POST H2	204	cdb bidder.criteo.com/ Frame AD61	0 146 B	108ms 35ms	XHR text/plain	178.250.2.131 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://bidder.criteo.com/cdb?profileId=207&av=31&wv=3.23.0&cb=9621524553 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS bidder.am5.vip.prod.criteo.com Software Finatra / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.gosunoob.com date Fri, 11 Dec 2020 13:27:21 GMT access-control-allow-credentials true server Finatra timing-allow-origin * vary Origin
POST H2	204	translator hbopenbid.pubmatic.com/ Frame AD61	0 117 B	168ms 95ms	XHR text/plain	185.64.189.112 AS-PUBMATIC
General Check archive.org Show headers Download Go to Full URL https://hbopenbid.pubmatic.com/translator?source=prebid-client Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.gosunoob.com date Fri, 11 Dec 2020 13:27:21 GMT cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true
GET H/1.1	200 OK	hb grid.bidswitch.net/ Frame AD61	2 B 375 B	136ms 42ms	XHR application/json	18.159.79.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://grid.bidswitch.net/hb?auids=13109%2C13109&sizes=970x90%2C728x90%2C300x250&r=23ffa69f9f00be7&wrapperType=Prebid_js&wrapperVersion=3.23.0&u=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&wtimeout=3500&gdpr_applies=0 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.159.79.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-159-79-175.eu-central-1.compute.amazonaws.com Software / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 11 Dec 2020 13:27:21 GMT P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Access-Control-Allow-Origin https://www.gosunoob.com Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/json; charset=UTF-8 Content-Length 2
GET H/1.1	200 OK	bidRequest c2shb.ssp.yahoo.com/ Frame AD61	62 B 387 B	193ms 130ms	XHR application/json	18.156.195.47 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96910a0171711819381b54f9ba0055&pos=300x250_static&cmd=bid&secure=1 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 18.156.195.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-156-195-47.eu-central-1.compute.amazonaws.com Software ATS/7.1.2.128 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 11 Dec 2020 13:27:21 GMT Server ATS/7.1.2.128 Age 0 Access-Control-Allow-Methods POST,GET,HEAD,OPTIONS Content-Type application/json;charset=utf-8 Access-Control-Allow-Origin https://www.gosunoob.com Access-Control-Allow-Credentials true Connection keep-alive Content-Length 62
POST H2	200	/ shb.richaudience.com/hb/ Frame AD61	4 B 218 B	125ms 40ms	XHR text/html	168.119.145.247 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://shb.richaudience.com/hb/ Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 168.119.145.247 , United States, ASN24940 (HETZNER-AS, DE), Reverse DNS static.247.145.119.168.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers date Fri, 11 Dec 2020 13:27:21 GMT content-encoding gzip server nginx/1.10.3 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin https://www.gosunoob.com access-control-max-age 86400 access-control-allow-credentials true
POST H/1.1	200 OK	prebid ib.adnxs.com/ut/v3/ Frame AD61	10 KB 6 KB	220ms 149ms	XHR application/json	185.33.221.14 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ib.adnxs.com/ut/v3/prebid Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.14 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 730.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Date Fri, 11 Dec 2020 13:27:21 GMT Content-Encoding gzip Transfer-Encoding chunked P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 185.216.34.99; 185.216.34.99; 730.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.136:80 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 2e6b211d-19fb-4981-8073-12c8f9a39650 Server nginx/1.17.9 Vary Accept-Encoding Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin https://www.gosunoob.com Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H/1.1	200 OK	cygnus as-sec.casalemedia.com/ Frame AD61	25 B 458 B	197ms 135ms	XHR application/json	2.18.234.21 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://as-sec.casalemedia.com/cygnus?s=171882&v=7.2&r=%7B%22id%22%3A%223429267d7e8f82c%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2235035a225de5358%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22366331d2929b311%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%2258d2538946e0fb0001e4b3e5%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1 Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US), Reverse DNS a2-18-234-21.deploy.static.akamaitechnologies.com Software Apache / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:21 GMT Content-Encoding gzip Server Apache Vary Is-Traffic-Invalid,Accept-Encoding Content-Type application/json Access-Control-Allow-Origin https://www.gosunoob.com Cache-Control max-age=0, no-cache, no-store Access-Control-Allow-Credentials true Connection keep-alive Content-Length 45 Expires Fri, 11 Dec 2020 13:27:21 GMT
GET BLOB	200 OK	21292be1-c1a3-46df-b297-7c1e39430b51 https://www.gosunoob.com/ Frame 4A6A	0 0		Document text/html
General Check archive.org Show headers Download Go to Full URL blob:https://www.gosunoob.com/21292be1-c1a3-46df-b297-7c1e39430b51 Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Length 107690 Content-Type text/html
GET H/1.1	200 OK	/ rosetta.richmediastudio.com/T5yAaaWZZ3/ Frame 4A6A	108 KB 16 KB	177ms 59ms	Script text/html	92.222.198.105 OVH
General Check archive.org Show headers Download Go to Full URL https://rosetta.richmediastudio.com/T5yAaaWZZ3/ Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.222.198.105 Paris, France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.6.2 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 13:13:50 GMT Content-Encoding gzip Transfer-Encoding chunked Server nginx/1.6.2 Connection close Vary Accept-Encoding Content-Type text/html; charset=UTF-8
GET H2	200	/ s4.richmediastudio.com/rmsSkn/bpFtOdR8B2/ Frame 4A6A	4 KB 1 KB	143ms 43ms	Script text/html	195.201.240.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s4.richmediastudio.com/rmsSkn/bpFtOdR8B2/?adc=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FGa2jqgkqMkAZraOqCSoyQAAAAGCPgjlAGa2jqgkqMkAZraOqCSoyQH8XRYll7UsUqYWjATxv9R65c9NfAAAAAAiqqQAmAwAAJgMAAAIAAABxeGcPkxATAAAAAABVU0QAVVNEAAEAAQBgUwAAAAABAQQCAAAAALIA2RycSgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XhGHhQiRs-0WEPHwnXsYk6FMIAQoADEAAAAAAAAuQDoJQU1TMTozOTg0QJ4qSXctIR_0bOo_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeAA.%2Fcca%3DODA2I0FNUzE6Mzk4NA%3D%3D%2Fbn%3D88754%2Fclickenc%3D&ord=488729390 Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.240.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:22 GMT content-encoding gzip server nginx/1.10.3 vary Accept-Encoding content-type text/html; charset=UTF-8
GET H/1.1	200 OK	it ams1-ib.adnxs.com/ Frame 4A6A	0 817 B	113ms 39ms	Image text/html	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.gosunoob.com%252Fzelda-breath-of-wild%252Fshrines-where-to-find-how-to-complete%252F&e=wqT_3QLDCqBDBQAAAwDWAAUBCLnnzf4FEP-ulMrYrPulFBgAKjYJGa2jqgkqMkARGQ0JJBkAAABgj4I5QCERGwApEQnIMQAAAAAp3DBAMIjUpgU4pgZApgZIAlDx8J17WJOhTGAAaOCmZXiytQWAAQGKAQNVU0SSBQbwT5gBAaABAagBAbABALgBAcABBMgBAtABANgBAOABAPABAIoCd3VmKCdhJywgNDM1ODA1MCwgMTYwNzY5MzI0MSk7dWYoJ2knLCA1MTgyNjg2Rh0ALGcnLCAxMzQwODk0NkYeADByJywgMjU4NDM5MjgxNh8A9A4BkgL5AyFoRlJQRlFpUnMtMFdFUEh3blhzWUFDQ1RvVXd3QURnQVFBUklwZ1pRaU5TbUJWZ0FZUF9fX184UGFBQndBWGdCZ0FFQmlBRUJrQUVCbUFFQm9BRUJxQUVEc0FFQXVRSHRCS0QyQUFBdVFNRUJONzhrNGdrcU1rREpBUmpibVVWT0h2QV8yUUYzTFNFZjlHenFQLUFCM3FtOEF2VUJBQUFBQUpnQ0FLQUNBTFVDQUFBQUFMMENBQUFBQU1BQ0FjZ0NBZEFDQWRnQ0FlQUNBT2dDQVBnQ0FJQURBWmdEQWJvRENVRk5VekU2TXprNE5PQURuaXFBQkFDSUJBQ1FCQUNZQkFIQkJBQUFBQQVeDEF5UVEJCQEBGE5nRUFQRUUBCwkBIENJQlpBZnFRVQkPGEFEd1A3RUYNDRRBQUFEQkIdPwB5FSgMQUFBTjIoAABaLigAuDRBWGw3bTd3QmJLMXNnYjRCYUxfaVFLQ0JnTkZWVktJQmdDUUJnR1lCZ0NoQmdBAU40QUFDNUFxQVlCc2dZa0MddABFHQwARx0MAEkdDDR1QVlTmgKJASFYaEdIaDr9ASRrNkZNSUFRb0FEFfiIdVFEb0pRVTFUTVRvek9UZzBRSjRxU1hjdElSXzBiT29fVVEJlAEBAFcdaQBZHQwAYR0MAGMdDPBVZUFBLtgCH-AC7pAB6gJUaHR0cHM6Ly93d3cuZ29zdW5vb2IuY29tL3plbGRhLWJyZWF0aC1vZi13aWxkL3NocmluZXMtd2hlcmUtdG8tZmluZC1ob3cBDPC2Y29tcGxldGUvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDl5w84AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE4NS4yMTYuMzQuOTmoBACyBA4IABABGAAgACgAMAA4ArgEAMAEAMgEANIEDTgwNiNBTVMxOjM5ODTaBAIIAOAEAfAE8fCde4gFAZgFAKAF____________AcAFAMkFAAAAAAAA8D_SBQkJAAAAgWlsANgFAeAFAfAFAfoFBAgAEACQBgCYBgC4BgDBBgUgLADwP9AG-AHaBhYKEAkRGQFcEAAYAOAGCPIGAggAgAcBiAcAoAcxugcPAUhMGAAgADAAOIYBQADIB7K1BdIHDQkROgE4QNoHBggAEAAYAOAHAOoHAggA&s=2d32a181fd743668b5d9b425d5b2b2bdbace4744 Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:22 GMT X-Proxy-Origin 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.123:80 AN-X-Request-Uuid 5167be5d-dd80-43d4-8013-d333f15d36d0 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
POST H2	200	track track.venatusmedia.com/dual/ Frame AD61	16 B 165 B	53ms 53ms	XHR application/json	52.210.231.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.venatusmedia.com/dual/track Requested by Host: hb.vntsm.com URL: https://hb.vntsm.com/v3/live/ad-manager.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.210.231.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type application/json Response headers access-control-allow-origin https://www.gosunoob.com date Fri, 11 Dec 2020 13:27:22 GMT access-control-allow-credentials true content-length 16 vary Origin content-type application/json
OPTIONS H2	200	track track.venatusmedia.com/dual/ Frame	0 0	166ms 53ms	Other	52.210.231.1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://track.venatusmedia.com/dual/track Protocol H2 Server 52.210.231.1 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://www.gosunoob.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Sec-Fetch-Mode cors Response headers date Fri, 11 Dec 2020 13:27:22 GMT content-length 0 vary Origin access-control-max-age 3600 access-control-allow-origin https://www.gosunoob.com access-control-allow-headers content-type access-control-allow-methods POST access-control-allow-credentials true
GET H/1.1	200 OK	cert.js rosetta.richmediastudio.com/c/0b2f56677800fd559713d765373cf873/	5 KB 1 KB	107ms 36ms	Script application/javascript	92.222.198.105 OVH
General Check archive.org Show headers Download Go to Full URL https://rosetta.richmediastudio.com/c/0b2f56677800fd559713d765373cf873/cert.js Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 92.222.198.105 Paris, France, ASN16276 (OVH, FR), Reverse DNS Software nginx/1.6.2 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Fri, 11 Dec 2020 13:13:51 GMT Content-Encoding gzip Last-Modified Thu, 23 Jul 2020 14:40:43 GMT Server nginx/1.6.2 Vary Accept-Encoding Content-Type application/javascript Transfer-Encoding chunked Connection close
GET H2	200	/ s4.richmediastudio.com/rmsCre/bpFtOdR8B2/	90 KB 16 KB	63ms 62ms	Script text/javascript	195.201.240.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s4.richmediastudio.com/rmsCre/bpFtOdR8B2/?hasConsent=0&stid=0&adc=https%3A%2F%2Fams1-ib.adnxs.com%2Fclick%3FGa2jqgkqMkAZraOqCSoyQAAAAGCPgjlAGa2jqgkqMkAZraOqCSoyQH8XRYll7UsUqYWjATxv9R65c9NfAAAAAAiqqQAmAwAAJgMAAAIAAABxeGcPkxATAAAAAABVU0QAVVNEAAEAAQBgUwAAAAABAQQCAAAAALIA2RycSgAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521XhGHhQiRs-0WEPHwnXsYk6FMIAQoADEAAAAAAAAuQDoJQU1TMTozOTg0QJ4qSXctIR_0bOo_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAAAAAaQAAAAAAAAAAcQAAAAAAAAAAeAA.%2Fcca%3DODA2I0FNUzE6Mzk4NA%3D%3D%2Fbn%3D88754%2Fclickenc%3D&cd=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&rnd=b96f6d6168ca54f315cfef849effaf94&mediaType=&rmsCont=b96f6d6168ca54f315cfef849effaf94&dvF= Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.240.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:22 GMT content-encoding gzip server nginx/1.10.3 vary Accept-Encoding content-type text/javascript;charset=UTF-8
GET H3-Q050	200	B24844156.288506216;dc_pre=COL8_ISExu0CFcHGuwgdEm0L_A;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent= ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/ Frame 4A6A Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/B24844156.288506216;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tf... https://ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/B24844156.288506216;dc_pre=COL8_ISExu0CFcHGuwgdEm0L_A;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;ta...	42 B 608 B	105ms 65ms	Image image/gif	172.217.16.166 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/B24844156.288506216;dc_pre=COL8_ISExu0CFcHGuwgdEm0L_A;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=? Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 172.217.16.166 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra15s11-in-f166.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 11 Dec 2020 13:27:22 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 11 Dec 2020 13:27:22 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" content-type text/html; charset=UTF-8 location https://ad.doubleclick.net/ddm/trackimp/N1313774.285926VENATUSMEDIA/B24844156.288506216;dc_pre=COL8_ISExu0CFcHGuwgdEm0L_A;dc_trk_aid=481959734;dc_trk_cid=140877460;ord=488729390;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=? cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin follow-only-when-prerender-shown 1 timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	rd_log ams1-ib.adnxs.com/ Frame 4A6A	0 816 B	36ms 35ms	Script text/html	185.33.221.87 ASN-APPNEX
General Check archive.org Show headers Download Go to Full URL https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&e=wqT_3QLpBHxpAgAAAwDWAAUBCLnnzf4FEIm-ibDy1pqsLhgAKjYJAA0BABENCCgAGQAAAOB6FAJAIRESACkRCfS2ATEAAACAwvX8PzCM86UFOKYGQKYGSABQAFiToUxgAGjWznN4srUFgAEBigEAkgEDVVNEmAHKB6ABWqgBAbABALgBAMABAMgBANABANgBAOABAPABANgCH-AC7pAB6gJUaHR0cHM6Ly93d3cuZ29zdW5vb2IuY29tL3plbGRhLWJyZWF0aC1vZi13aWxkL3NocmluZXMtd2hlcmUtdG8tZmluZC1ob3ctdG8tY29tcGxldGUvgAMAiAMBkAMAmAMXoAMBqgMAwAOsAsgDANgDl5w84AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTE4NS4yMTYuMzQuOTmoBACyBA8IABABGMoHIFooADAAOAK4BADABADIBADaBAIIAOAEAPAEAIgFAZgFAKAFAMAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQDqBQ0KCGluLWZvY3VzEgEx6gUHCgJocBIBMOoFDwoKbG9vcC1pbmRleBIBMeoFDAoHaW4tdmlldxIBMeoFEAoLaXMtdmlld2FibGUSATHwBQD6BQQIABAAkAYAmAYAuAYAwQYAAAAlvxDaBhYKEAUKHQFgEAAYAOAGAPIGAggAgAcBiAcAoAcAugcPCAUaQCAAMAA4hgFAAMgHsrUF0gcNVS0BOEDaBwYIABAAGADgBwDqBwIIAA..&s=727493a133650371ab1d6235c86b5c30c6ca1491&bdref=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F,https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F& Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 185.33.221.87 , Netherlands, ASN29990 (ASN-APPNEX, US), Reverse DNS 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net Software nginx/1.17.9 / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:22 GMT X-Proxy-Origin 185.216.34.99; 185.216.34.99; 723.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.87:80 AN-X-Request-Uuid 6afe14c1-102d-4dcb-ab94-4fdc3b3e3883 Server nginx/1.17.9 P3P policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Access-Control-Allow-Origin * Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	rmsSkinMultipantalla.css s1.richmediastudio.com/assets/css/	2 KB 760 B	101ms 27ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/rmsSkinMultipantalla.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzKE84HvCl4JAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5e4c1d2b-973" last-modified Tue, 18 Feb 2020 17:21:47 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray 9Vk2yI7mcZQ= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 613898 expires Wed, 16 Dec 2020 10:55:44 GMT
GET H2	200	full_skin_video.css s1.richmediastudio.com/assets/css/	5 KB 1 KB	103ms 30ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/full_skin_video.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzKKLsTv3F4JAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5d8876e2-1255" last-modified Mon, 23 Sep 2019 07:40:18 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray sy5zNts8vRc= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 614108 expires Wed, 16 Dec 2020 10:52:14 GMT
GET H2	200	rmsSkinPremium.css s1.richmediastudio.com/assets/css/	1 KB 773 B	103ms 30ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/rmsSkinPremium.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzITx77vWEYJAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5f5b6ec4-56d" last-modified Fri, 11 Sep 2020 12:34:12 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray sfowSCjmna0= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 607832 expires Wed, 16 Dec 2020 12:36:50 GMT
GET H2	200	index_video_header.php s4.richmediastudio.com/player/ Frame AB09	0 0	37ms 35ms	Document text/html	195.201.240.22 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s4.richmediastudio.com/player/index_video_header.php?stid=0&sgn=ZG1UZ1M2ZmVsRnl4SDFmRFp6d3h0Qm9WWGtPNjlBeitiWnpQTW1DZU1MbEFuMFFGK2lVMitHNUNaUUJ0cWhyMHlPbSsxRUdGZkFlTW94bTJHVFRWeE8zcWc0b1RVQi9jd2VhbzZRcjVDY3pVb2xFY3FDa1pFUFBoNXh2T1JXK1RXZUpMQndzd2FJOVI4VE01M2hxL0d6a1B3a1dtTXh0OGNRNmtBZUxCUkhPb2JHVzFHNVlUQVJjS1ZTNWZyQm5aVHdncTFEY2o3L0JqRU9zc1VOYjN3MktXd3J5Z2VRVUhRK2hoWE5kZDJGSm4xZTRqaTA4UVhUTXhxWWhwR3dZdzRrNDZINzRpM25ySGJDeTJnSC9rRnc9PSMjOzkqMV4Fqo%2B5y2IkFKRsHQ%3D%3D&v=93cf7383aaf1b84cac881e44c08e9cd6&idAgc=0&cmp=6786&lnt=8971&crt=21289&cre=1&ref=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&refDomain=gosunoob.com&UV1=https%253A%252F%252Fs1.richmediastudio.com%252Fvideo%252FbpFtOdR8B2_2mIo8hb3as.mp4&UV2=https%253A%252F%252Fs1.richmediastudio.com%252Fvideo%252FbpFtOdR8B2_zxcR42Stc5.mp4&sURL=https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 195.201.240.22 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS Software nginx/1.10.3 / Resource Hash Request headers :method GET :authority s4.richmediastudio.com :scheme https :path /player/index_video_header.php?stid=0&sgn=ZG1UZ1M2ZmVsRnl4SDFmRFp6d3h0Qm9WWGtPNjlBeitiWnpQTW1DZU1MbEFuMFFGK2lVMitHNUNaUUJ0cWhyMHlPbSsxRUdGZkFlTW94bTJHVFRWeE8zcWc0b1RVQi9jd2VhbzZRcjVDY3pVb2xFY3FDa1pFUFBoNXh2T1JXK1RXZUpMQndzd2FJOVI4VE01M2hxL0d6a1B3a1dtTXh0OGNRNmtBZUxCUkhPb2JHVzFHNVlUQVJjS1ZTNWZyQm5aVHdncTFEY2o3L0JqRU9zc1VOYjN3MktXd3J5Z2VRVUhRK2hoWE5kZDJGSm4xZTRqaTA4UVhUTXhxWWhwR3dZdzRrNDZINzRpM25ySGJDeTJnSC9rRnc9PSMjOzkqMV4Fqo%2B5y2IkFKRsHQ%3D%3D&v=93cf7383aaf1b84cac881e44c08e9cd6&idAgc=0&cmp=6786&lnt=8971&crt=21289&cre=1&ref=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&refDomain=gosunoob.com&UV1=https%253A%252F%252Fs1.richmediastudio.com%252Fvideo%252FbpFtOdR8B2_2mIo8hb3as.mp4&UV2=https%253A%252F%252Fs1.richmediastudio.com%252Fvideo%252FbpFtOdR8B2_zxcR42Stc5.mp4&sURL=https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Response headers server nginx/1.10.3 date Fri, 11 Dec 2020 13:27:22 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding content-encoding gzip
GET H2	200	rmsFadeOutEffect.css s1.richmediastudio.com/assets/css/	241 B 412 B	95ms 29ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/rmsFadeOutEffect.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzIHXnTvCUgJAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5de92a95-f1" last-modified Thu, 05 Dec 2019 16:04:37 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray Ajs6Q28YzQU= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 608265 expires Wed, 16 Dec 2020 12:29:37 GMT
GET H2	200	rmsPremiumDesp.css s1.richmediastudio.com/assets/css/	8 KB 2 KB	94ms 28ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/rmsPremiumDesp.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzKMwm3vxUQJAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5de940f6-21ef" last-modified Thu, 05 Dec 2019 17:40:06 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray CAqcyGsnHRk= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 607429 expires Wed, 16 Dec 2020 12:43:33 GMT
GET H2	200	controls_v1.css s1.richmediastudio.com/assets/css/	601 B 513 B	95ms 30ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/controls_v1.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzIeRbzvxUQJAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5d8876e2-259" last-modified Mon, 23 Sep 2019 07:40:18 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray PsnCSAmNY5Y= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 607429 expires Wed, 16 Dec 2020 12:43:33 GMT
GET H2	200	controls_fvs.css s1.richmediastudio.com/assets/css/	1 KB 567 B	94ms 29ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/controls_fvs.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzKdKmnvCUgJAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5d8876e2-4cd" last-modified Mon, 23 Sep 2019 07:40:18 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray 2xraWrmxLHk= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 608265 expires Wed, 16 Dec 2020 12:29:37 GMT
GET H2	200	rmsControlsSpe.css s1.richmediastudio.com/assets/css/	476 B 508 B	95ms 31ms	Stylesheet text/css	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Full URL https://s1.richmediastudio.com/assets/css/rmsControlsSpe.css Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzICea/vxUQJAA== date Fri, 11 Dec 2020 13:27:22 GMT content-encoding br etag W/"5de9405d-1dc" last-modified Thu, 05 Dec 2019 17:37:33 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray GSynL8Q8u7E= vary Accept-Encoding x-cache HIT content-type text/css access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 607429 expires Wed, 16 Dec 2020 12:43:33 GMT
GET H2	200	skeleton.js pixel.adsafeprotected.com/rjss/st/535480/50565502/	45 KB 13 KB	195ms 88ms	Script application/javascript	52.19.116.20 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://pixel.adsafeprotected.com/rjss/st/535480/50565502/skeleton.js Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.19.116.20 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-19-116-20.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Fri, 11 Dec 2020 13:27:22 GMT content-encoding gzip x-server-name app31.ie.303net.net content-type application/javascript;charset=utf-8 access-control-allow-origin pixel.adsafeprotected.com cache-control no-cache access-control-allow-credentials true server nginx expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	trans.png s1.richmediastudio.com/assets/img/	205 B 511 B	147ms 88ms	Image image/png	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Show image Full URL https://s1.richmediastudio.com/assets/img/trans.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzL3WxDvMl8JAA== date Fri, 11 Dec 2020 13:27:22 GMT etag "5d8876e2-cd" last-modified Mon, 23 Sep 2019 07:40:18 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray O2wguq9Szh8= x-cache HIT content-type image/png access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 614194 accept-ranges bytes content-length 205 expires Wed, 16 Dec 2020 10:50:48 GMT
GET H2	200	/ srms.richmediastudio.com/	43 B 106 B	128ms 35ms	Image image/gif	116.202.114.67 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://srms.richmediastudio.com/?type=3&hasConsent=0&stid=&sgn=ZG1UZ1M2ZmVsRnl4SDFmRFp6d3h0Qm9WWGtPNjlBeitiWnpQTW1DZU1MbEFuMFFGK2lVMitHNUNaUUJ0cWhyMHlPbSsxRUdGZkFlTW94bTJHVFRWeE8zcWc0b1RVQi9jd2VhbzZRcjVDY3pVb2xFY3FDa1pFUFBoNXh2T1JXK1RXZUpMQndzd2FJOVI4VE01M2hxL0d6a1B3a1dtTXh0OGNRNmtBZUxCUkhPb2JHVzFHNVlUQVJjS1ZTNWZyQm5aVHdncTFEY2o3L0JqRU9zc1VOYjN3MktXd3J5Z2VRVUhRK2hoWE5kZDJGSm4xZTRqaTA4UVhUTXhxWWhwR3dZdzRrNDZINzRpM25ySGJDeTJnSC9rRnc9PSMjOzkqMV4Fqo%2B5y2IkFKRsHQ%3D%3D&v=93cf7383aaf1b84cac881e44c08e9cd6&idAgc=0&cmp=6786&lnt=8971&crt=21289&refDomain=gosunoob.com&ref=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&cre=1&sbcre=0&e=1&rnd=661404419366099&gdpr=0&gdpr_consent= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.202.114.67 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.67.114.202.116.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:22 GMT server nginx/1.10.3 content-type image/gif
GET H2	200	bpFtOdR8B2_VjSe4NMqPX_eE0WdDOEps.jpg s1.richmediastudio.com/display/	503 KB 504 KB	114ms 55ms	Image image/jpeg	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Show image Full URL https://s1.richmediastudio.com/display/bpFtOdR8B2_VjSe4NMqPX_eE0WdDOEps.jpg Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzKaYDfvjVkGAA== date Fri, 11 Dec 2020 13:27:22 GMT etag "5fbd2628-7db67" last-modified Tue, 24 Nov 2020 15:26:32 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray Y0tHsEOqE3A= x-cache HIT content-type image/jpeg access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 416141 accept-ranges bytes content-length 514919 expires Fri, 18 Dec 2020 17:51:41 GMT
GET H2	200	icons.png s1.richmediastudio.com/assets/img/	3 KB 4 KB	31ms 30ms	Image image/png	2a02:6ea0:c700::3 CDN77
General Check archive.org Show headers Download Go to Show image Full URL https://s1.richmediastudio.com/assets/img/icons.png Requested by Host: s1.richmediastudio.com URL: https://s1.richmediastudio.com/assets/css/controls_fvs.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6ea0:c700::3 , Germany, ASN60068 (CDN77, GB), Reverse DNS Software CDN77-Turbo / Resource Hash Request headers Referer https://s1.richmediastudio.com/assets/css/controls_fvs.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-77-nzt AcO1rzIFvx/vbk4JAA== date Fri, 11 Dec 2020 13:27:22 GMT etag "5d8876e2-cd2" last-modified Mon, 23 Sep 2019 07:40:18 GMT server CDN77-Turbo x-edge-pop frankfurtDE x-77-nzt-ray fVILnwJn4c0= x-cache HIT content-type image/png access-control-allow-origin * x-edge-ip 195.181.175.50 x-age 609902 accept-ranges bytes content-length 3282 expires Wed, 16 Dec 2020 12:02:20 GMT
GET H2	200	/ srms.richmediastudio.com/	43 B 106 B	34ms 34ms	Image image/gif	116.202.114.67 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://srms.richmediastudio.com/?type=3&stid=0&sgn=ZG1UZ1M2ZmVsRnl4SDFmRFp6d3h0Qm9WWGtPNjlBeitiWnpQTW1DZU1MbEFuMFFGK2lVMitHNUNaUUJ0cWhyMHlPbSsxRUdGZkFlTW94bTJHVFRWeE8zcWc0b1RVQi9jd2VhbzZRcjVDY3pVb2xFY3FDa1pFUFBoNXh2T1JXK1RXZUpMQndzd2FJOVI4VE01M2hxL0d6a1B3a1dtTXh0OGNRNmtBZUxCUkhPb2JHVzFHNVlUQVJjS1ZTNWZyQm5aVHdncTFEY2o3L0JqRU9zc1VOYjN3MktXd3J5Z2VRVUhRK2hoWE5kZDJGSm4xZTRqaTA4UVhUTXhxWWhwR3dZdzRrNDZINzRpM25ySGJDeTJnSC9rRnc9PSMjOzkqMV4Fqo%2B5y2IkFKRsHQ%3D%3D&v=93cf7383aaf1b84cac881e44c08e9cd6&idAgc=0&cmp=6786&lnt=8971&crt=21289&cre=1&sbcre=0&e=30&ref=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&refDomain=gosunoob.com&rnd=3047694104180&rmsrnd=1607693242 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 116.202.114.67 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.67.114.202.116.clients.your-server.de Software nginx/1.10.3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 11 Dec 2020 13:27:22 GMT server nginx/1.10.3 content-type image/gif
GET H2	200	main.gr.19.8.149.js static.adsafeprotected.com/	176 KB 56 KB	41ms 13ms	Script application/javascript	2600:9000:2104:a000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.gr.19.8.149.js Requested by Host: d1oykxszdrgjgl.cloudfront.net URL: https://d1oykxszdrgjgl.cloudfront.net/script.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 09 Dec 2020 16:29:23 GMT content-encoding gzip age 161880 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 09 Dec 2020 16:13:56 GMT server AmazonS3 etag W/"7a5b536396630d4384ea30d5372afce3" vary Accept-Encoding x-amz-version-id 9Jd5zGDFPA.mRZ.RWVPZ582SkXlqlHka via 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop AMS1-C1 content-type application/javascript x-amz-cf-id 3zVAiv2CzJf6KR-OxVZA-OIAdKcbyRhwmBSkvK2gS4umhWj-8dgWxA==
GET H2	200	skeleton.js static.adsafeprotected.com/ Redirect Chain https://pixel.adsafeprotected.com/rfw/st/535480/50565502/skeleton.js?adsafe_url=https%3A%2F%2Fwww.gosunoob.com%2Fzelda-breath-of-wild%2Fshrines-where-to-find-how-to-complete%2F&adsafe_type=abdfq&ad... https://static.adsafeprotected.com/skeleton.js	17 B 464 B	12ms 12ms	Script application/javascript	2600:9000:2104:a000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 16 Nov 2020 17:22:46 GMT via 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront) age 2145877 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 cache-control max-age=315360000 x-amz-cf-pop AMS1-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id cxlvujT98nVIrx9wgjJVEIclzpovnQPDZo_1aR6nvPeLQPqYN5HyzQ== Redirect headers pragma no-cache date Fri, 11 Dec 2020 13:27:22 GMT x-server-name app15.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js cache-control no-cache content-length 0 server nginx
GET H2	200	sca.17.4.114.js static.adsafeprotected.com/ Frame 8342	81 KB 82 KB	13ms 12ms	Script application/javascript	2600:9000:2104:a000:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.4.114.js Requested by Host: www.gosunoob.com URL: https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2104:a000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 23 Nov 2020 03:12:04 GMT via 1.1 3c5f93efb24b4927140dd52806f3d1e1.cloudfront.net (CloudFront) age 1592119 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 83389 last-modified Mon, 13 Jan 2020 23:54:54 GMT server AmazonS3 etag "e456dd0e5be3c2494dd734db6c5b965c" x-amz-version-id gSPddsS9N0PGtUp2YQy7vCAfLQOR874Z cache-control max-age=315360000 x-amz-cf-pop AMS1-C1 accept-ranges bytes content-type application/javascript x-amz-cf-id oVTvABI_qESwWGrOvyeD8CvDmxydHGhlzfx-OGs-F8iT1qFThtLefg==
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	138ms 43ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=535480&asId=f74fba51-fbad-1a74-cb36-ba46cf4d977d&tv={c:wANHax,pingTime:-2,time:139,type:a,im:{sf:0,pom:1,prf:{bdA:11880,bdZ:12076,beA:12078,beZ:12080,mfA:12158,cmA:12160,inA:12160,inZ:12166,prA:12166,prZ:12169,si:12175,poA:12176,poZ:12205,cmZ:12205,mfZ:12205,loA:12210,loZ:12212,ltA:12216,ltZ:12216}},env:{gca:false,cca:true,gca2:true,gcd2:{appl:1,cnst:na},ccd:{version:1,uspString:1---}},clog:[{piv:100,vs:i,r:,w:1600,h:1200,t:97}],es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:{i:140,o:0,n:0,pp:0,pm:0},slEvents:[{sl:i,t:96,wc:0.0.1600.1200,ac:0.0.1600.1200,am:a,cc:0.0.1600.1200,piv:100,obst:0,th:0,reas:,bkn:{piv:[55~100],as:[55~1600.1200]}}],slEventCount:1,em:false,fr:true,e:,tt:rjss,dtt:0,fm:siRT0mW+1*.535480-50565502|11|12|13|14,idMap:1*,rmeas:1,rend:1,renddet:IMG.qs,slid:[rmsEnvTrack,pbnetVideo],sinceFw:40,readyFired:true}&br=u Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:22 GMT X-Server-Name dt66ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx
GET H/1.1	200 OK	dt dt.adsafeprotected.com/	43 B 308 B	45ms 44ms	Image image/gif	104.244.39.20 ADSAFE-1
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=535480&asId=f74fba51-fbad-1a74-cb36-ba46cf4d977d&tv={c:wANHfr,pingTime:-10,time:443,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.4.114v220002000000000000000000002000000020100000222200202000000000000000022201000000020000020022222000000200000022000022220222222222222202222222222222222222222222222222222222200000022022000020000002010202022020020002002000000000020222202002022000000000000000000000000000000002220002220000022200222202220022000200222022200000000002220000222202000020000022002222202222000000000002002222222220022200200000002200202200,sd:MTcuNC4xMTR2MTIwMHx8MTYwMHx8MHx8MHx8MjR8fDEyMDB8fDB8fDB8fDB8fGxhbmRzY2FwZS1wcmltYXJ5fHwyNHx8fHw0LzN8fDB8fDE2MDA-,no:MTcuNC4xMTR2TW96aWxsYXx8TmV0c2NhcGV8fG58fDE2fHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTYwfHxNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xNF81KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODMuMC40MTAzLjYxIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,asp:1607693243040||4c201805118f35a4111c85eb9a4ada8b||71ff54ebddb1e090fbf173d96e2342c8||bfafd1935e2391559b5bca16b41b9bd8||db3a138ab0b1f953b2f7a13669c53c54||51f13a9f074deab62a1401494a6f61ad||21f01d525bc348ab1c0befe552309ac0||03bf9c960e2c46e9fef2826ac35c1497||1576000828} Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.39.20 , United States, ASN7415 (ADSAFE-1, US), Reverse DNS Software nginx / Resource Hash Request headers Referer https://www.gosunoob.com/zelda-breath-of-wild/shrines-where-to-find-how-to-complete/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Pragma no-cache Date Fri, 11 Dec 2020 13:27:23 GMT X-Server-Name dt66ami.ami.303net.pvt P3P CP="COM NAV INT STA NID OUR IND NOI" Cache-Control no-cache Connection keep-alive Content-Type image/gif Content-Length 43 Server nginx