top.gg Open in urlscan Pro
2606:4700::6810:ae38 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://top.gg/bot/562687174697549856
Submission: On October 15 via manual (October 15th 2020, 2:06:11 am UTC) from US

Summary HTTP 124 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 44 IPs in 9 countries across 39 domains to perform 124 HTTP transactions. The main IP is 2606:4700::6810:ae38, located in United States and belongs to CLOUDFLARENET, US. The main domain is top.gg.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 15th 2020. Valid for: a year.

This is the only time top.gg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700::68... 2606:4700::6810:ae38	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6811:4f6b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21f... 2600:9000:21f3:4800:4:164e:ca00:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	162.159.133.232 162.159.133.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	52.210.157.217 52.210.157.217	16509 (AMAZON-02) (AMAZON-02)
14	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:3400:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
3	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1 3	104.111.238.139 104.111.238.139	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:e2:... 2606:4700:e2::ac40:8720	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
9	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:a600:0:1651:6140:21	16509 (AMAZON-02) (AMAZON-02)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206e:3c00:6:266a:9940:21	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206e:f600:a:d79f:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
4	69.173.144.140 69.173.144.140	26667 (RUBICONPR...) (RUBICONPROJECT)
5	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	3.125.31.155 3.125.31.155	16509 (AMAZON-02) (AMAZON-02)
2	3.127.110.33 3.127.110.33	16509 (AMAZON-02) (AMAZON-02)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	52.51.3.86 52.51.3.86	16509 (AMAZON-02) (AMAZON-02)
1	52.71.26.88 52.71.26.88	14618 (AMAZON-AES) (AMAZON-AES)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2	52.210.231.1 52.210.231.1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1	5.39.66.192 5.39.66.192	16276 (OVH) (OVH)
2	34.255.148.227 34.255.148.227	16509 (AMAZON-02) (AMAZON-02)
2 3	54.174.74.213 54.174.74.213	14618 (AMAZON-AES) (AMAZON-AES)
2 3	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 3	18.195.54.133 18.195.54.133	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.239.72 35.210.239.72	15169 (GOOGLE) (GOOGLE)
2 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	54.93.138.105 54.93.138.105	16509 (AMAZON-02) (AMAZON-02)
124	44

7 2606:4700::6810:ae38 (United States)

ASN13335 (CLOUDFLARENET, US)

top.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.top.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4f6b (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:4800:4:164e:ca00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.thisiswaldo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.159.133.232 (None, )

ASN13335 (CLOUDFLARENET, US)

images.discordapp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.157.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-157-217.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:3400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.139.128.11 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)

hb.vntsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.238.139 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-139.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e2::ac40:8720 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:a600:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)

d1oykxszdrgjgl.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:3c00:6:266a:9940:21 (United States)

ASN16509 (AMAZON-02, US)

dw7nrwnn2bkh1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206e:f600:a:d79f:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.62 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.31.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-31-155.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.110.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-110-33.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.51.3.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-3-86.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.26.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-26-88.compute-1.amazonaws.com

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.210.231.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-231-1.eu-west-1.compute.amazonaws.com

track.venatusmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.39.66.192 (France)

ASN16276 (OVH, FR)
PTR: s05.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.148.227 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-148-227.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.174.74.213 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-74-213.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.79 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.195.54.133 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-54-133.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.239.72 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com

u.ipw.metadsp.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.138.105 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-138-105.eu-central-1.compute.amazonaws.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com	290 KB
15	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	164 KB
10	ampproject.org cdn.ampproject.org	216 KB
7	top.gg top.gg cdn.top.gg	74 KB
6	pubmatic.com 3 redirects hbopenbid.pubmatic.com image8.pubmatic.com image2.pubmatic.com	9 KB
6	google.com 2 redirects www.google.com adservice.google.com	1 KB
5	bidswitch.net 2 redirects grid.bidswitch.net x.bidswitch.net	2 KB
5	adnxs.com ib.adnxs.com	3 KB
4	undertone.com 2 redirects hb.undertone.com usr.undertone.com	1 KB
4	rubiconproject.com fastlane.rubiconproject.com	7 KB
3	3lift.com 2 redirects tlx.3lift.com eb2.3lift.com	1 KB
3	cloudfront.net d1oykxszdrgjgl.cloudfront.net dw7nrwnn2bkh1.cloudfront.net	39 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	vntsm.com hb.vntsm.com	533 KB
3	cloudflare.com cdnjs.cloudflare.com	38 KB
2	openx.net 2 redirects us-u.openx.net	622 B
2	metadsp.co.uk 2 redirects u.ipw.metadsp.co.uk	924 B
2	adsrvr.org match.adsrvr.org	800 B
2	venatusmedia.com track.venatusmedia.com	157 B
2	sonobi.com apex.go.sonobi.com	2 KB
2	yieldmo.com ads.yieldmo.com	435 B
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	clean.gg i.clean.gg	104 B
2	4dex.io script.4dex.io	20 KB
2	google.de www.google.de adservice.google.de	1 KB
2	facebook.com www.facebook.com	524 B
2	facebook.net connect.facebook.net	92 KB
2	imrworldwide.com 1 redirects secure-us.imrworldwide.com	862 B
2	discordapp.net images.discordapp.net	74 KB
2	unpkg.com 1 redirects unpkg.com	2 KB
1	id5-sync.com id5-sync.com	718 B
1	lijit.com ap.lijit.com	747 B
1	digitru.st prebid.digitru.st	1 KB
1	googletagservices.com www.googletagservices.com	27 KB
1	jsdelivr.net cdn.jsdelivr.net	2 KB
1	consensu.org quantcast.mgr.consensu.org
1	googleapis.com fonts.googleapis.com	982 B
1	thisiswaldo.com cdn.thisiswaldo.com	1 KB
124	39

	Domain	Requested by
15	tpc.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net top.gg
10	cdn.ampproject.org	d1oykxszdrgjgl.cloudfront.net
9	securepubads.g.doubleclick.net	hb.vntsm.com d1oykxszdrgjgl.cloudfront.net securepubads.g.doubleclick.net top.gg
7	pagead2.googlesyndication.com	top.gg pagead2.googlesyndication.com
5	ib.adnxs.com	hb.vntsm.com
5	www.google.com	2 redirects top.gg
4	fastlane.rubiconproject.com	hb.vntsm.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	top.gg	top.gg
3	x.bidswitch.net	2 redirects
3	image8.pubmatic.com	2 redirects
3	usr.undertone.com	2 redirects
3	c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com	d1oykxszdrgjgl.cloudfront.net
3	www.google-analytics.com	top.gg www.google-analytics.com
3	sb.scorecardresearch.com	1 redirects top.gg
3	hb.vntsm.com	top.gg hb.vntsm.com
3	cdn.top.gg	top.gg cdn.top.gg
3	cdnjs.cloudflare.com	top.gg
2	eb2.3lift.com	2 redirects
2	us-u.openx.net	2 redirects
2	u.ipw.metadsp.co.uk	2 redirects
2	match.adsrvr.org	hb.vntsm.com
2	track.venatusmedia.com	hb.vntsm.com
2	apex.go.sonobi.com	hb.vntsm.com
2	ads.yieldmo.com	hb.vntsm.com
2	as-sec.casalemedia.com	hb.vntsm.com
2	grid.bidswitch.net	hb.vntsm.com
2	hbopenbid.pubmatic.com	hb.vntsm.com
2	dw7nrwnn2bkh1.cloudfront.net	d1oykxszdrgjgl.cloudfront.net
2	i.clean.gg	d1oykxszdrgjgl.cloudfront.net
2	script.4dex.io	hb.vntsm.com script.4dex.io
2	www.facebook.com	top.gg
2	connect.facebook.net	top.gg connect.facebook.net
2	secure-us.imrworldwide.com	1 redirects top.gg
2	images.discordapp.net	top.gg
2	unpkg.com	1 redirects top.gg
1	image2.pubmatic.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	id5-sync.com	hb.vntsm.com
1	hb.undertone.com	hb.vntsm.com
1	ap.lijit.com	hb.vntsm.com
1	tlx.3lift.com	hb.vntsm.com
1	prebid.digitru.st	hb.vntsm.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	d1oykxszdrgjgl.cloudfront.net	hb.vntsm.com
1	cdn.jsdelivr.net	hb.vntsm.com
1	www.google.de	top.gg
1	stats.g.doubleclick.net	www.google-analytics.com
1	quantcast.mgr.consensu.org	cdn.thisiswaldo.com
1	fonts.googleapis.com	cdn.top.gg
1	cdn.thisiswaldo.com	top.gg
124	53

This site contains links to these domains. Also see Links.

Domain
discord.gg
medium.com
github.com
blog.counter-strike.net
oldschool.runescape.com
discordapp.com
medal.tv
minecraftservers.biz
www.gameserverkings.com
megacool.co
blog.medal.tv

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
cdnjs.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-12` - `2022-08-17`	2 years	crt.sh
cdn.thisiswaldo.com Go Daddy Secure Certificate Authority - G2	`2020-06-16` - `2021-06-16`	a year	crt.sh
ssl565811.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-19` - `2020-11-25`	6 months	crt.sh
*.imrworldwide.com DigiCert SHA2 Secure Server CA	`2020-01-21` - `2021-02-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
quantcast.mgr.consensu.org Amazon	`2020-05-22` - `2021-06-22`	a year	crt.sh
*.vntsm.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-05` - `2021-04-08`	8 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-05` - `2021-04-17`	6 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
i.clean.gg GTS CA 1D2	`2020-08-31` - `2020-11-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
cdn-cf.digitru.st Amazon	`2020-04-23` - `2021-05-23`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.3lift.com Amazon	`2020-07-04` - `2021-08-05`	a year	crt.sh
grid.bidswitch.net COMODO RSA Domain Validation Secure Server CA	`2018-10-24` - `2020-10-23`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.yieldmo.com Amazon	`2020-06-23` - `2021-07-23`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2019-11-11` - `2020-12-11`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.venatusmedia.com Amazon	`2020-03-09` - `2021-04-09`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
*.id5-sync.com Let's Encrypt Authority X3	`2020-09-27` - `2020-12-26`	3 months	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://top.gg/bot/562687174697549856
Frame ID: 6F573A3AEAA38285BFAE66C4C9091D86
Requests: 51 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: 26E344A292FB82AF29C86EC48E9C0E7A
Requests: 1 HTTP requests in this frame

Frame: https://hb.vntsm.com/v3/live/ad-manager.min.js
Frame ID: A5A23F016394A143EB588F6656732EC0
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html
Frame ID: 697C2DE1F3359AA7E1FF5B704D1C4D97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1065800822998704&output=html&adk=1812271804&adf=3025194257&lmt=1602727554&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&tcfe=1&format=0x0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602727553533&bpp=15&bdt=522&idt=104&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=876191689707&frm=20&pv=2&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&ga_fc=0&iag=0&icsg=33567274&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066706&oid=3&pvsid=2823785166525174&pem=887&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=621
Frame ID: EE992705CAA10924110F93438B1703ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 47F8E06CCE015F2A95C462798175EB25
Requests: 1 HTTP requests in this frame

Frame: https://c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 16B55B1B90AB9F551E545545ABA09E2E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js
Frame ID: 044CC1BD39D6D9F07C7E2092DCF065DA
Requests: 17 HTTP requests in this frame

Frame: https://c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 1136B84B9CC6F813A5FF0FB4C44230B8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js
Frame ID: 8F83325D4431371F564E31EA6EAADCF6
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

124
Requests

100 %
HTTPS

44 %
IPv6

39
Domains

53
Subdomains

44
IPs

9
Countries

1623 kB
Transfer

5426 kB
Size

7
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://discord.gg/EYHTgJX
Title: Join Discord

Search URL Search Domain Scan URL

URL: https://medium.com/discord-bots
Title: Blog

Search URL Search Domain Scan URL

URL: https://github.com/Zecuel/NewsBot
Title: Github Repository

Search URL Search Domain Scan URL

URL: https://blog.counter-strike.net/index.php/category/updates/
Title: CS:GO updates

Search URL Search Domain Scan URL

URL: https://oldschool.runescape.com/
Title: OSRS homepage

Search URL Search Domain Scan URL

URL: https://discordapp.com/api/oauth2/authorize?client_id=562687174697549856&permissions=522304&scope=bot
Title: this link

Search URL Search Domain Scan URL

URL: https://medium.com/discord-bots/making-a-basic-discord-bot-with-java-834949008c2b
Title: How To Make A Discord Bot

Search URL Search Domain Scan URL

URL: https://medal.tv/
Title: Medal

Search URL Search Domain Scan URL

URL: https://minecraftservers.biz/
Title: MinecraftServers.biz

Search URL Search Domain Scan URL

URL: https://www.gameserverkings.com/
Title: GameserverKings

Search URL Search Domain Scan URL

URL: https://megacool.co/
Title: Megacool

Search URL Search Domain Scan URL

URL: https://blog.medal.tv/
Title: Medal Blog

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://unpkg.com/microtip/microtip.css HTTP 302
https://unpkg.com/microtip@0.2.2/microtip.css

Request Chain 10

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript HTTP 302
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1

Request Chain 30

https://sb.scorecardresearch.com/b?c1=2&c2=6035118&ns__t=1602727553656&ns_c=UTF-8&cv=3.5&c8=NewsBot%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1602727553656&ns_c=UTF-8&cv=3.5&c8=NewsBot%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&c9=&cs_ak_ss=1

Request Chain 109

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 113

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 122

https://usr.undertone.com/userPixel/syncOne?id=1&of=2&gdpr=0&gdprstr= HTTP 302
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Request Chain 123

https://image8.pubmatic.com/AdServer/ImgSync?p=159234&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?p=159234&gdpr=0&gdpr_consent=&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhDOUVFNzEtMDYzQy00QzIzLTgxQTYtOEJFRjJFNzVGMkRE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 124

https://x.bidswitch.net/sync?ssp=themediagrid HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid HTTP 302
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=${BSW_USER_UD}&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=${BSW_USER_UD}&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=1&user_id=79861eaa-6875-46e0-82cc-47ccb5a1a4a6&ssp=themediagrid&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d

Request Chain 125

https://usr.undertone.com/userPixel/syncOne?id=2&of=2&gdpr=0&gdprstr= HTTP 302
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&gdpr=0&gdpr_consent=&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&gdpr=0&gdpr_consent=&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a62efa1-c230-49b6-918d-e69e9129b2ee

Request Chain 126

https://eb2.3lift.com/sync?px=1&src=prebid& HTTP 302
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

124 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 562687174697549856 Show response
top.gg/bot/ 34 KB
9 KB 65ms
49ms Document
text/html 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

8e90e3b7a9a6bcc74e30e35921a17224cc71048c85cfd2ab1dae7664b5ff5283

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: top.gg
:scheme: https
:path: /bot/562687174697549856
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 15 Oct 2020 02:05:53 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d34af5d5cd836d526e812d2548babf0d81602727552; expires=Sat, 14-Nov-20 02:05:52 GMT; path=/; domain=.top.gg; HttpOnly; SameSite=Lax; Secure country=FR; Path=/
x-powered-by: Express
x-cacheable: YES
vary: Accept-Encoding
x-varnish: 645826554 648577669
age: 1560
via: 1.1 varnish-v4
cf-cache-status: DYNAMIC
cf-request-id: 05cb9abfc100001f157f273000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5e25fa4608111f15-FRA
content-encoding: br

GET
H2 200 bulma.min.css
cdnjs.cloudflare.com/ajax/libs/bulma/0.9.1/css/ 199 KB
20 KB 30ms
13ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bulma/0.9.1/css/bulma.min.css

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 21653
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20585
cf-request-id: 05cb9ac0090000177626b2c000000001
timing-allow-origin: *
last-modified: Mon, 28 Sep 2020 23:31:20 GMT
server: cloudflare
etag: "5f727248-31cfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602727553"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e25fa467f9f1776-FRA
expires: Tue, 05 Oct 2021 02:05:53 GMT

GET
H2 200 button.min.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/ 71 KB
7 KB 34ms
17ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.2.13/components/button.min.css

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

482caf4cdd1ed5488c4852e69e36bbee544bd3e3035e716cbb0d8158020cf49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1734865
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6994
cf-request-id: 05cb9ac00a0000177626b2d000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:13 GMT
server: cloudflare
etag: "5eb03fcd-11c9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602727553"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e25fa467fa01776-FRA
expires: Tue, 05 Oct 2021 02:05:53 GMT

GET
H2 200 icon.min.css
cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.0/components/ 65 KB
11 KB 28ms
11ms Stylesheet
text/css 2606:4700::6811:4f6b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/semantic-ui/2.4.0/components/icon.min.css

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4f6b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

227e8a1d20f14779b163391b62981e3e3e10be26a4ac7a2a560be7d54bb29893

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 626091
x-via: cfworker/kv
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10522
cf-request-id: 05cb9ac009000017765e96b000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:13 GMT
server: cloudflare
etag: "5eb03fcd-105c3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602727553"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5e25fa467fa11776-FRA
expires: Tue, 05 Oct 2021 02:05:53 GMT

GET
H2 200 style.min.css
cdn.top.gg/web-assets/ 66 KB
13 KB 30ms
21ms Stylesheet
text/css 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.top.gg/web-assets/style.min.css

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be9235bad269a89f4f57d512326769049f3e99eef9c399e99efee1bab2f81cea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-request-id: tx00000000000009540cc85-005f87a9a5-ad7d96-nyc3b
status: 200
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
cf-request-id: 05cb9ac00100001f15dea33000000001
last-modified: Fri, 09 Oct 2020 10:53:17 GMT
server: cloudflare
cache-control: max-age=2356
etag: W/"0e13fde99d73d81f5afe66d6f0ccf96f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-hw: 1602727553.dop020.fr8.t,1602727553.cds269.fr8.c
content-type: text/css
x-rgw-object-type: Normal
cf-ray: 5e25fa46687a1f15-FRA

GET
H2 200 index.js Show response
top.gg/js/ 21 KB
6 KB 74ms
72ms Script
application/javascript 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/js/index.js

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f940941d2ef18092362ecec0079a009470a93f204b5ecf29dbc18df5b2209ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by: Express
status: 200
content-encoding: br
vary: Accept-Encoding
cf-request-id: 05cb9abffa00001f157f276000000001
last-modified: Tue, 13 Oct 2020 19:22:03 GMT
server: cloudflare
etag: W/"52da-17523699701"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish: 579346870
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
cf-ray: 5e25fa46586b1f15-FRA
expires: Fri, 16 Oct 2020 02:05:53 GMT

GET
H2 200 3820.js Show response
cdn.thisiswaldo.com/static/js/ 2 KB
1 KB 30ms
6ms Script
application/javascript 2600:9000:21f3:4800:4:164e:ca00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.thisiswaldo.com/static/js/3820.js

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21f3:4800:4:164e:ca00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

e31b2b2848ce240a6cc01488d47ebfac18dbb1a3b02708f3e091239c7aec618e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 16:11:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35646
x-cache: Hit from cloudfront
status: 200
content-length: 882
last-modified: Wed, 30 Sep 2020 16:03:23 GMT
server: Apache/2.4.29 (Ubuntu)
etag: "655-5b08a0a0083ed-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: QbqUaTylPdRs2AJOUsjY4oiysdmBk9oyaLT27s54jYy1M7oZd65wNg==

GET
H2

200

microtip.css
unpkg.com/microtip@0.2.2/
Redirect Chain

https://unpkg.com/microtip/microtip.css
https://unpkg.com/microtip@0.2.2/microtip.css

8 KB
1 KB

12ms
12ms

Stylesheet
text/css

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/microtip@0.2.2/microtip.css

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7087fa98f10218aaba27b5dc6b6dc5595b0b3d3100b64c7bebf04a9585435103

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12182513
status: 200
vary: Accept-Encoding
cf-request-id: 05cb9ac01c0000062dde3f9000000001
last-modified: Fri, 18 Aug 2017 11:07:10 GMT
server: cloudflare
etag: W/"2159-5Bj1wE8qf17w30B4zpUX3KFBCEs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 24707da630bff4fea4c104848892237b
cache-control: public, max-age=31536000
cf-ray: 5e25fa469e72062d-FRA

Redirect headers

date: Thu, 15 Oct 2020 02:05:53 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 304
status: 302
vary: Accept, Accept-Encoding
content-length: 50
cf-request-id: 05cb9ac0080000062de9882000000001
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
location: /microtip@0.2.2/microtip.css
x-cloud-trace-context: 2c70e386d405e8dc44fa962805c46a8d
cache-control: public, s-maxage=600, max-age=60
cf-ray: 5e25fa467e53062d-FRA

GET
H2 200 567914fd8fe2aca9f8d937d7e3a23f27.png
images.discordapp.net/avatars/562687174697549856/ 41 KB
41 KB 667ms
596ms Image
image/png 162.159.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.discordapp.net/avatars/562687174697549856/567914fd8fe2aca9f8d937d7e3a23f27.png?size=512
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 877ca8a7b7cf8296f74f79d497b760cd66fe89be55789936315c3da747ebcf09

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 21
content-length: 42063
cf-request-id: 05cb9ac0960000233dc31ed000000001
last-modified: Fri, 12 Apr 2019 18:50:19 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=64&lkg-time=1602727554"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e25fa475dc3233d-ZRH
expires: Fri, 15 Oct 2021 02:05:53 GMT

GET
H2 200 702a8138bd39c42ee92fa953c91fe1f2.png
images.discordapp.net/avatars/199999624013021185/ 32 KB
32 KB 550ms
488ms Image
image/png 162.159.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.discordapp.net/avatars/199999624013021185/702a8138bd39c42ee92fa953c91fe1f2.png
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.159.133.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d67466d5f2904de273dfa7f5b5801810fba3b088563c1476b94f4e563e838f

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
status: 200
x-envoy-upstream-service-time: 20
content-length: 32625
cf-request-id: 05cb9ac0970000233d1daee000000001
last-modified: Thu, 12 Sep 2019 16:10:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=64&lkg-time=1602727554"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5e25fa475dc4233d-ZRH
expires: Fri, 15 Oct 2021 02:05:53 GMT

GET
H2 200 email-decode.min.js Show response
top.gg/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
861 B 10ms
10ms Script
application/javascript 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://top.gg/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Accept-Encoding
cf-request-id: 05cb9ac04200001f1596b27000000001
last-modified: Mon, 12 Oct 2020 17:41:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"5f849534-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5e25fa46c8db1f15-FRA
expires: Sat, 17 Oct 2020 02:05:53 GMT

GET
H2

200

m
secure-us.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript
https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1

44 B
336 B

70ms
69ms

Image
image/gif

52.210.157.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.157.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-157-217.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:53 GMT
server: nginx
status: 200
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:53 GMT
server: nginx
status: 302
location: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-603339h&cg=0&cc=1&ts=noscript&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 131 KB
46 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

861e9ef754e4ac7e1430a749119e9e4f23f407e124069d281049be0fe6cb6480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 45760
x-xss-protection: 0
server: cafe
etag: 3932498626413480395
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Oct 2020 02:05:53 GMT

GET
H2 200 logoinverted.png
top.gg/images/ 12 KB
12 KB 12ms
12ms Image
image/png 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top.gg/images/logoinverted.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fb28bf7666d92db223190c8547b94ac9480febe84c2ff0e6973f111dff762bbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
via: 1.1 varnish-v4
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1218790
x-powered-by: Express
cf-ray: 5e25fa46e8f31f15-FRA
status: 200
vary: Accept-Encoding
content-length: 12464
cf-request-id: 05cb9ac04c00001f15bc255000000001
last-modified: Wed, 30 Sep 2020 23:31:02 GMT
server: cloudflare
etag: W/"30b0-174e15adb49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-varnish: 667429956
cache-control: public, max-age=86400
accept-ranges: bytes
content-type: image/png
expires: Fri, 16 Oct 2020 02:05:53 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
982 B 34ms
14ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Markazi+Text

Requested by

Host: cdn.top.gg
URL: https://cdn.top.gg/web-assets/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

81718ef9e4fc9ce1a9d4b1879d15c3edcaf490a8547c7d257b42223b82c8f189

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn.top.gg/web-assets/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Oct 2020 00:48:28 GMT
server: ESF
date: Thu, 15 Oct 2020 02:05:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Oct 2020 02:05:53 GMT

GET
H2 403 choice.js
quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/top.gg/ 0
0 466ms
429ms Script
text/html 2600:9000:206e:3400:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/fTfJtcPmQDwZG/top.gg/choice.js
Requested by: Host: cdn.thisiswaldo.com
URL: https://cdn.thisiswaldo.com/static/js/3820.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Oct 2020 02:01:49 GMT
via: 1.1 ce1d51670567993d20733122565db596.cloudfront.net (CloudFront)
last-modified: Thu, 21 May 2020 21:03:42 GMT
server: AmazonS3
age: 245
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Error from cloudfront
content-type: text/html
status: 403
cache-control: public, max-age=7200
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: erISE_JzJydhzfvgsdTHKk4lRuBXHpipdP3rc4JwP_IL_ixMmTRquw==

GET
H/1.1 200
OK ad-manager.min.js
hb.vntsm.com/v3/live/ Frame 26E3 512 KB
0 160ms
53ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 15 Oct 2020 02:05:53 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 185.156.175.107
Connection: keep-alive
Content-Length: 538074
Last-Modified: Tue, 13 Oct 2020 16:50:36 GMT
ETag: "6f871e9b0071fd7d80f581ae6b375ba6"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1602727553.cds035.pa1.hn,1602727553.cds031.pa1.c
Content-Type: application/javascript
Access-Control-Allow-Origin: https://top.gg
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl
Cache-Control: max-age=252
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
X-Geo: CH

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3573a4eac212c2acff3d06629135a3b96d8a373b4f92779733d8926f411b818

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 456 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 016abb8f9d8ddc950fd1ac7301fd889269908826ccc9188d12080bc81a17f61a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Karla-Regular.ttf
cdn.top.gg/fonts/ 14 KB
15 KB 46ms
30ms Font
application/octet-stream 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.top.gg/fonts/Karla-Regular.ttf

Requested by

Host: cdn.top.gg
URL: https://cdn.top.gg/web-assets/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2754c00295b6eb895d8419cb3df993d74a0ed97e143ee98fcd83fdca94f932c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://top.gg
Referer: https://cdn.top.gg/web-assets/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
access-control-allow-methods: GET
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-request-id: tx000000000000095878520-005f87a0eb-ada04a-nyc3b
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-length: 14824
cf-request-id: 05cb9ac06f0000972a1c19d000000001
last-modified: Tue, 22 Sep 2020 16:30:48 GMT
server: cloudflare
cache-control: max-age=122
etag: "1b55fee684d61bfeaa762684931b1bc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
x-hw: 1602727553.dop226.fr8.t,1602727553.cds106.fr8.c
content-type: application/octet-stream
access-control-allow-origin: https://top.gg
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 5e25fa471d6a972a-FRA

GET
H2 200 Karla-Bold.ttf
cdn.top.gg/fonts/ 17 KB
17 KB 45ms
29ms Font
application/octet-stream 2606:4700::6810:ae38
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.top.gg/fonts/Karla-Bold.ttf

Requested by

Host: cdn.top.gg
URL: https://cdn.top.gg/web-assets/style.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:ae38 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a61886119056f23bfb3ec3efa1d4678769e3794e205e60ca34136cc0f9008e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://top.gg
Referer: https://cdn.top.gg/web-assets/style.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
access-control-allow-methods: GET
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-amz-request-id: tx00000000000009520d506-005f87a0eb-ad7d96-nyc3b
status: 200
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
content-length: 16896
cf-request-id: 05cb9ac06f0000972a1f1d4000000001
last-modified: Tue, 22 Sep 2020 16:30:48 GMT
server: cloudflare
cache-control: max-age=122
etag: "c07c916c55ef23e1f0a0dbcb10b9aaae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 0
x-hw: 1602727553.dop120.fr8.t,1602727553.cds138.fr8.c
content-type: application/octet-stream
access-control-allow-origin: https://top.gg
x-rgw-object-type: Normal
accept-ranges: bytes
cf-ray: 5e25fa471d6b972a-FRA

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 178ms
52ms Script
application/x-javascript 104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 15 Oct 2020 02:05:53 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Fri, 16 Oct 2020 02:05:53 GMT

GET
H/1.1 200
OK ad-manager.min.js Show response
hb.vntsm.com/v3/live/ Frame A5A2 2 MB
526 KB 170ms
49ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 8da9c408bfe5ba7b509b88421195aac324a2291c00e7005aa4517ab8799c584f

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 15 Oct 2020 02:05:53 GMT
Content-Encoding: gzip
Venatus-CDN-HB-Rule-Version: 1.1
X-IP: 185.156.175.107
Connection: keep-alive
Content-Length: 538074
Last-Modified: Tue, 13 Oct 2020 16:50:36 GMT
ETag: "6f871e9b0071fd7d80f581ae6b375ba6"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1602727553.cds044.pa1.hc,1602727553.cds031.pa1.c
Content-Type: application/javascript
Access-Control-Allow-Origin: https://top.gg
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl
Cache-Control: max-age=252
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
X-Geo: CH

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 25ms
5ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 3015
date: Thu, 15 Oct 2020 01:15:38 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 15 Oct 2020 03:15:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 88 KB
23 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23070
x-xss-protection: 0
pragma: public
x-fb-debug: JaaDUhyt4iOJK5pWjUyM91hCnIJkthuNUjKZAA4daOCcJq51WE1SCra/XTKWppiLXgX6hafpKhzPiFHBBUK1hA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 15 Oct 2020 02:05:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/ 230 KB
87 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88670
x-xss-protection: 0
server: cafe
etag: 13373283986949850894
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Oct 2020 02:05:53 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/ Frame 697C 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201008/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201008/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/562687174697549856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/562687174697549856

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 14 Oct 2020 03:28:22 GMT
expires: Wed, 28 Oct 2020 03:28:22 GMT
content-type: text/html; charset=UTF-8
etag: 7382719332125555894
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4731
x-xss-protection: 0
age: 81451
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 306074476768832 Show response
connect.facebook.net/signals/config/ 234 KB
69 KB 38ms
38ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/306074476768832?v=2.9.27&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b42da2d820260700cf904a3e7cfd6e7989d8d09dc59c3bace9f3e8fd83f43497

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 69789
x-xss-protection: 0
pragma: public
x-fb-debug: ckOReIqfdTVdGhxQwshknot5d99xeqq/J6+o48laWCPxh3q835Y+M6Ts+JxVcdoTNob3lRa/otXxGuCKxsTltg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Thu, 15 Oct 2020 02:05:53 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
423 B 39ms
13ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=924547148&t=pageview&_s=1&dl=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&ul=en-us&de=UTF-8&dt=NewsBot%20%7C%20Discord%20Bots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=53586005&gjid=563945259&cid=19524278.1602727554&tid=UA-98194944-1&_gid=274953484.1602727554&_r=1&_slc=1&z=1410368397

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://top.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306074476768832&ev=PageView&dl=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&rl=&if=false&ts=1602727553629&sw=1600&sh=1200&v=2.9.27&r=stable&ec=0&o=30&fbp=fb.1.1602727553628.1780960060&it=1602727553559&coo=false&rqm=GET

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Oct 2020 02:05:53 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
479 B 40ms
15ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-98194944-1&cid=19524278.1602727554&jid=53586005&gjid=563945259&_gid=274953484.1602727554&_u=IEBAAEAAAAAAAC~&z=1701901455

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Oct 2020 02:05:53 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://top.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035118&ns__t=1602727553656&ns_c=UTF-8&cv=3.5&c8=NewsBot%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1602727553656&ns_c=UTF-8&cv=3.5&c8=NewsBot%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&c9=&cs_ak_ss=1

0
528 B

52ms
51ms

Image
text/plain

104.111.238.139
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1602727553656&ns_c=UTF-8&cv=3.5&c8=NewsBot%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&c9=&cs_ak_ss=1
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.139 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-139.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035118&ns__t=1602727553656&ns_c=UTF-8&cv=3.5&c8=NewsBot%20%7C%20Discord%20Bots&c7=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:53 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
513 B 36ms
16ms Image
image/gif 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-98194944-1&cid=19524278.1602727554&jid=53586005&_u=IEBAAEAAAAAAAC~&z=1075339785

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
513 B 38ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-98194944-1&cid=19524278.1602727554&jid=53586005&_u=IEBAAEAAAAAAAC~&z=1075339785

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame A5A2 450 B
910 B 26ms
11ms Script
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 716
status: 200
x-amz-request-id: AEA9CA9CB253FD35
x-amz-id-2: qWROuqD+RvNy4HLzes5GxeL8Toi+P0JLEo3lagzstJfglrGBnJdZzccScnj8G6ZU/TxG5pePelc=
last-modified: Mon, 14 Sep 2020 09:32:14 GMT
server: cloudflare
etag: W/"bfa52622781c173885812009122c3f7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602727554"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
cf-request-id: 05cb9ac34d00002bc2a71df000000001
cf-ray: 5e25fa4bac6f2bc2-FRA

GET
H2 200 freewheel-mapping.json Show response
cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/ Frame A5A2 14 KB
2 KB 19ms
6ms XHR
application/json 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/category-mapping-file@1/freewheel-mapping.json

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 39748
x-cache: HIT, HIT
status: 200
content-length: 1386
etag: W/"36b6-ffkBzh2j6c/gCM5tBPQMcNXdZI8"
x-served-by: cache-fra19138-FRA, cache-hhn4022-HHN
date: Thu, 15 Oct 2020 02:05:53 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 5b608a2046e0fb0001330d9b.enc Show response
hb.vntsm.com/v2/live/ Frame A5A2 44 KB
7 KB 159ms
61ms XHR
text/plain 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.vntsm.com/v2/live/5b608a2046e0fb0001330d9b.enc
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 9da50d9b7612f618746948b8a617cb399e98ca9756175dd71aa1b10c6e674436

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 15 Oct 2020 02:05:54 GMT
Content-Encoding: gzip
venatus-cdn-hb-rule-version: 1.1
Transfer-Encoding: chunked
x-ip: 185.156.175.107
Connection: keep-alive
Last-Modified: Wed, 07 Oct 2020 15:26:23 GMT
ETag: "825715a5f1f22bf0ac35c6968511b0ab"
Access-Control-Allow-Methods: GET, OPTIONS
X-HW: 1602727554.cds025.pa1.hn,1602727554.cds025.pa1.hc,1602727554.cds214.pa1.c,1602727554.cds025.pa1.sl
Content-Type: text/plain
Access-Control-Allow-Origin: https://top.gg
x-bl: 0
Cache-Control: max-age=600
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Access-Control-Allow-Headers: X-Geo, Content-Type
x-geo: CH
Access-Control-Expose-Headers: X-Geo, Content-Type,x-bl

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame A5A2 64 KB
19 KB 24ms
12ms Fetch
application/javascript 2606:4700:e2::ac40:8720
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8720 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:53 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 503
status: 200
access-control-allow-methods: GET
x-amz-request-id: F9D297F792A260B7
x-amz-id-2: 5HrAGEgZYzUoS+/gHEnGQBe3FnqenOeUpYy5oCaYEoixoBWWSOPgqnJ9Uun5MxL6CXiiDtEa2+s=
last-modified: Mon, 14 Sep 2020 09:32:12 GMT
server: cloudflare
etag: W/"71c0e5f7067bdadc5d565e8027f77ec3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?lkg-colo=71&lkg-time=1602727554"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-request-id: 05cb9ac390000005f92518d000000001
cf-ray: 5e25fa4c1d9c05f9-FRA

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 6ms
6ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=924547148&t=event&_s=2&dl=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&ul=en-us&de=UTF-8&dt=NewsBot%20%7C%20Discord%20Bots&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=campaign-&ea=botPageImpression&el=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=19524278.1602727554&tid=UA-98194944-1&_gid=274953484.1602727554&z=1976645394

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Oct 2020 15:54:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36668
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 126ms
45ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

b590dda67f745cfac675d0ac1add806acb9e182d3ae45454fad6f504d9ae4f17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "663 / 88 of 1000 / last-modified: 1602713463"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17716
x-xss-protection: 0
expires: Thu, 15 Oct 2020 02:05:54 GMT

GET
H2 200 script.js Show response
d1oykxszdrgjgl.cloudfront.net/ 100 KB
33 KB 61ms
19ms Script
application/javascript 2600:9000:206e:a600:0:1651:6140:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:a600:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79ea233c6373ddd45721734abb957defd775e5fbf97634917ee738a85b429d87

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:03:56 GMT
content-encoding: gzip
last-modified: Fri, 09 Oct 2020 20:10:47 GMT
server: AmazonS3
age: 119
etag: W/"e210767f08e677f37254f6b12a00e848"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: max-age=600,public,must-revalidate
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: VRIiJFFcCdACvlwKXur9eNkzrKC0jgM1ztAeagF_pnZ4WOISowvy6g==
via: 1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=306074476768832&ev=Microdata&dl=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&rl=&if=false&ts=1602727554133&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%20%20%20%20%20%20%20%20NewsBot%20%7C%20Discord%20Bots%22%2C%22meta%3Adescription%22%3A%22Get%20your%20favourite%20game%27s%20update%20articles%20directly%20to%20your%20Discord%20server%20automatically!%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22NewsBot%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Ftop.gg%2F%22%2C%22og%3Adescription%22%3A%22Get%20your%20favourite%20game%27s%20update%20articles%20directly%20to%20your%20Discord%20server%20automatically!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimages.discordapp.net%2Favatars%2F562687174697549856%2F567914fd8fe2aca9f8d937d7e3a23f27.png%3Fsize%3D512%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.27&r=stable&ec=1&o=30&fbp=fb.1.1602727553628.1780960060&it=1602727553559&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:54 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 15 Oct 2020 02:05:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
890 B 36ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=top.gg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 35ms
15ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=top.gg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame EE99 0
0 25ms
24ms Document
text/html 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1065800822998704&output=html&adk=1812271804&adf=3025194257&lmt=1602727554&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&tcfe=1&format=0x0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602727553533&bpp=15&bdt=522&idt=104&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=876191689707&frm=20&pv=2&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&ga_fc=0&iag=0&icsg=33567274&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066706&oid=3&pvsid=2823785166525174&pem=887&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=621

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1065800822998704&output=html&adk=1812271804&adf=3025194257&lmt=1602727554&plaf=1%3A2%2C2%3A2%2C3%3A2%2C4%3A2%2C5%3A2&plat=1%3A32904%2C2%3A32904%2C8%3A128%2C9%3A32904%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C27%3A128%2C30%3A1081472%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&gdpr_consent=tcunavailable&tcfe=1&format=0x0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.&dt=1602727553533&bpp=15&bdt=522&idt=104&shv=r20201008&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=876191689707&frm=20&pv=2&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&ga_fc=0&iag=0&icsg=33567274&dssz=25&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C21066706&oid=3&pvsid=2823785166525174&pem=887&rx=0&eae=2&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=621
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/562687174697549856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/562687174697549856

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 15 Oct 2020 02:05:54 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Oct-2020 02:20:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 39ms
26ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201008&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f30c6da606a77962dd74a918c4ed33c7726d09c9b165cdabfc822f08dc41447a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6488
x-xss-protection: 0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201008/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602674900477171"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27594
x-xss-protection: 0
expires: Thu, 15 Oct 2020 02:05:54 GMT

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 189ms
122ms Other
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://top.gg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 204
server: nginx/1.17.4
date: Thu, 15 Oct 2020 02:05:54 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: clear

OPTIONS
H2 200 958153f1b8b96ec4c4eb2147429105d9.json
dw7nrwnn2bkh1.cloudfront.net/ Frame 0
0 172ms
129ms Other 2600:9000:206e:3c00:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Protocol: H2
Server: 2600:9000:206e:3c00:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://top.gg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
content-length: 0
date: Thu, 15 Oct 2020 02:05:55 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: content-type
access-control-max-age: 600
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amz-cf-id: uw4_iRca2e5kN3G8eI-FuYDhOum3YGys_G3gDiHPElQ6V2qmlRPjoQ==

POST
H2 200 1a Show response
i.clean.gg/ 0
104 B 123ms
122ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.17.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Oct 2020 02:05:54 GMT
via: 1.1 google
server: nginx/1.17.4
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,x-api-key
status: 200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: clear
content-length: 0

GET
H2 200 958153f1b8b96ec4c4eb2147429105d9.json Show response
dw7nrwnn2bkh1.cloudfront.net/ 5 KB
5 KB 17ms
17ms XHR
application/json 2600:9000:206e:3c00:6:266a:9940:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dw7nrwnn2bkh1.cloudfront.net/958153f1b8b96ec4c4eb2147429105d9.json
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:3c00:6:266a:9940:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b34cce26bfbafba88c8f7c284033604f818671a68c2ff7ab7fbb36ab6b3e5a5f

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Oct 2020 00:09:08 GMT
via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age: 7033
x-cache: Hit from cloudfront
status: 200
content-length: 4847
last-modified: Wed, 14 Oct 2020 00:08:26 GMT
server: AmazonS3
etag: "91e4f8d478bf77263a50a661522b0304"
access-control-max-age: 600
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: uhXBZHyOBPjA9SMRQ5c8LZjw1_PVOHqXz5Xv_rx29Xh1pTX-87GAWw==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 32ms
13ms Script
text/javascript 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 15 Oct 2020 02:05:54 GMT

GET
H3-Q050 200 pubads_impl_2020101201.js Show response
securepubads.g.doubleclick.net/gpt/ 272 KB
96 KB 93ms
50ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

sffe /

Resource Hash

46b0d2e6fac4273b21cbf281d054dd61dc70cc7d3e7620fd9b9c02b3e52f9579

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Oct 2020 08:39:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97729
x-xss-protection: 0
expires: Thu, 15 Oct 2020 02:05:54 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 47F8 0
0 26ms
13ms Document
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/562687174697549856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/562687174697549856

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Thu, 15 Oct 2020 00:31:41 GMT
expires: Fri, 15 Oct 2021 00:31:41 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5653
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
176 B 15ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gda_r20201008&jk=2823785166525174&bg=!paalpobNAAWqWepuqlja-Gwp4Q3cEAIAAABhUgAAAAwKATQw2cnh1pgQiOSPdMvOD_zums8ZX_mq93-WqDsJSAJQoEgXwJVP1UBMX53zdvuw5JMUPV23F2_bDq0Dmr5nIFTc3eLQ2rtHm2a1lBpc0bGL_UGziPNiOuTlE1W4S20Ca7jhPATHN8B9m29XCYWd81swxTzIOIuW0izV3AEVUjFSzlRMXdrCW4AAq86hP2Ax0SvSPpqBuolhLQWCQjNjm6BywW71q5xHcNpwhHo66mJF2R_oI4J98rg-SBvMAaOJxALkohYZGW0CGAJcadufxoLLGX2Yhtih4H27Uhsl_HpN41PlLD_6Z4VBFGdh8OSWbfxOiwFZlW1rVW-RUKkYo-npJZWqbYo7V3bNHxQIIyKiigkx8hgEkuGEx1_O6190II25gcHB0jMwN89pnBxXGGE-NvY4i5kBn0Kfxwl4ewHq5BwD49vUPWSZF9H0oewuVDL4PGgUOtQkIwGr0xuvAsNToCMysn6oOCYvRFX4UI8JYlh1rkw4DkAYzpI3__By7QKK_7-UQiZl8ALzO_WehEg7QNrmOFCfWlWhePZIZHpovq0cXPAhTMVrhjP-VJpaZw4zBLURmXd8gGnWXZY_JJCFOv3z2opQH1FFrzXCyRiKwygfP4uNi9LBs_cs1ElOZ2qfkQABGjhFBwSU8ZZdCrj3Hlec55LtCrDM5be76H_4Yyw2DQNqVpSlWdP6ZamszIHs1yzfuk12FI3XzHugXjjvoI-tKrl3WpCBJQzunZMCZWRFEgdA_x9watMY47f1n1geEMPTsTnOxjFDZn1T8kavHv3cY0UyId_hurTiLTjHtGDzSOuMYeD4tuM_BZyTcgG6koLXlhTYK5bI_-WyWTcfTEygqKBXMaQGVGjlObe8QFieJX2y96JfdGOiSDUU7wn6jgLzI2y5qHeqt9owidAtRui-EFVPLSHyBz3i5dUeXmkC18HQxbVXWyDH2hNDC7oQmbCcHZ8

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v1 Show response
prebid.digitru.st/id/ Frame A5A2 425 B
1 KB 137ms
92ms XHR
application/json 2600:9000:206e:f600:a:d79f:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.digitru.st/id/v1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:f600:a:d79f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: 0bb21966dbb05e5ea7af55c8cfc9176f3773df8e559fce945165ea1151821951

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Oct 2020 02:05:55 GMT
via: 1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: VIE50-C1
status: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, OPTIONS
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://top.gg
cache-control: private, max-age=15552000
access-control-allow-credentials: true
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
content-length: 425
x-amz-cf-id: -GHgyTiHnh6UmJDhe8N2lunl5xFniX8XZiGAjogt6GIX9LiuS-AMbA==

POST
H2 200 translator Show response
hbopenbid.pubmatic.com/ Frame A5A2 12 KB
7 KB 189ms
106ms XHR
application/json 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: a1aef4439f487e0bfcbf981692284095e7fc0a68becebc8ec8ce10c125cbd956

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Oct 2020 02:05:57 GMT
content-encoding: gzip
x-openrtb-version: 2.3
status: 200
content-type: application/json
access-control-allow-origin: https://top.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A5A2 259 B
2 KB 196ms
82ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&dt.id=TITEd%2BXk5IdzIFIA6aRLRBghYn1dBfey725vD3RUIemPJCg44tef%2F8BLeKg9hPeD6KC0fwhUJ5G0%2FPvIqu8rwaiD1qJFBN%2Fyy3rCLdsZY%2BpIsAU4vT%2FFoacpaAA454FkjRXF%2BIfosmbj92DPfzMipxFE%2FGfGKtsbAW1Rm6f8FkXdX3KZF4by3tLcMSjrieDILOVl48mHqPYfqcVM91eTbH0ChHK8NgFx%2BZRIdXAnOGgu9JY9P7U9J0Fu55naYO8S%2BKwPRbFZgCxYlsyQeLnE47SSsmZx828Lr2O%2FRdZG%2FNoKnpvgV38hUYuQM54gKg2CzUv6gC2o4LPtQ07QkC2G6A%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&tk_flint=pbjs_lite_v3.23.0&x_source.tid=efc45aef-d930-436e-8933-d82ca5a2dbed&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.11024560038054676
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5050eb432fb741857a0ae44dd6343f6c056c0f0589b766b0ee62f38a4d02ca54

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A5A2 3 KB
3 KB 186ms
68ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=15&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&dt.id=TITEd%2BXk5IdzIFIA6aRLRBghYn1dBfey725vD3RUIemPJCg44tef%2F8BLeKg9hPeD6KC0fwhUJ5G0%2FPvIqu8rwaiD1qJFBN%2Fyy3rCLdsZY%2BpIsAU4vT%2FFoacpaAA454FkjRXF%2BIfosmbj92DPfzMipxFE%2FGfGKtsbAW1Rm6f8FkXdX3KZF4by3tLcMSjrieDILOVl48mHqPYfqcVM91eTbH0ChHK8NgFx%2BZRIdXAnOGgu9JY9P7U9J0Fu55naYO8S%2BKwPRbFZgCxYlsyQeLnE47SSsmZx828Lr2O%2FRdZG%2FNoKnpvgV38hUYuQM54gKg2CzUv6gC2o4LPtQ07QkC2G6A%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&tk_flint=pbjs_lite_v3.23.0&x_source.tid=9fac8b9d-ba58-4849-bef3-d866e5263ca1&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4859892234642875
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 4c0637a715cff459e44536e772af354cd1886cda4952bbb18bd2d7948309a7db

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Content-Encoding: gzip
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 1443
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A5A2 259 B
2 KB 202ms
78ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&dt.id=TITEd%2BXk5IdzIFIA6aRLRBghYn1dBfey725vD3RUIemPJCg44tef%2F8BLeKg9hPeD6KC0fwhUJ5G0%2FPvIqu8rwaiD1qJFBN%2Fyy3rCLdsZY%2BpIsAU4vT%2FFoacpaAA454FkjRXF%2BIfosmbj92DPfzMipxFE%2FGfGKtsbAW1Rm6f8FkXdX3KZF4by3tLcMSjrieDILOVl48mHqPYfqcVM91eTbH0ChHK8NgFx%2BZRIdXAnOGgu9JY9P7U9J0Fu55naYO8S%2BKwPRbFZgCxYlsyQeLnE47SSsmZx828Lr2O%2FRdZG%2FNoKnpvgV38hUYuQM54gKg2CzUv6gC2o4LPtQ07QkC2G6A%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&tk_flint=pbjs_lite_v3.23.0&x_source.tid=67d76f0a-c99e-441c-83c8-e8c167dd99e9&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.24890069658977776
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: c05bc26ae203f98beff3a31adcb3d3269b79126deded18e1fa36d7078cebe2e6

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A5A2 19 B
705 B 116ms
39ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.36:80
AN-X-Request-Uuid: a399ba3d-f074-4d7c-a937-2b6a34e0c5ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A5A2 19 B
705 B 116ms
39ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: b680cecb-c292-49b7-a532-712661a8d909
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ Frame A5A2 19 B
273 B 131ms
58ms XHR
application/json 3.125.31.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=3.23.0&referrer=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&tmax=3500&gdpr=false

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.125.31.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-125-31-155.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:59 GMT
x-auction-status: 12
status: 200
content-type: application/json; charset=utf-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H/1.1 200
OK hb Show response
grid.bidswitch.net/ Frame A5A2 2 B
365 B 159ms
42ms XHR
application/json 3.127.110.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hb?auids=5982%2C5982%2C5982&sizes=728x90%2C970x90%2C300x250&r=19fd4550c6f88ab&wrapperType=Prebid_js&wrapperVersion=3.23.0&u=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&wtimeout=3500&gdpr_applies=0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.110.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-110-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Oct 2020 02:05:59 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 2

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame A5A2 25 B
980 B 223ms
135ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=171882&v=7.2&r=%7B%22id%22%3A%22237118d24714249%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2224c20c9bcd83ad4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%222563bf0ba156372%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22266c54879bce8e6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 67448727689ce4c14a56d71c9aae5e391e00fa93519f945977d7c555d354822d

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 15 Oct 2020 02:05:59 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ Frame A5A2 24 B
747 B 130ms
46ms XHR
application/json 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.23.0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 59e3ace474b164dcf468712bd6101de8d52affdf546f7eb3a963dbf13a5cbaa0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Oct 2020 02:05:59 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding, Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://top.gg
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame A5A2 0
218 B 188ms
62ms XHR
text/plain 52.51.3.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%220-5b608e9746e0fb0001318a60-1%22%2C%22callback_id%22%3A%2232c77f932c31bf5%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%2C%7B%22placement_id%22%3A%221-5b608e8946e0fb0001baabbd-1%22%2C%22callback_id%22%3A%2233cbc28cca27964%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%2C%7B%22placement_id%22%3A%222-5b608e9746e0fb0001318a60-1%22%2C%22callback_id%22%3A%22340d31be03194f1%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%5D&page_url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&bust=1602727559299&pr=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&scrd=1&dnt=false&e=90&description=&title=NewsBot%20%7C%20Discord%20Bots&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3Afalse%7D&us_privacy=&pubcid=2a8dfb87-3940-4599-8696-37d9d0736b16&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.3.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-3-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:59 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://top.gg
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 204
No Content hb Show response
hb.undertone.com/ Frame A5A2 0
328 B 558ms
133ms XHR
text/plain 52.71.26.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3860&domain=top.gg&gdpr=0&gdprstr=
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.26.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-26-88.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://top.gg
Pragma: no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: private, max-age=0, no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A5A2 236 B
1 KB 224ms
100ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224384e971aab8a08%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%22%2C%22444a034e67e825d%22%3A%228e95c2151bcd41d7c724%7C300x250%22%2C%2245762e99718983b%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%22%7D&ref=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&s=680002c1-dd9f-4896-8e07-b4e50a2f0dc4&pv=4d3a8c89-0684-45f3-b01f-00d81230f446&vp=mobile&lib_name=prebid&lib_v=3.23.0&us=5&ius=1&gdpr=false&digid=TITEd%2BXk5IdzIFIA6aRLRBghYn1dBfey725vD3RUIemPJCg44tef%2F8BLeKg9hPeD6KC0fwhUJ5G0%2FPvIqu8rwaiD1qJFBN%2Fyy3rCLdsZY%2BpIsAU4vT%2FFoacpaAA454FkjRXF%2BIfosmbj92DPfzMipxFE%2FGfGKtsbAW1Rm6f8FkXdX3KZF4by3tLcMSjrieDILOVl48mHqPYfqcVM91eTbH0ChHK8NgFx%2BZRIdXAnOGgu9JY9P7U9J0Fu55naYO8S%2BKwPRbFZgCxYlsyQeLnE47SSsmZx828Lr2O%2FRdZG%2FNoKnpvgV38hUYuQM54gKg2CzUv6gC2o4LPtQ07QkC2G6A%3D%3D&digkeyv=4&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

67c74e570aed287acfa9f016bcd64c0d66c78c4ef53174aaea21908be7133a51

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 207
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame A5A2 25 B
973 B 143ms
143ms XHR
application/json 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=171882&v=7.2&r=%7B%22id%22%3A%224978ce3ce74c297%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2250d204a10d10577%22%2C%22ext%22%3A%7B%22siteID%22%3A%22171882%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 2eefba9c2f4ca79e6ec4ea7ee558c8ceea817c05991309f3f1f6cbb6a17e3132

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:06:00 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Thu, 15 Oct 2020 02:06:00 GMT

GET
H/1.1 200
OK hb Show response
grid.bidswitch.net/ Frame A5A2 2 B
365 B 38ms
38ms XHR
application/json 3.127.110.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hb?auids=5982&sizes=728x90%2C970x90&r=5113700d73758b9&wrapperType=Prebid_js&wrapperVersion=3.23.0&u=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&wtimeout=3500&gdpr_applies=0
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.110.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-110-33.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Oct 2020 02:05:59 GMT
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
Content-Length: 2

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A5A2 19 B
705 B 39ms
39ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.14:80
AN-X-Request-Uuid: 80085ef8-a7bf-4aa7-af5b-ff5a21ed3942
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame A5A2 19 B
705 B 38ms
38ms XHR
application/json 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.13:80
AN-X-Request-Uuid: f515b0e3-4078-46fc-8813-de66469c193a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame A5A2 0
217 B 63ms
62ms XHR
text/plain 52.51.3.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?p=%5B%7B%22placement_id%22%3A%221000-5d5561e494fc8910b6354ecc-1%22%2C%22callback_id%22%3A%2258771e83fbb031a%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222474693366005047465%22%7D%5D&page_url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&bust=1602727559904&pr=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&scrd=1&dnt=false&e=90&description=&title=NewsBot%20%7C%20Discord%20Bots&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3Afalse%7D&us_privacy=&pubcid=2a8dfb87-3940-4599-8696-37d9d0736b16&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.3.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-3-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:05:59 GMT
status: 204
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://top.gg
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame A5A2 0
53 B 86ms
86ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Thu, 15 Oct 2020 02:05:58 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://top.gg

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame A5A2 194 B
837 B 86ms
85ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22637c29a84393a9c%22%3A%228e95c2151bcd41d7c724%7C728x90%2C970x90%22%7D&ref=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&s=4068613a-f103-497f-899b-de28407cb18f&pv=4d3a8c89-0684-45f3-b01f-00d81230f446&vp=mobile&lib_name=prebid&lib_v=3.23.0&us=5&ius=1&gdpr=false&digid=TITEd%2BXk5IdzIFIA6aRLRBghYn1dBfey725vD3RUIemPJCg44tef%2F8BLeKg9hPeD6KC0fwhUJ5G0%2FPvIqu8rwaiD1qJFBN%2Fyy3rCLdsZY%2BpIsAU4vT%2FFoacpaAA454FkjRXF%2BIfosmbj92DPfzMipxFE%2FGfGKtsbAW1Rm6f8FkXdX3KZF4by3tLcMSjrieDILOVl48mHqPYfqcVM91eTbH0ChHK8NgFx%2BZRIdXAnOGgu9JY9P7U9J0Fu55naYO8S%2BKwPRbFZgCxYlsyQeLnE47SSsmZx828Lr2O%2FRdZG%2FNoKnpvgV38hUYuQM54gKg2CzUv6gC2o4LPtQ07QkC2G6A%3D%3D&digkeyv=4&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatusmedia.com%22%2C%22sid%22%3A%225b608a2046e0fb0001330d9b%22%2C%22hp%22%3A1%7D%5D%7D

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

b4e4c23535c903ae643a4e78979e7f62627e36abedcd638b4c20c37dd0f5bcbb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-10
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 180
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame A5A2 259 B
1 KB 117ms
117ms XHR
application/json 69.173.144.140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160026&zone_id=767258&size_id=2&alt_size_ids=55&gdpr=0&rp_schain=1.0,1!venatusmedia.com,5b608a2046e0fb0001330d9b,1,,,&dt.id=TITEd%2BXk5IdzIFIA6aRLRBghYn1dBfey725vD3RUIemPJCg44tef%2F8BLeKg9hPeD6KC0fwhUJ5G0%2FPvIqu8rwaiD1qJFBN%2Fyy3rCLdsZY%2BpIsAU4vT%2FFoacpaAA454FkjRXF%2BIfosmbj92DPfzMipxFE%2FGfGKtsbAW1Rm6f8FkXdX3KZF4by3tLcMSjrieDILOVl48mHqPYfqcVM91eTbH0ChHK8NgFx%2BZRIdXAnOGgu9JY9P7U9J0Fu55naYO8S%2BKwPRbFZgCxYlsyQeLnE47SSsmZx828Lr2O%2FRdZG%2FNoKnpvgV38hUYuQM54gKg2CzUv6gC2o4LPtQ07QkC2G6A%3D%3D&dt.keyv=4&dt.pref=0&rf=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&tk_flint=pbjs_lite_v3.23.0&x_source.tid=4ea9a9ca-74be-4b66-a112-c6af653f966b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.44631994542129405
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: dc209702545383bd8e827865676fd3e37699c895e8f51d54e427e8318b4e6eab

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:05:59 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://top.gg
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 259
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 track
track.venatusmedia.com/dual/ Frame 0
0 212ms
67ms Other 52.210.231.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track
Protocol: H2
Server: 52.210.231.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-231-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://top.gg
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

status: 200
date: Thu, 15 Oct 2020 02:06:00 GMT
content-length: 0
vary: Origin
access-control-max-age: 3600
access-control-allow-origin: https://top.gg
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-credentials: true

POST
H2 200 track Show response
track.venatusmedia.com/dual/ Frame A5A2 16 B
157 B 68ms
67ms XHR
application/json 52.210.231.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.venatusmedia.com/dual/track
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.231.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-231-1.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

status: 200
date: Thu, 15 Oct 2020 02:06:00 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://top.gg
content-length: 16
vary: Origin
content-type: application/json

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
13 KB 413ms
413ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2823785166525174&correlator=232671894899090&output=ldjh&impl=fifs&adsid=NT&eid=21067447%2C21067753%2C21067794%2C21066706&vrg=2020101201&gdpr_consent=tcunavailable&tcfe=1&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201015&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=hb_pb%3D0.01%26hb_adid%3D5b608e9746e0fb0001318a60-0%26hb_iv%3D1%26sv%3D1%26re_ve%3D7e03a6a-v3.23.0%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5b608e9746e0fb0001318a60%26co%3DCH%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2020-10-07%252015%253A26%253A21%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26ab_md%3Dfalse&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1602727560&dt=1602727560403&dlt=1602727553011&idt=1404&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=135&adks=1255202506&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&dssz=26&icsg=167785130&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x90&msz=1600x90&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&fws=4&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

c5e941739ae6c7a5e88a2a29ece322a64ca6d454d1183b84deb4c9be2ad10b2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13505
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 45ms
13ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 384ms
384ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2823785166525174&correlator=4079080443002199&output=ldjh&impl=fifs&adsid=NT&eid=21067447%2C21067753%2C21067794%2C21066706&vrg=2020101201&gdpr_consent=tcunavailable&tcfe=1&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201015&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=hb_pb%3D0.05%26hb_adid%3D5b608e8946e0fb0001baabbd-1%26hb_iv%3D1%26sv%3D1%26re_ve%3D7e03a6a-v3.23.0%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5b608e8946e0fb0001baabbd%26co%3DCH%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2020-10-07%252015%253A26%253A21%26ta_si%3D300x250%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26ab_md%3Dfalse&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1602727560&dt=1602727560424&dlt=1602727553011&idt=1404&frm=20&biw=1600&bih=1200&oid=3&adxs=923&adys=297&adks=1630650846&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&dssz=26&icsg=167785130&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=442x284&msz=418x250&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&fws=4&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

1e898245d7b7397747fda6c7094b8c735f36b1c4a1ce1e91af7fc2a08071049b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10381
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 54 KB
15 KB 363ms
363ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2823785166525174&correlator=2114139244449782&output=ldjh&impl=fifs&adsid=NT&eid=21067447%2C21067753%2C21067794%2C21066706&vrg=2020101201&gdpr_consent=tcunavailable&tcfe=1&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201015&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=hb_pb%3D0.01%26hb_adid%3D5b608e9746e0fb0001318a60-2%26hb_iv%3D1%26sv%3D1%26re_ve%3D7e03a6a-v3.23.0%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5b608e9746e0fb0001318a60%26co%3DCH%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2020-10-07%252015%253A26%253A21%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26ab_md%3Dfalse&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1602727560&dt=1602727560429&dlt=1602727553011&idt=1404&frm=20&biw=1600&bih=1200&oid=3&adxs=128&adys=747&adks=1255202504&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&dssz=26&icsg=167785130&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1344x90&msz=1344x90&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&fws=4&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

911b6cd81150f1862c6b19c183749a2ebddbdf3b0c9deb3dafe446f1a1736ae3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14793
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
11 KB 315ms
315ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2823785166525174&correlator=772679497020140&output=ldjh&impl=fifs&adsid=NT&eid=21067447%2C21067753%2C21067794%2C21066706&vrg=2020101201&gdpr_consent=tcunavailable&tcfe=1&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201015&iu_parts=21726375739%2CVM_5b608a2046e0fb0001330d9b&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=hb_pb%3D0.01%26hb_adid%3D5d5561e494fc8910b6354ecc-1000%26hb_iv%3D1%26sv%3D1%26re_ve%3D7e03a6a-v3.23.0_fr%26mo%3Dscan%26ac_id%3D5b60894f46e0fb0001baabb9%26si_id%3D5b608a2046e0fb0001330d9b%26pl_id%3D5d5561e494fc8910b6354ecc%26co%3DCH%26is_mo%3Dfalse%26br_nm%3Dchrome%26de_ty%3Ddesktop%26os_nm%3Dmac%2520os%26is_ta%3Dtrue%26is_vi%3Dtrue%26is_if%3Dtrue%26pa_ty%3Dshare%26fi%3D0%26pa_fl%3D0%26lo_in%3D1%26gd_en%3Dfalse%26hb_bt%3D2020-10-07%252015%253A26%253A21%26ta_si%3D728x90%26rt_sh%3D0.8%26di_sh%3D0.7%26aw_cm%3D-32%26ab_md%3Dfalse%26st_ty%3Dhorb&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1602727560&dt=1602727560554&dlt=1602727553011&idt=1404&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1110&adks=1466599381&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Ftop.gg%2Fbot%2F562687174697549856&dssz=26&icsg=167785130&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=728x-1&rtgs=1&max_w=970&max_h=90&min_w=1&min_h=1&ga_vid=19524278.1602727554&ga_sid=1602727554&ga_hid=924547148&fws=516&ohw=1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020101201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

85a4521d345d02c38a66f029dd9a113d602f481a1d23eddc805806f993cd1df7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10877
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://top.gg
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 container.html
c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 16B5 0
0 27ms
13ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/562687174697549856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/562687174697549856

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 15 Oct 2020 02:06:00 GMT
expires: Fri, 15 Oct 2021 02:06:00 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009282107000/ Frame 044C 206 KB
56 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37300
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57253
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:44:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0138da5df6f877a3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:44:20 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 044C 16 KB
7 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37260
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5763
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:45:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0dd94cdacc228659"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:45:00 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 044C 96 KB
29 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37273
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29503
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:44:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "59cc65a87e598f8b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:44:47 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 044C 4 KB
2 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37268
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:44:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d5686bc7b82e539c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:44:52 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 044C 47 KB
14 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37258
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14600
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:45:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a6f012caf7a1c6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:45:02 GMT

GET
DATA 200
OK truncated
/ Frame 044C 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 154ac3c51e838f5c41b795620d383b0d2c02ff3813000a1f3b62d12f2a40dce4

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 7294313378406579353
tpc.googlesyndication.com/daca_images/simgad/ Frame 044C 27 KB
27 KB 10ms
8ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7294313378406579353

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46acdc80b185bcd959ac656ec5cc318c15260fc461e530dc99e9ce58ff11f470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 22:04:56 GMT
x-content-type-options: nosniff
age: 14464
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27614
x-xss-protection: 0
last-modified: Tue, 13 Oct 2020 16:06:34 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 22:04:56 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 044C 2 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 53822
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 15 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 044C 295 B
388 B 9ms
7ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 16742
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 15 Oct 2020 21:26:58 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 044C 0
0 15ms
13ms Image
text/html 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwP-0x6gqZvg5xhmCzlTMKSIGIysQf0av31ofm7A9JLYtBL2EpVgsmpytjyfyNC7OnDlI3
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 044C 0
0 84ms
82ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6w2viK6HX_-IHZOy3gOMlIo4iZ_12F-ImZ7Kngyx0oG85wIQASCDm9NpYPWVzoHgBMgBAqkC6PDjmeNcsj7gAgCoAwHIAwiqBPkBT9DutJQJK-uMUHPg-L0VQ97OSxm2m6jkOuAgbghMRgOoGLqHmczvnjY5rbiJdwbcK2WFQ4kxSAjAHjYlRfSkmEdUV3rMR9KsAiqCXqd8zMO9T1BOmrOsSs3djXF1oTCHxzlA7K0wqoOgF2YYB2mzeBrQK07pzWSyQ51QMM2Qe3XEu0OxBfn4oeJvE3FuWrmUJRTDOjEv78SgMdcUO_BOsHfh_ay0STCyNLReLIgaHGrLSJt5HL-xNdMUIoKqJvIqkdpZRmZ4b5aH13FSQ7bxZ_Rq8jlnXFR5wFKeVQ6eR74mcHeN_0V4M0Z5hew4p0Nj-gczv1vfCe-MwATqmdjNpAPgBAGgBgKAB6n_1cMBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEPz2VtIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tMTc5MTczMjc3OTY2MzQ3NYAKA8gLAbIMFHB1Yi01NzgxNTMxMjA3NTA5MjMy2BMD&sigh=L_IKe_xKq04&tpd=AGWhJmsSMFctXYzc8-BdAMMfqhFYfwSo6BTSUco7h29FVvfAHg
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 1136 0
0 7ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://top.gg/bot/562687174697549856
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://top.gg/bot/562687174697549856

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Thu, 15 Oct 2020 02:06:00 GMT
expires: Fri, 15 Oct 2021 02:06:00 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
120 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_sz&pvsid=2823785166525174&r=728x90%7C970x90&w=970&h=90&a=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:06:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012009282107000/ Frame 8F83 206 KB
56 KB 66ms
47ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37301
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57253
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:44:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0138da5df6f877a3"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:44:20 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 8F83 16 KB
6 KB 67ms
48ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-ad-exit-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37261
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5763
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:45:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0dd94cdacc228659"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:45:00 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 8F83 96 KB
29 KB 66ms
47ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-analytics-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37274
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29503
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:44:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "59cc65a87e598f8b"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:44:47 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 8F83 4 KB
3 KB 64ms
45ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-fit-text-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37269
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1805
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:44:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d5686bc7b82e539c"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:44:52 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012009282107000/v0/ Frame 8F83 47 KB
14 KB 64ms
46ms Script
text/javascript 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012009282107000/v0/amp-form-0.1.js

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 37259
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14600
x-xss-protection: 0
server: sffe
date: Wed, 14 Oct 2020 15:45:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a6f012caf7a1c6f"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 15:45:02 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F83 2 KB
2 KB 6ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 53823
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 15 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F83 295 B
336 B 7ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 16743
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 15 Oct 2020 21:26:58 GMT

GET
DATA 200
OK truncated
/ Frame 8F83 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6b036234a5a0483ee3a7a1a291bcae26320a0e0e942fce43a5fe1e5d0bffb53a

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 8018611263183436703
tpc.googlesyndication.com/simgad/ Frame 8F83 39 KB
39 KB 14ms
14ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8018611263183436703?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmwesMlcXvphTi0KOylAxOtTQ5BfA

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78b6014c5e9cb91c491462ee578071550415b1fb69c30236e949caf74e864de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 22:04:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 Aug 2020 13:06:15 GMT
server: sffe
age: 187288
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39589
x-xss-protection: 0
expires: Tue, 12 Oct 2021 22:04:33 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 8F83 0
0 16ms
15ms Image
text/html 2a00:1450:4001:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2L16-gBuCc0vb_fNMseay7INUthc_RluhtNubO-AEN4AGfDRyF7LBdhg9NvB-dcXIlCtd
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8F83 0
0 60ms
59ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJJriiK6HX5P3JI-IrASb85P4B_3y_6Jeitry4sEL2dkeEAEgg5vTaWD1lc6B4ASgAc-uk84DyAECqQJRbKnAL7WzPuACAKgDAcgDCKoE9AFP0Je7_8PISw1IVuxC0g0vmR7l5J5Bb7Ivrudyi6AVRrJ4sMUwl-5vBayBTcRg9cM1Ug6tmSj0FNVWM25HEntKj0XTSdjFlGLQopMwOMBUbN9YDaZG0i4Ktzksmy8JUWlGWKTDKaDyUIa5c1oeCKbWUPPV9XzA_BE86-d9uH53aGJ0TJZcNj8EcbmXo1Z7UtYNLF_xGc6eqWBCp3cjvbuS9DeeiLis5jFQ49z9Dvv9LZvsM_xhR7Lgcc9C7s0WJz-Vn4Z-l6l1C1YHv_Nvnp1eXZgS0WIjV045GR-adcdpVpZpcwkrLqT7WBzRJWjrjmwObtrswAS508fjiQPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHmdHsMagHjs4bqAfVyRuoB5PYG6gHugaoB_DZG6gH8tkbqAemvhuoB-zVG9gHAfIHBBCn9Q_SCAkIgOGAQBABGB3yCBthZHgtc3Vic3luLTE3OTE3MzI3Nzk2NjM0NzWACgPICwGyDBRwdWItNTc4MTUzMTIwNzUwOTIzMtgTAg&sigh=9UZOGHbI-MM&tpd=AGWhJmuBV1UUSxAYIiJe6F_tR8qCdS_x_v0Q-jBQr2rB4pOutQ
Requested by: Host: top.gg
URL: https://top.gg/bot/562687174697549856
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 044C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 15 Oct 2020 02:06:01 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 7294313378406579353
tpc.googlesyndication.com/daca_images/simgad/ Frame 044C 27 KB
27 KB 6ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7294313378406579353

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46acdc80b185bcd959ac656ec5cc318c15260fc461e530dc99e9ce58ff11f470

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 14 Oct 2020 22:04:56 GMT
x-content-type-options: nosniff
age: 14465
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27614
x-xss-protection: 0
last-modified: Tue, 13 Oct 2020 16:06:34 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Oct 2021 22:04:56 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 044C 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 53823
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 15 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 044C 295 B
320 B 6ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 16743
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 15 Oct 2020 21:26:58 GMT

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 8F83
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Thu, 15 Oct 2020 02:06:01 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 8018611263183436703
tpc.googlesyndication.com/simgad/ Frame 8F83 39 KB
39 KB 6ms
5ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8018611263183436703?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmwesMlcXvphTi0KOylAxOtTQ5BfA

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78b6014c5e9cb91c491462ee578071550415b1fb69c30236e949caf74e864de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 12 Oct 2020 22:04:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 14 Aug 2020 13:06:15 GMT
server: sffe
age: 187288
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39589
x-xss-protection: 0
expires: Tue, 12 Oct 2021 22:04:33 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F83 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 53823
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 15 Oct 2020 11:08:58 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8F83 295 B
320 B 6ms
6ms Image
image/png 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: top.gg
URL: https://top.gg/bot/562687174697549856

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Oct 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 16743
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 15 Oct 2020 21:26:58 GMT

GET
H/1.1 200 258.json Show response
id5-sync.com/g/v1/ Frame A5A2 190 B
718 B 179ms
45ms XHR
text/json 5.39.66.192
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v1/258.json?1puid=&gdpr=0&gdpr_consent=

Requested by

Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

5.39.66.192 , France, ASN16276 (OVH, FR),

Reverse DNS

s05.id5-sync.com

Software

Resource Hash

0aa1d3c161e0055d32dfb4eed38cbd38630d78b7d65f8d4a4fb213aa287567e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 15 Oct 2020 02:06:01 GMT
Vary: Origin
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: https://top.gg
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: text/json;charset=utf-8
Transfer-Encoding: chunked

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame A5A2 109 B
536 B 167ms
54ms XHR
application/json 34.255.148.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=zwqtqe4&fmt=json
Requested by: Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.148.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-148-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: b11014bd3388e115c390b1eab972b4ef0cf40ca2d0fc6318e81b6065b569e4f7

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Oct 2020 02:06:02 GMT
x-aspnet-version: 4.0.30319
status: 200
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://top.gg
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Sat, 14 Nov 2020 02:06:01 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 044C 0
0 48ms
48ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClICZiK6HX_-IHZOy3gOMlIo4iZ_12F-ImZ7Kngyx0oG85wIQASCDm9NpYPWVzoHgBMgBAqkC6PDjmeNcsj7gAgCoAwGqBPkBT9DutJQJK-uMUHPg-L0VQ97OSxm2m6jkOuAgbghMRgOoGLqHmczvnjY5rbiJdwbcK2WFQ4kxSAjAHjYlRfSkmEdUV3rMR9KsAiqCXqd8zMO9T1BOmrOsSs3djXF1oTCHxzlA7K0wqoOgF2YYB2mzeBrQK07pzWSyQ51QMM2Qe3XEu0OxBfn4oeJvE3FuWrmUJRTDOjEv78SgMdcUO_BOsHfh_ay0STCyNLReLIgaHGrLSJt5HL-xNdMUIoKqJvIqkdpZRmZ4b5aH13FSQ7bxZ_Rq8jlnXFR5wFKeVQ6eR74mcHeN_0V4M0Z5hew4p0Nj-gczv1vfCe-MwATqmdjNpAPgBAGgBgKAB6n_1cMBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEPz2VtIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tMTc5MTczMjc3OTY2MzQ3NYAKA8gLAbIMFHB1Yi01NzgxNTMxMjA3NTA5MjMy2BMD&sigh=ZlVy72sfglQ&vt=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra15s46-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 044C 42 B
65 B 16ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBfJULD2FMRWN3XCq6w--SBXyePekPaSSRbvqSRIGrIPZ3AKV40nKx4Rl7qGSevoshQ2W__7k6MXPU02woudLaooYGk9BCEby6MT08slhcTMg3&sai=AMfl-YQPSm8zIm_g2bo30hn3D1wZ2kLAxSPTBuVxH6m6YTNZjtbDuWH9kEu4KWJx_U2furOQqBeVzc0AcyR_nngMPaxuoHWOJVJhYRLFseoocZoDy8-e5I0toDur49XP26k&sig=Cg0ArKJSzFMLfZUOd22vEAE&cid=CAASPeRoc3E5R2eZdGom93Jo8d_2jThnAvQyAZvwN9cOj8f5XGRgvvSSs9pM0QkMRZeN94OqWe97yQwWbvUknlg&id=ampim&o=982,297&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=184&tls=1184&g=99.99479055404663&h=99.99479055404663&tt=1184&r=v&avms=ampa&adk=1630650846

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8F83 42 B
65 B 23ms
23ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvB1rEGlbVMbck7ia8qO-0nFQYflZ1NA33RNQQ9YqI1tKHMHKImg2vrl6VuzxnFvdEWKGO4EzuAP4ul5YdZ83bem-jYBAZ_iUgKHWAG0RX8vzh2sjZmQanQTaI3jzPDVPslq0ccEkcncHFRyNCKT8KC&sai=AMfl-YR_ONPy_IC2autXNHyGwEAuliChk1HNK3th5gM0FiqX_ikgdQUfMbMtiPv56n_LXeROV9lfDDjGd68h8YvbAuZAI4T9FBFlR6xxLitV_ATJa_jt5Qj9FHlot2WyeMY&sig=Cg0ArKJSzP6dVEwnZDJmEAE&cid=CAASPeRomsuKe48bltojbMyVMLFx8BT-WpfT3vFC20r8RT-ViynkeG2XkP5PxHZEAmcRaOaNVTLRU-8z7N7SvY8&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=113&tls=1114&g=100&h=100&tt=1114&r=v&avms=ampa&adk=1466599381

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://top.gg/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:06:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuidnb
ib.adnxs.com/ Frame A5A2
Redirect Chain

https://usr.undertone.com/userPixel/syncOne?id=1&of=2&gdpr=0&gdprstr=
https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

43 B
694 B

37ms
37ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Oct 2020 02:06:03 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.43:80
AN-X-Request-Uuid: 2525abe7-9eb0-4c80-aa0d-9aac05b4157e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location: https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
date: Thu, 15 Oct 2020 02:06:03 GMT
x-envoy-decorator-operation: tracking-service.ramplift-v2-p-us-east-1.svc.cluster.local:80/*
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

GET
H/1.1

204
No Content

ImgSync
image8.pubmatic.com/AdServer/ Frame A5A2
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=159234&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?p=159234&gdpr=0&gdpr_consent=&rdf=1
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MDhDOUVFNzEtMDYzQy00QzIzLTgxQTYtOEJFRjJFNzVGMkRE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
507 B

53ms
53ms

Image
text/plain

185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 15 Oct 2020 02:06:03 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Date: Thu, 15 Oct 2020 02:06:03 GMT
X-Cnection: close
X-lat: Pug22015:0:692
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
Content-Length: 398
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

sync
x.bidswitch.net/ Frame A5A2
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid
https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=${BSW_USER_UD}&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://u.ipw.metadsp.co.uk/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=themediagrid&bsw_user_id=${BSW_USER_UD}&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=1&user_id=79861eaa-6875-46e0-82cc-47ccb5a1a4a6&ssp=themediagrid&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d

43 B
212 B

38ms
37ms

Image
image/gif

18.195.54.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=1&user_id=79861eaa-6875-46e0-82cc-47ccb5a1a4a6&ssp=themediagrid&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.54.133 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-54-133.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Thu, 15 Oct 2020 02:06:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

date: Thu, 15 Oct 2020 02:06:03 GMT
via: 1.1 google
status: 302
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://x.bidswitch.net/sync?dsp_id=339&expires=14&user_group=1&user_id=79861eaa-6875-46e0-82cc-47ccb5a1a4a6&ssp=themediagrid&bsw_param=eef60a4a-03c0-4caf-a2e5-a426292d9c8d
cache-control: no-cache, no-store, must-revalidate
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A5A2
Redirect Chain

https://usr.undertone.com/userPixel/syncOne?id=2&of=2&gdpr=0&gdprstr=
https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&gdpr=0&gdpr_consent=&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://us-u.openx.net/w/1.0/cm?cc=1&id=fba3d144-1026-4d31-a758-943b9545e305&gdpr=0&gdpr_consent=&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a62efa1-c230-49b6-918d-e69e9129b2ee

0
402 B

131ms
131ms

Image
text/plain

54.174.74.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a62efa1-c230-49b6-918d-e69e9129b2ee
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.74.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-174-74-213.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 15 Oct 2020 02:06:03 GMT
x-envoy-decorator-operation: tracking-service.ramplift-v2-p-us-east-1.svc.cluster.local:80/*
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Thu, 15 Oct 2020 02:06:03 GMT
content-encoding: gzip
server: OXGW/16.195.1
status: 302
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2a62efa1-c230-49b6-918d-e69e9129b2ee
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame A5A2
Redirect Chain

https://eb2.3lift.com/sync?px=1&src=prebid&
https://eb2.3lift.com/sync?px=1&src=prebid&&ld=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=

70 B
264 B

55ms
55ms

Image
image/gif

34.255.148.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.148.227 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-255-148-227.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://top.gg/bot/562687174697549856
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Oct 2020 02:06:03 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

Redirect headers

status: 302
date: Thu, 15 Oct 2020 02:06:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.top.gg/	1970-01-19 15:21:43	Name: _fbp Value: fb.1.1602727553628.1780960060
.top.gg/	1970-01-20 06:43:19	Name: _ga Value: GA1.2.19524278.1602727554
top.gg/	1969-12-31 23:59:59	Name: theme Value: light
.top.gg/	1970-01-19 13:12:07	Name: _gat Value: 1
.top.gg/	1970-01-19 13:13:33	Name: _gid Value: GA1.2.274953484.1602727554
top.gg/	1969-12-31 23:59:59	Name: country Value: FR
.top.gg/	1970-01-19 13:55:19	Name: __cfduid Value: d34af5d5cd836d526e812d2548babf0d81602727552

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.thisiswaldo.com/static/js/3820.js(Line 1) Message: Bad request
console-api	log	URL: https://top.gg/bot/562687174697549856(Line 568) Message: GA Loaded
console-api	warning	URL: https://cdn.thisiswaldo.com/static/js/3820.js(Line 1) Message: USP is not accessible
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://top.gg/bot/562687174697549856
console-api	info	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2009282107000 https://top.gg/bot/562687174697549856
console-api	warning	URL: https://cdn.ampproject.org/rtv/012009282107000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=ClICZiK6HX_-IHZOy3gOMlIo4iZ_12F-ImZ7Kngyx0oG85wIQASCDm9NpYPWVzoHgBMgBAqkC6PDjmeNcsj7gAgCoAwGqBPkBT9DutJQJK-uMUHPg-L0VQ97OSxm2m6jkOuAgbghMRgOoGLqHmczvnjY5rbiJdwbcK2WFQ4kxSAjAHjYlRfSkmEdUV3rMR9KsAiqCXqd8zMO9T1BOmrOsSs3djXF1oTCHxzlA7K0wqoOgF2YYB2mzeBrQK07pzWSyQ51QMM2Qe3XEu0OxBfn4oeJvE3FuWrmUJRTDOjEv78SgMdcUO_BOsHfh_ay0STCyNLReLIgaHGrLSJt5HL-xNdMUIoKqJvIqkdpZRmZ4b5aH13FSQ7bxZ_Rq8jlnXFR5wFKeVQ6eR74mcHeN_0V4M0Z5hew4p0Nj-gczv1vfCe-MwATqmdjNpAPgBAGgBgKAB6n_1cMBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEPz2VtIICQiA4YBAEAEYHfIIG2FkeC1zdWJzeW4tMTc5MTczMjc3OTY2MzQ3NYAKA8gLAbIMFHB1Yi01NzgxNTMxMjA3NTA5MjMy2BMD&sigh=ZlVy72sfglQ&vt=1
console-api	warning	URL: https://cdn.thisiswaldo.com/static/js/3820.js(Line 1) Message: USP is not accessible

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yieldmo.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
as-sec.casalemedia.com
c0a1ca728013dc3236b3c552227f4c2a.safeframe.googlesyndication.com
cdn.ampproject.org
cdn.jsdelivr.net
cdn.thisiswaldo.com
cdn.top.gg
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
d1oykxszdrgjgl.cloudfront.net
dw7nrwnn2bkh1.cloudfront.net
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
googleads.g.doubleclick.net
grid.bidswitch.net
hb.undertone.com
hb.vntsm.com
hbopenbid.pubmatic.com
i.clean.gg
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image8.pubmatic.com
images.discordapp.net
match.adsrvr.org
pagead2.googlesyndication.com
prebid.digitru.st
quantcast.mgr.consensu.org
sb.scorecardresearch.com
script.4dex.io
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tlx.3lift.com
top.gg
tpc.googlesyndication.com
track.venatusmedia.com
u.ipw.metadsp.co.uk
unpkg.com
us-u.openx.net
usr.undertone.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
104.111.238.139
151.139.128.11
162.159.133.232
172.217.16.130
178.162.133.150
18.195.54.133
185.64.189.110
185.64.189.112
185.64.190.79
2.18.234.21
216.58.212.162
2600:9000:206e:3400:9:46dc:4700:93a1
2600:9000:206e:3c00:6:266a:9940:21
2600:9000:206e:a600:0:1651:6140:21
2600:9000:206e:f600:a:d79f:3100:93a1
2600:9000:21f3:4800:4:164e:ca00:93a1
2606:4700::6810:7caf
2606:4700::6810:ae38
2606:4700::6811:4f6b
2606:4700:e2::ac40:8720
2a00:1450:4001:802::2003
2a00:1450:4001:808::2001
2a00:1450:4001:809::200e
2a00:1450:4001:815::2001
2a00:1450:4001:818::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2001
2a00:1450:4001:820::200a
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::621
3.125.31.155
3.127.110.33
34.255.148.227
34.95.69.49
35.210.239.72
35.244.159.8
37.252.173.62
5.39.66.192
52.210.157.217
52.210.231.1
52.51.3.86
52.71.26.88
54.174.74.213
54.93.138.105
69.173.144.140
72.251.249.9
016abb8f9d8ddc950fd1ac7301fd889269908826ccc9188d12080bc81a17f61a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0aa1d3c161e0055d32dfb4eed38cbd38630d78b7d65f8d4a4fb213aa287567e8
0bb21966dbb05e5ea7af55c8cfc9176f3773df8e559fce945165ea1151821951
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
154ac3c51e838f5c41b795620d383b0d2c02ff3813000a1f3b62d12f2a40dce4
1e898245d7b7397747fda6c7094b8c735f36b1c4a1ce1e91af7fc2a08071049b
227e8a1d20f14779b163391b62981e3e3e10be26a4ac7a2a560be7d54bb29893
239733db63c823ff0f27720321732ff16ae6591fd0a41b6793ee665e9226b42f
23d67466d5f2904de273dfa7f5b5801810fba3b088563c1476b94f4e563e838f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2eefba9c2f4ca79e6ec4ea7ee558c8ceea817c05991309f3f1f6cbb6a17e3132
33901d23b88c104fc2e9d2d029542d2c89eb30dff24f698f339a175d3a4267fa
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46acdc80b185bcd959ac656ec5cc318c15260fc461e530dc99e9ce58ff11f470
46b0d2e6fac4273b21cbf281d054dd61dc70cc7d3e7620fd9b9c02b3e52f9579
482caf4cdd1ed5488c4852e69e36bbee544bd3e3035e716cbb0d8158020cf49d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0637a715cff459e44536e772af354cd1886cda4952bbb18bd2d7948309a7db
5050eb432fb741857a0ae44dd6343f6c056c0f0589b766b0ee62f38a4d02ca54
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58b28659220961ead137cb5b346b5759562750ce703094d70fc786e0db467033
59e3ace474b164dcf468712bd6101de8d52affdf546f7eb3a963dbf13a5cbaa0
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
60d0cdf0b18fc47a4d55b4a2aeccd0b2bcc71063ca21ec0eb538bea39833dda4
67448727689ce4c14a56d71c9aae5e391e00fa93519f945977d7c555d354822d
67c74e570aed287acfa9f016bcd64c0d66c78c4ef53174aaea21908be7133a51
6b036234a5a0483ee3a7a1a291bcae26320a0e0e942fce43a5fe1e5d0bffb53a
7087fa98f10218aaba27b5dc6b6dc5595b0b3d3100b64c7bebf04a9585435103
78b6014c5e9cb91c491462ee578071550415b1fb69c30236e949caf74e864de7
79ea233c6373ddd45721734abb957defd775e5fbf97634917ee738a85b429d87
7a61886119056f23bfb3ec3efa1d4678769e3794e205e60ca34136cc0f9008e7
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81718ef9e4fc9ce1a9d4b1879d15c3edcaf490a8547c7d257b42223b82c8f189
82f60467c442f1292050ac1673c3074047283bfd9ff9be7480a65fddf6a24969
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836fc07bb6d6aee6e3629fa16163878359c1136b854fd3891193e44e9dbd6f56
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85a4521d345d02c38a66f029dd9a113d602f481a1d23eddc805806f993cd1df7
861e9ef754e4ac7e1430a749119e9e4f23f407e124069d281049be0fe6cb6480
877ca8a7b7cf8296f74f79d497b760cd66fe89be55789936315c3da747ebcf09
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da9c408bfe5ba7b509b88421195aac324a2291c00e7005aa4517ab8799c584f
8e90e3b7a9a6bcc74e30e35921a17224cc71048c85cfd2ab1dae7664b5ff5283
911b6cd81150f1862c6b19c183749a2ebddbdf3b0c9deb3dafe446f1a1736ae3
9ca8e213054d163276dedede01f9eaedf3daf414063621030719d3cbde1eca51
9da50d9b7612f618746948b8a617cb399e98ca9756175dd71aa1b10c6e674436
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a1aef4439f487e0bfcbf981692284095e7fc0a68becebc8ec8ce10c125cbd956
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b11014bd3388e115c390b1eab972b4ef0cf40ca2d0fc6318e81b6065b569e4f7
b2754c00295b6eb895d8419cb3df993d74a0ed97e143ee98fcd83fdca94f932c
b34cce26bfbafba88c8f7c284033604f818671a68c2ff7ab7fbb36ab6b3e5a5f
b42da2d820260700cf904a3e7cfd6e7989d8d09dc59c3bace9f3e8fd83f43497
b4e4c23535c903ae643a4e78979e7f62627e36abedcd638b4c20c37dd0f5bcbb
b590dda67f745cfac675d0ac1add806acb9e182d3ae45454fad6f504d9ae4f17
b7ad73139b27b21cca9b44cf9c3372a5e87d96a2733ea8b291226bb46df95bc3
be9235bad269a89f4f57d512326769049f3e99eef9c399e99efee1bab2f81cea
c05bc26ae203f98beff3a31adcb3d3269b79126deded18e1fa36d7078cebe2e6
c5e941739ae6c7a5e88a2a29ece322a64ca6d454d1183b84deb4c9be2ad10b2f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d00e1ffbde89afc301abf43ed68bc52d7d7bae9f81d0bd93638394f4e287b12f
d3573a4eac212c2acff3d06629135a3b96d8a373b4f92779733d8926f411b818
d9387b372acec4b3b43903e7597b064818972267299879c050f584f625b122cc
dc209702545383bd8e827865676fd3e37699c895e8f51d54e427e8318b4e6eab
e31b2b2848ce240a6cc01488d47ebfac18dbb1a3b02708f3e091239c7aec618e
e37570ef85a3553930ba20dfab7280bfcead8a2238b536b5c03c629c35b3d4ca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30c6da606a77962dd74a918c4ed33c7726d09c9b165cdabfc822f08dc41447a
f34e56bbdec33105361cc35f3805704b6d3df415b0bf044ef2a6f11764bd8a20
f940941d2ef18092362ecec0079a009470a93f204b5ecf29dbc18df5b2209ca5
fb28bf7666d92db223190c8547b94ac9480febe84c2ff0e6973f111dff762bbc

top.gg Open in urlscan Pro 2606:4700::6810:ae38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

124 Requests

100 %HTTPS

44 %IPv6

39 Domains

53 Subdomains

44 IPs

9 Countries

1623 kBTransfer

5426 kBSize

7 Cookies

12 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

top.gg Open in urlscan Pro
2606:4700::6810:ae38 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

100 %
HTTPS

44 %
IPv6

39
Domains

53
Subdomains

44
IPs

9
Countries

1623 kB
Transfer

5426 kB
Size

7
Cookies

124 HTTP transactions
4 data transactions