www.onlyhgames.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Submission: On May 27 via manual (May 27th 2022, 7:51:00 am UTC) from PH — Scanned from DE

Summary HTTP 62 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 21 domains to perform 62 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.onlyhgames.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 17th 2021. Valid for: a year.

This is the only time www.onlyhgames.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:205... 2600:9000:2057:8600:c:dd71:23c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3b	20446 (STACKPATH...) (STACKPATH-CDN)
1 3	185.94.236.244 185.94.236.244	42567 (MOJHOST-EU) (MOJHOST-EU)
8	2001:4de0:ac1... 2001:4de0:ac19::1:b:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
4	95.211.229.245 95.211.229.245	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2606:4700::68... 2606:4700::6811:a7ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:a6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	162.252.214.5 162.252.214.5	53334 (TUT-AS) (TUT-AS)
1	185.200.118.90 185.200.118.90	9009 (M247) (M247)
1	38.132.109.186 38.132.109.186	9009 (M247) (M247)
1	185.200.116.90 185.200.116.90	9009 (M247) (M247)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:4193	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	139.45.195.8 139.45.195.8	9002 (RETN-AS) (RETN-AS)
1	168.119.1.208 168.119.1.208	24940 (HETZNER-AS) (HETZNER-AS)
1	136.243.43.25 136.243.43.25	24940 (HETZNER-AS) (HETZNER-AS)
4	95.211.229.247 95.211.229.247	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	66.254.114.233 66.254.114.233	29789 (REFLECTED) (REFLECTED)
1	162.252.213.208 162.252.213.208	53334 (TUT-AS) (TUT-AS)
62	27

9 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.onlyhgames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
highlevelcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

ads.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:8600:c:dd71:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.juicyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.236.244 (Netherlands) 1 redirects

ASN42567 (MOJHOST-EU, NL)

poweredby.jads.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2001:4de0:ac19::1:b:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

a.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s3t3d2y8.ackcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

ads.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

www.betteradsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.229.245 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

syndication.exosrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.realsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:a7ba (United States)

ASN13335 (CLOUDFLARENET, US)

c.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:a6ba (United States)

ASN13335 (CLOUDFLARENET, US)

6.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 162.252.214.5 (United States)

ASN53334 (TUT-AS, US)

4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.118.90 (London, United Kingdom)

ASN9009 (M247, GB)
PTR: adscore.com

gopbkl6c7vap.l4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.132.109.186 (New York, United States)

ASN9009 (M247, GB)

gopbkl6c7vap.n4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.200.116.90 (Romania)

ASN9009 (M247, GB)
PTR: no-mans-land.m247.com

gopbkl6c7vap.s4.adsco.re	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

goodfungame.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:4193 (United States)

ASN13335 (CLOUDFLARENET, US)

iadoremakingpics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.8 (United Kingdom)

ASN9002 (RETN-AS, GB)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.1.208 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.208.1.119.168.clients.your-server.de

tsyndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.43.25 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.25.43.243.136.clients.your-server.de

runative-syndicate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.211.229.247 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

main.exdynsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
main.exoclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.254.114.233 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net

syndication.traffichaus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.252.213.208 (United States)

ASN53334 (TUT-AS, US)

betteradsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	adsco.re c.adsco.re — Cisco Umbrella Rank: 19029 6.adsco.re — Cisco Umbrella Rank: 20155 4.adsco.re — Cisco Umbrella Rank: 21877 adsco.re — Cisco Umbrella Rank: 16800 gopbkl6c7vap.l4.adsco.re gopbkl6c7vap.n4.adsco.re gopbkl6c7vap.s4.adsco.re	72 KB
8	onlyhgames.com www.onlyhgames.com	105 KB
6	ackcdn.net s3t3d2y8.ackcdn.net — Cisco Umbrella Rank: 9035	73 KB
4	realsrv.com a.realsrv.com — Cisco Umbrella Rank: 11878 main.realsrv.com — Cisco Umbrella Rank: 133442	69 KB
4	exosrv.com a.exosrv.com — Cisco Umbrella Rank: 37821 ads.exosrv.com — Cisco Umbrella Rank: 47632 syndication.exosrv.com — Cisco Umbrella Rank: 29875	22 KB
4	exoclick.com ads.exoclick.com — Cisco Umbrella Rank: 36823 main.exoclick.com — Cisco Umbrella Rank: 39313	2 KB
3	jads.co 1 redirects poweredby.jads.co — Cisco Umbrella Rank: 36473	4 KB
2	exdynsrv.com main.exdynsrv.com — Cisco Umbrella Rank: 135578	838 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	398 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	betteradsystem.com www.betteradsystem.com — Cisco Umbrella Rank: 310727 betteradsystem.com — Cisco Umbrella Rank: 236190	10 KB
1	highlevelcount.com highlevelcount.com — Cisco Umbrella Rank: 199038
1	traffichaus.com syndication.traffichaus.com — Cisco Umbrella Rank: 60220	619 B
1	runative-syndicate.com runative-syndicate.com — Cisco Umbrella Rank: 35555	469 B
1	tsyndicate.com tsyndicate.com — Cisco Umbrella Rank: 10866	463 B
1	rtmark.net my.rtmark.net — Cisco Umbrella Rank: 11060	491 B
1	iadoremakingpics.com iadoremakingpics.com — Cisco Umbrella Rank: 218639	138 KB
1	goodfungame.com goodfungame.com — Cisco Umbrella Rank: 152643	2 KB
1	juicyads.com js.juicyads.com — Cisco Umbrella Rank: 67520	93 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
0	qqjar.ru Failed qqjar.ru Failed
62	21

	Domain	Requested by
8	www.onlyhgames.com	www.onlyhgames.com
6	s3t3d2y8.ackcdn.net	syndication.exosrv.com www.onlyhgames.com
3	4.adsco.re	www.onlyhgames.com c.adsco.re
3	c.adsco.re	www.betteradsystem.com c.adsco.re
3	poweredby.jads.co	1 redirects www.onlyhgames.com poweredby.jads.co
2	main.realsrv.com	goodfungame.com
2	main.exoclick.com	goodfungame.com
2	main.exdynsrv.com	goodfungame.com
2	www.facebook.com	goodfungame.com
2	adsco.re	c.adsco.re
2	6.adsco.re	www.onlyhgames.com c.adsco.re
2	syndication.exosrv.com	a.exosrv.com ads.exosrv.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.realsrv.com	www.onlyhgames.com
2	ads.exoclick.com	www.onlyhgames.com ads.exoclick.com
1	betteradsystem.com	www.betteradsystem.com
1	highlevelcount.com	goodfungame.com
1	syndication.traffichaus.com	goodfungame.com
1	runative-syndicate.com	goodfungame.com
1	tsyndicate.com	goodfungame.com
1	my.rtmark.net	goodfungame.com
1	iadoremakingpics.com	goodfungame.com
1	goodfungame.com	poweredby.jads.co
1	gopbkl6c7vap.s4.adsco.re	c.adsco.re
1	gopbkl6c7vap.n4.adsco.re	c.adsco.re
1	gopbkl6c7vap.l4.adsco.re	c.adsco.re
1	www.betteradsystem.com	www.onlyhgames.com
1	ads.exosrv.com	www.onlyhgames.com
1	a.exosrv.com	www.onlyhgames.com
1	js.juicyads.com	www.onlyhgames.com
1	www.googletagmanager.com	www.onlyhgames.com
0	qqjar.ru Failed	goodfungame.com
62	32

This site contains links to these domains. Also see Links.

Domain
adsco.re
www.exoclick.com
td.vs3.com
track.aftrk1.com
hczog.com
ninjaclicks.club
www.mediafire.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-17` - `2022-11-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.exoclick.com Go Daddy Secure Certificate Authority - G2	`2021-08-03` - `2022-09-04`	a year	crt.sh
*.juicyads.com Sectigo RSA Domain Validation Secure Server CA	`2022-04-21` - `2023-05-22`	a year	crt.sh
exosrv.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
realsrv.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
1285643437.rsc.cdn77.org R3	`2022-03-20` - `2022-06-18`	3 months	crt.sh
*.jads.co Sectigo RSA Domain Validation Secure Server CA	`2021-11-30` - `2022-12-31`	a year	crt.sh
ackcdn.net R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.adsco.re Sectigo RSA Organization Validation Secure Server CA	`2021-09-06` - `2022-09-28`	a year	crt.sh
*.l4.adsco.re R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.n4.adsco.re R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.s4.adsco.re R3	`2022-05-19` - `2022-08-17`	3 months	crt.sh
*.goodfungame.com E1	`2022-04-22` - `2022-07-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-03-05` - `2022-06-03`	3 months	crt.sh
*.rtmark.net Sectigo RSA Domain Validation Secure Server CA	`2021-11-20` - `2022-11-26`	a year	crt.sh
tsyndicate.com R3	`2022-05-12` - `2022-08-10`	3 months	crt.sh
runative-syndicate.com R3	`2022-04-30` - `2022-07-29`	3 months	crt.sh
exdynsrv.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
exoclick.com R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
traffichaus.com R3	`2022-04-06` - `2022-07-05`	3 months	crt.sh
*.highlevelcount.com E1	`2022-04-26` - `2022-07-25`	3 months	crt.sh
betteradsystem.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-19` - `2022-07-22`	2 years	crt.sh

This page contains 6 frames:

Primary Page: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Frame ID: B7542C6162FF1418273A44C77FEAC281
Requests: 37 HTTP requests in this frame

Frame: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2889662&type=160x600&p=https%3A//www.onlyhgames.com/go.php%3Fid%3Dxw04ubq17rs9jke&dt=1653637855709&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Frame ID: AF26586B05C8D81027605E127E16D99A
Requests: 2 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=648146
Frame ID: D84CEFC58F46AC63976926E48F5CE734
Requests: 1 HTTP requests in this frame

Frame: https://poweredby.jads.co/adshow.php?adzone=648146
Frame ID: ABE1DC93B651492F7788C3FDC9E485FF
Requests: 1 HTTP requests in this frame

Frame: https://c.adsco.re/
Frame ID: DDAE271E4B077B08828246F01AC5FA2F
Requests: 5 HTTP requests in this frame

Frame: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Frame ID: 6E871E6E1977FB0CFF88F25F205F722F
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Layer 1

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

92 %
HTTPS

54 %
IPv6

21
Domains

32
Subdomains

27
IPs

5
Countries

652 kB
Transfer

1244 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://adsco.re/v

Search URL Search Domain Scan URL

URL: https://www.exoclick.com/
Title: Powered By

Search URL Search Domain Scan URL

URL: https://td.vs3.com/live-sexy-models-
Title: Live Sexy Models 🔥She will make the first moveFlirt4Free

Search URL Search Domain Scan URL

URL: https://track.aftrk1.com/sex-game
Title: Sex Game!Are you already hard?Nutaku

Search URL Search Domain Scan URL

URL: https://hczog.com/you-wont-last-40-seconds
Title: You Won't Last 40 SecondsTry Not to Cum! #1 Game in HagenFamily Simulators

Search URL Search Domain Scan URL

URL: https://ninjaclicks.club/100-kostenloses-hentaispiel
Title: 100% Kostenloses Hentai-SpielErzähl Niemandem, Dass du Das Gespielt HastHentai Heroes

Search URL Search Domain Scan URL

URL: https://www.mediafire.com/file/xw04ubq17rs9jke/sl3eng.rar/file

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://poweredby.jads.co/js/jads.js HTTP 301
https://poweredby.jads.co/js/jads2.js

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request go.php Show response
www.onlyhgames.com/ 19 KB
8 KB 169ms
119ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 45168fce21f822bb60ce5253886f0d0c656fe79d260f4676c2ca63bbf162c610

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=0,public
cf-cache-status: DYNAMIC
cf-ray: 711d29942b9b9b94-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 27 May 2022 07:50:55 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 27 May 2022 07:50:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zggVAKDKoULIPvkvtpeS%2FWBsR52wPOh3oJppQVAUFxFyJRYYo4%2F1CqwMJ2r%2F49QXU3iidtnVUExJ0Ew5G%2BR4Hcb3bfQyjwnFBPq5ibRLw%2FnlDhSchPyN6nXv31NRVhBQXyOtcAgWGerZcdx6ftQ3PEA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.29
x-turbo-charged-by: LiteSpeed

GET
H2 200 antad.js Show response
www.onlyhgames.com/ 7 KB
2 KB 21ms
14ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/antad.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0981dc0a42cda924e91669b927d1a27c25be12f0d44fe2f9c4cc2b7c580cab3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 619068
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1971
last-modified: Sun, 07 Jul 2019 01:13:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6ZmBHT3FBjVfO14pHoOCYtIhAs%2FXKZmeY%2BX3LxLD0B1LuaGWbHMCKar7GegF7ki6SVOFE1s%2BCVYHbTVlHVEhtTd2AP%2BUWrpOfAH7FZD7vNYd0qCHHL%2BoK5IuL%2Bu1VEVph%2FWJ6bK1jkRZKNAz62ThtM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 711d29950d909b94-FRA
expires: Sat, 20 May 2023 03:53:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 69ms
27ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-96564504-1

Requested by

Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cb4418cd02e147f7df562f6c221c4e3bf97f1a7a85c96220319a5f9a54b9f746

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39645
x-xss-protection: 0
last-modified: Fri, 27 May 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 27 May 2022 07:50:55 GMT

GET
H/1.1 200
OK ad_track.js Show response
ads.exoclick.com/ 368 B
635 B 59ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exoclick.com/ad_track.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bf3f7b1d3b167230b23517e22fcddfb15b15aba03e5e014c94e79113202cd0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"3ac21caf363100082c3f8c53986"
X-HW: 1653637855.dop223.fr8.t,1653637855.cds136.fr8.shn,1653637855.cds136.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 221

GET
H2 200 skrr.css
www.onlyhgames.com/ 33 KB
8 KB 22ms
16ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/skrr.css
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c53a889b482af6ac32dc86dfdf24d2004a50cb9c0d551d2eab33e7cec723a1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 619068
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7611
last-modified: Sun, 07 Jul 2019 01:13:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eaJkfrI20WhTbacjfoh52wW%2FAbeW%2F%2BA9TP70pquqZU8xCXFg%2FzkSon0zXCc81XzIge72dssUhIZiC7ZHvUGNYj5q4KqJjXWBBr4qFSkadsi7byCquRtFokSpIK7loaYNPr94StauvXc0T8A72ghetkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 711d29950da59b94-FRA
expires: Sat, 20 May 2023 03:53:06 GMT

GET
H2 200 jp.php Show response
js.juicyads.com/ 93 KB
93 KB 69ms
12ms Script
application/javascript 2600:9000:2057:8600:c:dd71:23c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.juicyads.com/jp.php?c=3454u2z2y254u4p2w2c4x294a4&u=http%3A%2F%2Fwww.juicyads.rocks
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:8600:c:dd71:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7052d93b5c20c520d09f90c76606030882ac3b4a11730f8ff5511cf779c6ea4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: cache
date: Fri, 27 May 2022 07:47:56 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
server: nginx
age: 179
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: hRfzr5oXpTKInfFTbzaSrT8i0jiB7Dob0NIguencKwTz4TYEvn8ZEA==
expires: Fri, 27 May 2022 08:02:56 GMT

GET
H2 200 jquery.js Show response
www.onlyhgames.com/ 95 KB
33 KB 19ms
14ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/jquery.js?ver=1.12.4
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7d9db5d4066c7fcc99e752b96a5c8e81bcabfee0edf1bd427f5aa82d5759fbcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 619068
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33857
last-modified: Sun, 07 Jul 2019 01:13:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e34krhw6fUoKxwcKlC4oR0iK3cRc%2B%2FM1WZDvcAhpXSmcqmoVCpQR56L6bX5R0sBj8CpvNKSnYKRRuajL4rBd6TPfBz2809M5llKdUdZeN%2BukfHtLMkqSSPZLwDE8iytDsexLBP5Fc87t%2FUH%2F8C2IomU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 711d29951da79b94-FRA
expires: Sat, 20 May 2023 03:53:06 GMT

GET
H2 200 adframe.js Show response
www.onlyhgames.com/ 64 KB
13 KB 140ms
135ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/adframe.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: c7aa784cc05d11035a50799f888986bbc09be678bbf6b57ffd63f1e36174100c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 07:19:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyohJl63V75Vj6Fm2rBYU7bJSvDCUJ2qcGcWW7TGeCGVPPTgAusL2%2F1wJOTNjIZHr%2BwZyntmJGP5PKRJnZaJRF9kmLcsxhkIPXaFm5oeLzZqFrknU4woYjBo%2FaBKOPYILcsFu%2F4tqmpmP6MFn%2BMSTv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 711d29951da99b94-FRA
expires: Fri, 27 May 2022 07:50:53 GMT

GET
H/1.1 200
OK nativeads.js Show response
a.exosrv.com/ 45 KB
13 KB 55ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.exosrv.com/nativeads.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 568c7149d705ee0c49422441d4e4879586e924b06716668cc92a309dbdae1169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"a799e1d91853f2ddef5ca036110"
X-HW: 1653637855.dop147.fr8.t,1653637855.cds257.fr8.shn,1653637855.dop147.fr8.t,1653637855.cds277.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 12699

GET
H2 200 count.js Show response
www.onlyhgames.com/ 2 KB
1 KB 20ms
17ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/count.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f001469d1a9f650e94baa79ad25742a1180ff696530dbacc0ddfa6d539d4394

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 619068
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 869
last-modified: Sun, 07 Jul 2019 01:13:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mt6SwiCPdJgcgF6zEPta9tGU5RuI6H07gqeLlXbdlT1xlSZzuUemnv%2B7ngtnXTWqfFEskmddEJFh05LyH6rDpu8dcEwK5srRq%2Bd16HmehUmgaqP5VsHk7V6CELbY8HdB4zFy15%2F6tPllOG4BC4RN3do%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 711d29951dab9b94-FRA
expires: Sat, 20 May 2023 03:53:06 GMT

GET
H2 200 fdload3.js Show response
www.onlyhgames.com/ 64 KB
13 KB 162ms
160ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.onlyhgames.com/fdload3.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.29
Resource Hash: 996a179212043f8fbf2009a544e1a137bc7538075ef287d2e833f18f2831736d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: gzip
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: PHP/7.4.29
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 27 May 2022 06:35:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUXKdUvMVUpbplJvw%2BBHNknbBrnOXPPbBqLy88LdJIwVqbzvEy1rQ3p3LySmxVedRkVm1uk0m8A3jiEg9KTwqTepbFUiiDeXiG97sObIH5T%2F4KedjiI4qqknmglBRFR%2BKdsNLbCisfvkcVwL5qhM8Ak%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: public, max-age=14400
x-turbo-charged-by: LiteSpeed
cf-ray: 711d29951dad9b94-FRA
expires: Fri, 27 May 2022 07:50:53 GMT

GET
H/1.1

200
OK

jads2.js Show response
poweredby.jads.co/js/
Redirect Chain

https://poweredby.jads.co/js/jads.js
https://poweredby.jads.co/js/jads2.js

4 KB
2 KB

40ms
13ms

Script
application/x-javascript

185.94.236.244
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/js/jads2.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Server: 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 19:10:29 GMT
Server: nginx
ETag: W/"5e0262a5-eae"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Connection: close

Redirect headers

Location: jads2.js
Date: Fri, 27 May 2022 07:50:55 GMT
Server: nginx
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK ad-provider.js Show response
a.realsrv.com/ 104 KB
29 KB 107ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/ad-provider.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 23fa5daab464fc4565d6375d5ab95cc677a2dbb07ecfa22bad67946b40f60db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"ebbae6c64bbbcf5c685087f93f8"
X-HW: 1653637855.dop229.fr8.t,1653637855.cds273.fr8.shn,1653637855.cds273.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28939

GET
H/1.1 200
OK ads.js Show response
ads.exosrv.com/ 2 KB
1 KB 45ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exosrv.com/ads.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 56b888f4c760420b88d2d533aaff3f13e09c98935758066904e11bcbab76d706

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"b60fdcc211f42a1f246a8c80b56"
X-HW: 1653637855.dop153.fr8.t,1653637855.cds288.fr8.shn,1653637855.cds288.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 972

GET
H/1.1 200
OK ad99uip8i.php Show response
ads.exoclick.com/ 30 B
450 B 10ms
10ms Script
text/html 2001:4de0:ac19::1:b:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.exoclick.com/ad99uip8i.php
Requested by: Host: ads.exoclick.com
URL: https://ads.exoclick.com/ad_track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e6ccfc4dd857709542710e1cbf7bcc2428168f84890971f7972d1e81225f6296

Request headers

Referer: https://www.onlyhgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
X-HW: 1653637855.dop223.fr8.t,1653637855.cds136.fr8.shn,1653637855.dop223.fr8.t,1653637855.cds232.fr8.c
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 50

GET
H2 200 jmespath.min.js Show response
www.betteradsystem.com/ 31 KB
10 KB 152ms
74ms Script
application/x-javascript 2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.betteradsystem.com/jmespath.min.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: a997d0e4a8e2ed3cc8ed7a232fb8f464948e17ef784b62a0a7d9c51f3b51b9e8

Request headers

Referer: https://www.onlyhgames.com/
Origin: https://www.onlyhgames.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: br
x-77-cache: HIT
x-cache: HIT
x-age: 489680
alt-svc: quic="195.181.175.47:443"; ma=2592000; v="44,43,39"
x-77-nzt: AcO1ry8lzcr/0HgHAA
x-accel-expires: @1653752975
server: CDN77-Turbo
x-77-nzt-ray: FAZtphzYXWU
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=604800
link: <https://betteradsystem.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
expires: Sat, 28 May 2022 15:49:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 67ms
24ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-96564504-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 969
date: Fri, 27 May 2022 07:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 27 May 2022 09:34:46 GMT

GET
H/1.1 200
OK splash.php Show response
syndication.exosrv.com/ 7 KB
6 KB 77ms
33ms XHR
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/splash.php?native-settings=1&idzone=3467257&p=https%3A%2F%2Fwww.onlyhgames.com%2Fgo.php%3Fid%3Dxw04ubq17rs9jke
Requested by: Host: a.exosrv.com
URL: https://a.exosrv.com/nativeads.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: b29e27f88cc1a15840cec93a42fae70417830ef02a056b5943a84bb43afc83ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.onlyhgames.com
Access-Control-Allow-Credentials: true
Connection: keep-alive

GET
H/1.1 200
OK ads-iframe-display.php Show response
syndication.exosrv.com/ Frame AF26 2 KB
2 KB 44ms
23ms Document
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2889662&type=160x600&p=https%3A//www.onlyhgames.com/go.php%3Fid%3Dxw04ubq17rs9jke&dt=1653637855709&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Requested by: Host: ads.exosrv.com
URL: https://ads.exosrv.com/ads.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8674d62c3353c9dfc489b22fc0ceb6b552e45adea2aeb434ae03baa3c8d78e06

Request headers

Referer: https://www.onlyhgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 27 May 2022 07:50:55 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK popunder1000.js Show response
a.realsrv.com/ 94 KB
40 KB 29ms
7ms Script
application/javascript 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://a.realsrv.com/popunder1000.js
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b3a25f46e182f7b7c98d8b8412c8db0ca7ae8fb4fd02159a986f73327d69821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Content-Encoding: gzip
Server: nginx
etag: W/"717d1e695e18ae1f91654dda15a"
X-HW: 1653637855.dop126.fr8.t,1653637855.cds216.fr8.shn,1653637855.cds216.fr8.c
Content-Type: application/javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=10800
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 40330

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 70ms
21ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=651557393&t=pageview&_s=1&dl=https%3A%2F%2Fwww.onlyhgames.com%2Fgo.php%3Fid%3Dxw04ubq17rs9jke&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=812523861&gjid=944856925&cid=409922575.1653637856&tid=UA-96564504-1&_gid=918715610.1653637856&_r=1&gtm=2ou5p1&z=445169871

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.onlyhgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 27 May 2022 07:50:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.onlyhgames.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET adshow.php
poweredby.jads.co/ Frame D84C 0
0

GET
H/1.1 200
OK adshow.php Show response
poweredby.jads.co/ Frame ABE1 4 KB
2 KB 652ms
628ms Document
text/html 185.94.236.244
MOJHOST-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://poweredby.jads.co/adshow.php?adzone=648146
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/js/jads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.94.236.244 , Netherlands, ASN42567 (MOJHOST-EU, NL),
Reverse DNS
Software: nginx / PHP/5.6.40
Resource Hash: 7aa86091478c8a9eeb69301b8fe5a9c4b0a4e2c98ccf26f5aa2affe137d17248

Request headers

Referer: https://www.onlyhgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 27 May 2022 07:50:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40

GET
H/1.1 200
OK 0536c90dcd380dde891d9b5f4d71c3a7c830f2ef.webp
s3t3d2y8.ackcdn.net/library/441893/ Frame AF26 16 KB
16 KB 105ms
11ms Image
image/webp 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y8.ackcdn.net/library/441893/0536c90dcd380dde891d9b5f4d71c3a7c830f2ef.webp
Requested by: Host: syndication.exosrv.com
URL: https://syndication.exosrv.com/ads-iframe-display.php?idzone=2889662&type=160x600&p=https%3A//www.onlyhgames.com/go.php%3Fid%3Dxw04ubq17rs9jke&dt=1653637855709&sub=&tags=&cookieconsent=true&screen_resolution=1600x1200&el=%22
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: abe52ba7ff03719a1fcf44d5069d98ef33721ccb71ac7f8cfaac70a1ab9478ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://syndication.exosrv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Last-Modified: Mon, 09 May 2022 14:43:56 GMT
ETag: "1652107436"
X-HW: 1653637855.dop007.fr8.t,1653637855.cds276.fr8.shn,1653637855.dop007.fr8.t,1653637855.cds057.fr8.c
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 15988

GET
H/1.1 200
OK widget-branding-logo.png
s3t3d2y8.ackcdn.net/ 2 KB
2 KB 99ms
9ms Image
image/png 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y8.ackcdn.net/widget-branding-logo.png
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 5325d5beb64d82d48d3f7d78b606ee93b8e975a55868bba038905329ed1044b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Last-Modified: Mon, 15 Apr 2019 09:03:59 GMT
ETag: "1555319039"
X-HW: 1653637855.dop013.fr8.t,1653637855.cds272.fr8.shn,1653637855.cds272.fr8.c
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1547

GET
H/1.1 200
OK 7f10fb48fa969705c02a3d2ee54a5ed916585d50.webp
s3t3d2y8.ackcdn.net/library/797776/ 5 KB
6 KB 91ms
11ms Image
image/webp 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y8.ackcdn.net/library/797776/7f10fb48fa969705c02a3d2ee54a5ed916585d50.webp
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 8412627d4d679bcb5520dfe29089f05130b37bfb9e0f0fc125de80f8ea86a801

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Last-Modified: Wed, 18 May 2022 06:39:24 GMT
ETag: "1652855964"
X-HW: 1653637855.dop016.fr8.t,1653637855.cds217.fr8.shn,1653637855.dop016.fr8.t,1653637855.cds129.fr8.c
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5498

GET
H/1.1 200
OK 855958778c097f3fcdc50ed2736ebcf327897527.webp
s3t3d2y8.ackcdn.net/library/319620/ 6 KB
6 KB 93ms
13ms Image
image/webp 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y8.ackcdn.net/library/319620/855958778c097f3fcdc50ed2736ebcf327897527.webp
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: e71c68cbeac1de74ef11ad137c60d3589d15460c8396f0b81cd927b4be7268fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Last-Modified: Thu, 04 Nov 2021 10:56:20 GMT
ETag: "1636023380"
X-HW: 1653637855.dop153.fr8.t,1653637855.cds167.fr8.shn,1653637855.dop153.fr8.t,1653637855.cds252.fr8.c
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 5706

GET
H/1.1 200
OK 09cabf040c19c94e3c268a2793ca13c0c5c97a64.webp
s3t3d2y8.ackcdn.net/library/41682/ 24 KB
24 KB 96ms
16ms Image
image/webp 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y8.ackcdn.net/library/41682/09cabf040c19c94e3c268a2793ca13c0c5c97a64.webp
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 3b3b7fc1592aa5008f387a5aba44846925a32ec4cc85cb374b2009cd59e8dc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Last-Modified: Thu, 03 Mar 2022 00:49:48 GMT
ETag: "1646268588"
X-HW: 1653637855.dop146.fr8.t,1653637855.cds126.fr8.shn,1653637855.dop146.fr8.t,1653637855.cds223.fr8.c
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 24172

GET
H/1.1 200
OK 7b45514988263b3b12334d02e2186feb41ead48c.webp
s3t3d2y8.ackcdn.net/library/762040/ 19 KB
19 KB 95ms
14ms Image
image/webp 2001:4de0:ac19::1:b:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3t3d2y8.ackcdn.net/library/762040/7b45514988263b3b12334d02e2186feb41ead48c.webp
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: /
Resource Hash: 5bf100d9ab245fccdbf0c89c439c9b2af3f222c62712950816162cbc0ad28150

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:55 GMT
Last-Modified: Thu, 04 Nov 2021 12:04:43 GMT
ETag: "1636027483"
X-HW: 1653637855.dop234.fr8.t,1653637855.cds129.fr8.shn,1653637855.dop234.fr8.t,1653637855.cds289.fr8.c
Content-Type: image/webp
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 19298

GET
H2 200 / Show response
c.adsco.re/ 63 KB
23 KB 55ms
18ms Script
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/jmespath.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:55 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5047836
etag: W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 711d29979e54995d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 27 Jun 2022 07:50:55 GMT

GET
H2 200 /
6.adsco.re/ 0
419 B 54ms
18ms Other
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlyhgames.com/
Origin: https://www.onlyhgames.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.onlyhgames.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 711d2997fb7c6955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK /
4.adsco.re/ 0
467 B 103ms
22ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlyhgames.com/
Origin: https://www.onlyhgames.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.onlyhgames.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

POST
H/1.1 200
OK p Show response
adsco.re/ 0
427 B 79ms
26ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlyhgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
AS-P-4: OK
Transfer-Encoding: chunked
AS-P-1: OK lon223
Access-Control-Allow-Origin: https://www.onlyhgames.com
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
AS-E: ND
AS-P-2: OK
AS-P-3: OK

GET
H/1.1 200
OK / Show response
4.adsco.re/ 48 B
467 B 39ms
22ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: c07fd417447f3265f6f01eea7139d242d6b88e5c2d80388c10f35c18d506f9ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://www.onlyhgames.com
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H2 200 / Show response
6.adsco.re/ 57 B
106 B 15ms
14ms XHR
text/plain 2606:4700::6811:a6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:a6ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01c8f5cfaf2e93d6757f1ff98e84d3755826c45a9c292ffdf4156b75adf11349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
content-encoding: br
server: cloudflare
access-control-allow-headers: Content-Type
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: text/plain;charset=UTF-8
access-control-allow-origin: https://www.onlyhgames.com
access-control-max-age: 2592000
cache-control: private, max-age=10
cf-ray: 711d29980b946955-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK /
gopbkl6c7vap.l4.adsco.re/ 0
464 B 77ms
19ms Ping
text/html 185.200.118.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://gopbkl6c7vap.l4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.118.90 London, United Kingdom, ASN9009 (M247, GB),
Reverse DNS: adscore.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlyhgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Last-Modified: Tue, 31 Jul 2018 22:16:15 GMT
ETag: "5b60dfaf-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
gopbkl6c7vap.n4.adsco.re/ 0
464 B 475ms
92ms Ping
text/html 38.132.109.186
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://gopbkl6c7vap.n4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 38.132.109.186 New York, United States, ASN9009 (M247, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlyhgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
ETag: "5b5f2f9a-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

POST
H/1.1 200
OK /
gopbkl6c7vap.s4.adsco.re/ 0
464 B 1401ms
162ms Ping
text/html 185.200.116.90
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://gopbkl6c7vap.s4.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.200.116.90 , Romania, ASN9009 (M247, GB),
Reverse DNS: no-mans-land.m247.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.onlyhgames.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 27 May 2022 07:50:57 GMT
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
ETag: "5b5f30d9-0"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Connection: close
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 0

GET
H3 200 / Show response
c.adsco.re/ Frame DDAE 63 KB
23 KB 67ms
48ms Document
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

Referer: https://www.onlyhgames.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5047835
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=2678400
cf-cache-status: HIT
cf-ray: 711d299838689bfa-FRA
content-encoding: br
content-type: text/html
date: Fri, 27 May 2022 07:50:56 GMT
etag: W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Mon, 27 Jun 2022 07:50:56 GMT
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
server: cloudflare
vary: Accept-Encoding

GET /
6.adsco.re/ Frame DDAE 0
0

GET
H/1.1 200
OK /
4.adsco.re/ Frame DDAE 0
459 B 22ms
22ms Other
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://4.adsco.re/
Requested by: Host: www.onlyhgames.com
URL: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c.adsco.re/
Origin: https://c.adsco.re
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Access-Control-Max-Age: 2592000
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://c.adsco.re
Cache-Control: private, max-age=5
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Headers: Content-Type

GET
H3 200 / Show response
c.adsco.re/ Frame DDAE 63 KB
23 KB 24ms
24ms XHR
text/html 2606:4700::6811:a7ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.adsco.re/
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:a7ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.adsco.re/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5047835
etag: W/"WtfcKMteYs2dCZjgNMzUmw=="
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=dns-prefetch
cache-control: public, max-age=2678400
cf-ray: 711d29993b599bfa-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Mon, 27 Jun 2022 07:50:56 GMT

GET /
4.adsco.re/ Frame DDAE 0
0

GET
H2 200 62334d9893a2a Show response
goodfungame.com/iframe/ Frame 6E87 2 KB
2 KB 138ms
107ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Requested by: Host: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=648146
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0380569663cd9e602133f12d47b84a1407ebba3c542868e52f065de794a5133b

Request headers

Referer: https://poweredby.jads.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 711d299af9829bb9-FRA
content-encoding: br
content-type: text/html
date: Fri, 27 May 2022 07:50:56 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVP9TbfJGjJKtQrUGPE5RzocmsK4Sd4qUsFOzHZs4tKHZVP0%2FpGc8BC%2B%2FehS5zApGc9Q%2BnLMOrxws1KB2%2FHo1OxCVjLDQiH6XFqZ%2B2icwZE%2F1Fa%2Bt2oyAZkXgiMQR%2BUqYtmP%2B2sWKi1r7Y9zkz4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

POST
H/1.1 200
OK p Show response
adsco.re/ 364 B
871 B 42ms
41ms XHR
text/html 162.252.214.5
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://adsco.re/p
Requested by: Host: c.adsco.re
URL: https://c.adsco.re/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 162.252.214.5 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: f8f65c13cd5b7e6d878c2db9444bfd0a7903fcdc88e5f5ec9de8006e200dfd6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

AS-P-G: OK
Date: Fri, 27 May 2022 07:50:56 GMT
AS-P-7: OK
AS-P-9: OK
AS-P-C: OK
Transfer-Encoding: chunked
AS-P-5: OK
AS-P-F: OK
Connection: keep-alive
Content-Encoding: gzip
AS-P-2: OK
AS-P-D: OK
AS-P-6: OK
AS-P-B: OK
AS-P-H: OK
AS-P-4: OK
AS-P-A: OK
Access-Control-Max-Age: 2592000
AS-P-1: OK lon223
Access-Control-Allow-Origin: https://www.onlyhgames.com
Cache-Control: no-transform
Access-Control-Allow-Credentials: true
AS-P-8: OK
Content-Type: text/html; charset=UTF-8
AS-P-E: OK
AS-P-3: OK

GET
H2 200 94e37e2c8c380198845f2a3e26254301.png
iadoremakingpics.com/bnr/4/94e/37e2c8/ Frame 6E87 137 KB
138 KB 48ms
18ms Image
image/png 2606:4700:3036::6815:4193
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iadoremakingpics.com/bnr/4/94e/37e2c8/94e37e2c8c380198845f2a3e26254301.png
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:4193 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d941fba583952a335bf43d2fa612fa1a854261d8ad1b935293f542118b9373c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 45353
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 140443
last-modified: Thu, 10 Jun 2021 10:18:01 GMT
server: cloudflare
etag: "60c1e6d9-2249b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3WguEggcml1FTmgUHIQmhha7Y%2FLz%2BOyxg3EpPXLDEEHUPq70TBThWoE9yGzBV%2BQBAG8%2FVn%2BKdfqrYf3Vc%2BeXyEmr6c5gJqsioIBE4O85iwhKFtAoMATLEWJfIP8AWqk8TlHK9QIaa5omzFd71s8pnlU8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1382400
accept-ranges: bytes
cf-ray: 711d299c0b849bc4-FRA
expires: Fri, 27 May 2022 19:15:03 GMT

GET
H2 200 tr
www.facebook.com/ Frame 6E87 44 B
297 B 61ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=794325588036871&ev=PageView&noscript=1

Requested by

Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 27 May 2022 07:50:56 GMT

GET
H2 200 img.gif
my.rtmark.net/ Frame 6E87 43 B
491 B 51ms
14ms Image
image/gif 139.45.195.8
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=sync&lr=1&partner=231cd49a7855e5ab09961d63fb71270a509dc35327a759c7694c3f89594943d0

Requested by

Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.45.195.8 , United Kingdom, ASN9002 (RETN-AS, GB),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=1
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: Authorization
access-control-allow-credentials: true
timing-allow-origin: *, *
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
content-length: 43

GET
H2 200 0a1ebf4e-f1a4-4146-916d-6962c02eca57
tsyndicate.com/api/v1/retargeting/set/ Frame 6E87 35 B
463 B 58ms
12ms Image
image/gif 168.119.1.208
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tsyndicate.com/api/v1/retargeting/set/0a1ebf4e-f1a4-4146-916d-6962c02eca57
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 168.119.1.208 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.208.1.119.168.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 07:50:56 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: a7060b80b6c26f36
expires: 0

GET
H2 200 a56bbc85-b77d-4219-bfc4-e832384180bb
runative-syndicate.com/api/v1/retargeting/set/ Frame 6E87 35 B
469 B 57ms
12ms Image
image/gif 136.243.43.25
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://runative-syndicate.com/api/v1/retargeting/set/a56bbc85-b77d-4219-bfc4-e832384180bb
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 136.243.43.25 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.25.43.243.136.clients.your-server.de
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 27 May 2022 07:50:56 GMT
server: nginx
x-api-version: 1
vary: *
report-to: { "url": "https://pxl.runative-syndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
content-length: 35
x-request-id: fc06370b59bbf62e
expires: 0

GET add
qqjar.ru/retarget/ Frame 6E87 0
0

GET
H2 200 tr
www.facebook.com/ Frame 6E87 44 B
101 B 53ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=1414481212224503&ev=PageView&noscript=1

Requested by

Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:56 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 27 May 2022 07:50:56 GMT

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 6E87 0
419 B 48ms
13ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=ecd938f748969c750709ba2e8deeba23
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 6E87 0
419 B 63ms
13ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=ecd938f748969c750709ba2e8deeba23
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 6E87 0
418 B 45ms
13ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=ecd938f748969c750709ba2e8deeba23
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exdynsrv.com/ Frame 6E87 0
419 B 19ms
13ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exdynsrv.com/tag.php?goal=47dd92b1071a4ea3bd1564629f4b030c
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.exoclick.com/ Frame 6E87 0
419 B 27ms
13ms Image
text/html 95.211.229.247
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.exoclick.com/tag.php?goal=47dd92b1071a4ea3bd1564629f4b030c
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.247 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK tag.php
main.realsrv.com/ Frame 6E87 0
418 B 42ms
16ms Image
text/html 95.211.229.245
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://main.realsrv.com/tag.php?goal=47dd92b1071a4ea3bd1564629f4b030c
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 95.211.229.245 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Fri, 27 May 2022 07:50:56 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK r.php
syndication.traffichaus.com/adserve/ Frame 6E87 95 B
619 B 718ms
696ms Image
image/png 66.254.114.233
REFLECTED

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://syndication.traffichaus.com/adserve/r.php?k=CAT&adv_id=94511&exp=25920000&dh=969205b0247754250d921d8da45875fa&bh=48c011d2648afe0455d203967aa130a5&dom=&cb=1606322780791
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 66.254.114.233 , United States, ASN29789 (REFLECTED, US),
Reverse DNS: reflectededge.reflected.net
Software: nginx /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:57 GMT
server: nginx
transfer-encoding: chunked
x-request-id: 629082E0-42FE72E901BB29C4-172C7790
content-type: image/png

GET
H2 404 index.min.js
highlevelcount.com/ Frame 6E87 0
0 45ms
13ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://highlevelcount.com/index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0
Requested by: Host: goodfungame.com
URL: https://goodfungame.com/iframe/62334d9893a2a?iframe&ag_custom_domain=onlyhgames.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://goodfungame.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H2 200 WywAC.htm Show response
betteradsystem.com/ 44 B
140 B 184ms
132ms Script
text/javascript 162.252.213.208
TUT-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://betteradsystem.com/WywAC.htm?_=BAoAYpCC4AFikILggAGBAsAAIGFkgBwGhSUYtOkjcX8HSk47qKsQVgFliFA-j41P_K8YwQBHMEUCIQChUo4Fs6_Ojy5zZi1OCd97bAo7QS6-ZgOUK5k_Rmuk9wIgcKyX8rfmZl1CqxMIEfxZCuyiBoBxY4p5V0AO4-72zQvCACC0hF9knnswohxLKb3kIiPdemNqw8buz8YeGxLdISkSbcQAECoADJggUKAHAAIAAAAAABLFABB6hszNqEufoDwM7WLQsuHwwwBIMEYCIQCy4CIX6zE6pujsRa_pIWx_Se8wLxHw7XLm4HVs5j717gIhAISpigJDjSdu34_brHyejDd-HyGS1Y1D6Glp8GN3MvoC&v=4&OrojQzLX=770823&oAVRvJKq=&ZomFwaKh=0,0&nfcKuOdv=&qIjCYLGt=&s=1600,1200,1,1600,1200,0
Requested by: Host: www.betteradsystem.com
URL: https://www.betteradsystem.com/jmespath.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.252.213.208 , United States, ASN53334 (TUT-AS, US),
Reverse DNS
Software: /
Resource Hash: 9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 27 May 2022 07:50:56 GMT
popads-ec: ASB
asf: 9
content-length: 44
content-type: text/javascript;charset=UTF-8

GET
H3 200 NUTDL-1.jpg
www.onlyhgames.com/ 26 KB
27 KB 17ms
16ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.onlyhgames.com/NUTDL-1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccefb83cf153a6be8895ac390c17ea7b4ee2814f3a5baedab6355afb4e0c89dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.onlyhgames.com/go.php?id=xw04ubq17rs9jke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Fri, 27 May 2022 07:50:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 619067
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26699
last-modified: Sun, 07 Jul 2019 01:13:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MdUy00YZBIbVYOgfTlJPx8Paa%2F9eJPHDXbAiJ%2BptuIIoRz71pHYKyO2SdRvom78rlxU%2B5ydAzK3Ou3juGzMm%2BbZ2BXGQy1IkGlIx3XoiL5I0j7Ul%2BrlaTowMCSyQsdaThJCz5JQnw5nbhL2s7zpSkXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 711d29aeef1690fb-FRA
expires: Sun, 19 Jun 2022 03:53:10 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: poweredby.jads.co
URL: https://poweredby.jads.co/adshow.php?adzone=648146

Domain: 6.adsco.re
URL: https://6.adsco.re/

Domain: 4.adsco.re
URL: https://4.adsco.re/

Domain: qqjar.ru
URL: https://qqjar.ru/retarget/add?retargeting_code=1&add=1&retargeting_id=3959

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onlyhgames.com/	1970-01-20 20:51:49	Name: _ga Value: GA1.2.409922575.1653637856
.onlyhgames.com/	1970-01-20 03:22:04	Name: _gid Value: GA1.2.918715610.1653637856
.onlyhgames.com/	1970-01-20 03:20:37	Name: _gat_gtag_UA_96564504_1 Value: 1
.exosrv.com/	1970-01-20 20:51:49	Name: __uvt Value: a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22629082dfb60202.700894964240021405%22%3B%7D
.exosrv.com/	1970-01-20 03:22:04	Name: impressions Value: moomcercnxgxarsasmbrrgxcceimocxclmanxgxarsasmbrrgeiraesoobanxgxarsasmbrrgxcceimemloclbnxgxarsasmbrrgxcceialsxoccenxgxarsasmbrrgxcce
.exosrv.com/	1970-01-20 03:22:04	Name: c-tag Value: %7B%22tag-banner%22%3A%22v3%7C%7CDEU%7C3467257%7C69312440%7C0%7C%7C110%7C52%7C2%7C40%7C0%7C0%7C0%7C0%7C2861876%7C2912621%7C0%7C1%7C0%7C0%7C0%7C0%7C1%7C0%7C0%7C1%7C%7C8220eb20c8f49b3229ea32a64689ea80%7C0%7Conlyhgames.com%7C%7C%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7C0%7Cok%22%7D
www.onlyhgames.com/	1970-01-20 03:21:03	Name: a Value: ToOclBhKhLMiOpR9pM9TqID8SrB8lfNX
.goodfungame.com/	1970-01-20 03:22:04	Name: showed_14947_99314 Value: [2489640]
.goodfungame.com/	1970-01-20 03:22:04	Name: c_e432adedbc1ae7e6683891b82fa03e6b Value: 1
.goodfungame.com/	1970-01-20 03:22:04	Name: z_ea00152bbde98f92d002e3e26b0904e3 Value: 1
www.onlyhgames.com/	1970-01-20 03:20:59	Name: token_QpUJAAAAAAAAGu98Hdz1l_lcSZ2rY60Ajjk9U1c Value: BAoAYpCC4AFikILggAGBAsAAIGFkgBwGhSUYtOkjcX8HSk47qKsQVgFliFA-j41P_K8YwQBHMEUCIQChUo4Fs6_Ojy5zZi1OCd97bAo7QS6-ZgOUK5k_Rmuk9wIgcKyX8rfmZl1CqxMIEfxZCuyiBoBxY4p5V0AO4-72zQvCACC0hF9knnswohxLKb3kIiPdemNqw8buz8YeGxLdISkSbcQAECoADJggUKAHAAIAAAAAABLFABB6hszNqEufoDwM7WLQsuHwwwBIMEYCIQCy4CIX6zE6pujsRa_pIWx_Se8wLxHw7XLm4HVs5j717gIhAISpigJDjSdu34_brHyejDd-HyGS1Y1D6Glp8GN3MvoC
my.rtmark.net/	1970-01-20 12:06:13	Name: ID Value: 0e0db764810f41868075d3ded02c6e8e
runative-syndicate.com/	1970-01-20 12:06:13	Name: ts_rt_a56bbc85-b77d-4219-bfc4-e832384180bb Value: AQE=
tsyndicate.com/	1970-01-20 12:06:13	Name: ts_rt_0a1ebf4e-f1a4-4146-916d-6962c02eca57 Value: AQE=
.exdynsrv.com/	1970-01-20 12:06:13	Name: goals Value: a%3A1%3A%7Bi%3A22614%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-27%22%3B%7D%7D
.exoclick.com/	1970-01-20 12:06:13	Name: goals Value: a%3A1%3A%7Bi%3A22614%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-27%22%3B%7D%7D
.realsrv.com/	1970-01-20 12:06:13	Name: goals Value: a%3A1%3A%7Bi%3A22614%3Ba%3A1%3A%7Bs%3A4%3A%22date%22%3Bs%3A10%3A%222022-05-27%22%3B%7D%7D
www.onlyhgames.com/	1970-01-20 03:20:59	Name: _popprepop Value: 1

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ads.exoclick.com/ad_track.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.exoclick.com/ad99uip8i.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.exoclick.com/ad_track.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.exoclick.com/ad99uip8i.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.exoclick.com/ad_track.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.exoclick.com/ad99uip8i.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://ads.exoclick.com/ad_track.js Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.exoclick.com/ad99uip8i.php, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://highlevelcount.com/index.min.js?pk=0f6c6b0d2533be0a124411ed43310cc0 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qqjar.ru/retarget/add?retargeting_code=1&add=1&retargeting_id=3959 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.adsco.re
6.adsco.re
a.exosrv.com
a.realsrv.com
ads.exoclick.com
ads.exosrv.com
adsco.re
betteradsystem.com
c.adsco.re
goodfungame.com
gopbkl6c7vap.l4.adsco.re
gopbkl6c7vap.n4.adsco.re
gopbkl6c7vap.s4.adsco.re
highlevelcount.com
iadoremakingpics.com
js.juicyads.com
main.exdynsrv.com
main.exoclick.com
main.realsrv.com
my.rtmark.net
poweredby.jads.co
qqjar.ru
runative-syndicate.com
s3t3d2y8.ackcdn.net
syndication.exosrv.com
syndication.traffichaus.com
tsyndicate.com
www.betteradsystem.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.onlyhgames.com
4.adsco.re
6.adsco.re
poweredby.jads.co
qqjar.ru
136.243.43.25
139.45.195.8
162.252.213.208
162.252.214.5
168.119.1.208
185.200.116.90
185.200.118.90
185.94.236.244
2001:4de0:ac19::1:b:1a
2001:4de0:ac19::1:b:1b
2001:4de0:ac19::1:b:2b
2001:4de0:ac19::1:b:3b
2600:9000:2057:8600:c:dd71:23c0:93a1
2606:4700:3036::6815:4193
2606:4700::6811:a6ba
2606:4700::6811:a7ba
2a00:1450:4001:810::200e
2a00:1450:4001:831::2008
2a02:6ea0:c700::2
2a03:2880:f11c:8083:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
38.132.109.186
66.254.114.233
95.211.229.245
95.211.229.247
01c8f5cfaf2e93d6757f1ff98e84d3755826c45a9c292ffdf4156b75adf11349
0380569663cd9e602133f12d47b84a1407ebba3c542868e52f065de794a5133b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
23fa5daab464fc4565d6375d5ab95cc677a2dbb07ecfa22bad67946b40f60db7
3b3b7fc1592aa5008f387a5aba44846925a32ec4cc85cb374b2009cd59e8dc4a
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f001469d1a9f650e94baa79ad25742a1180ff696530dbacc0ddfa6d539d4394
45168fce21f822bb60ce5253886f0d0c656fe79d260f4676c2ca63bbf162c610
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5325d5beb64d82d48d3f7d78b606ee93b8e975a55868bba038905329ed1044b9
568c7149d705ee0c49422441d4e4879586e924b06716668cc92a309dbdae1169
56b888f4c760420b88d2d533aaff3f13e09c98935758066904e11bcbab76d706
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
5bf100d9ab245fccdbf0c89c439c9b2af3f222c62712950816162cbc0ad28150
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf3f7b1d3b167230b23517e22fcddfb15b15aba03e5e014c94e79113202cd0b
7052d93b5c20c520d09f90c76606030882ac3b4a11730f8ff5511cf779c6ea4a
7aa86091478c8a9eeb69301b8fe5a9c4b0a4e2c98ccf26f5aa2affe137d17248
7b3a25f46e182f7b7c98d8b8412c8db0ca7ae8fb4fd02159a986f73327d69821
7d9db5d4066c7fcc99e752b96a5c8e81bcabfee0edf1bd427f5aa82d5759fbcb
8412627d4d679bcb5520dfe29089f05130b37bfb9e0f0fc125de80f8ea86a801
8674d62c3353c9dfc489b22fc0ceb6b552e45adea2aeb434ae03baa3c8d78e06
996a179212043f8fbf2009a544e1a137bc7538075ef287d2e833f18f2831736d
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a997d0e4a8e2ed3cc8ed7a232fb8f464948e17ef784b62a0a7d9c51f3b51b9e8
abe52ba7ff03719a1fcf44d5069d98ef33721ccb71ac7f8cfaac70a1ab9478ef
b29e27f88cc1a15840cec93a42fae70417830ef02a056b5943a84bb43afc83ef
c07fd417447f3265f6f01eea7139d242d6b88e5c2d80388c10f35c18d506f9ce
c0981dc0a42cda924e91669b927d1a27c25be12f0d44fe2f9c4cc2b7c580cab3
c53a889b482af6ac32dc86dfdf24d2004a50cb9c0d551d2eab33e7cec723a1f2
c7aa784cc05d11035a50799f888986bbc09be678bbf6b57ffd63f1e36174100c
cb4418cd02e147f7df562f6c221c4e3bf97f1a7a85c96220319a5f9a54b9f746
ccefb83cf153a6be8895ac390c17ea7b4ee2814f3a5baedab6355afb4e0c89dc
d941fba583952a335bf43d2fa612fa1a854261d8ad1b935293f542118b9373c5
da1bc24aeafec2701dbdeed0d9f37421252a140e3307a71e4bc5fec4cec377e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ccfc4dd857709542710e1cbf7bcc2428168f84890971f7972d1e81225f6296
e71c68cbeac1de74ef11ad137c60d3589d15460c8396f0b81cd927b4be7268fa
f8f65c13cd5b7e6d878c2db9444bfd0a7903fcdc88e5f5ec9de8006e200dfd6c

www.onlyhgames.com Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

92 %HTTPS

54 %IPv6

21 Domains

32 Subdomains

27 IPs

5 Countries

652 kBTransfer

1244 kBSize

18 Cookies

7 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.onlyhgames.com Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

92 %
HTTPS

54 %
IPv6

21
Domains

32
Subdomains

27
IPs

5
Countries

652 kB
Transfer

1244 kB
Size

18
Cookies

62 HTTP transactions
0 data transactions