www.tirksgaming.online Open in urlscan Pro
2607:f8b0:400d:c00::79  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.tirksgaming.online/	148 KB 42 KB	864ms 496ms	Document text/html	2607:f8b0:400d:c00::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c00::79 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 85c6c31436e74fc0354c63107c271de0788d81022ca03b38416d8e7070f0db4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers cache-control private, max-age=0 content-encoding gzip content-length 43192 content-type text/html; charset=UTF-8 date Sun, 11 Aug 2024 16:15:20 GMT etag W/"e733a3c2e2af3d5bd7b1483403e751481cf9a38909182b3508b7448556dc3f6c" expires Sun, 11 Aug 2024 16:15:20 GMT last-modified Sat, 03 Aug 2024 07:55:57 GMT server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	157 KB 51 KB	428ms 183ms	Script text/javascript	173.194.68.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9579639375588913 Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.68.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS qr-in-f154.1e100.net Software cafe / Resource Hash 4584c6421dfa1fd33b72506106ffb27471a692cfc031a4cd74e49928aeb8bf09 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Origin https://www.tirksgaming.online User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:21 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52443 x-xss-protection 0 server cafe etag 15315588836890301529 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Sun, 11 Aug 2024 16:15:21 GMT
GET H2	200	Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 fonts.gstatic.com/s/tajawal/v3/	8 KB 8 KB	502ms 254ms	Font font/woff2	2607:f8b0:400d:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrRpiYlJ.woff2 Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Origin https://www.tirksgaming.online User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 02:45:55 GMT x-content-type-options nosniff age 480566 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8488 x-xss-protection 0 last-modified Tue, 16 Jul 2019 03:31:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Aug 2025 02:45:55 GMT
GET H2	200	Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 fonts.gstatic.com/s/tajawal/v3/	10 KB 10 KB	409ms 162ms	Font font/woff2	2607:f8b0:400d:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l8KiHrFpiQ.woff2 Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Origin https://www.tirksgaming.online User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 02:31:31 GMT x-content-type-options nosniff age 481430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9864 x-xss-protection 0 last-modified Tue, 16 Jul 2019 03:31:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Aug 2025 02:31:31 GMT
GET H2	200	Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 fonts.gstatic.com/s/tajawal/v3/	8 KB 8 KB	390ms 142ms	Font font/woff2	2607:f8b0:400d:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrRpiYlJ.woff2 Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Origin https://www.tirksgaming.online User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 03:04:05 GMT x-content-type-options nosniff age 479476 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8600 x-xss-protection 0 last-modified Tue, 16 Jul 2019 03:34:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Aug 2025 03:04:05 GMT
GET H2	200	Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 fonts.gstatic.com/s/tajawal/v3/	10 KB 10 KB	369ms 122ms	Font font/woff2	2607:f8b0:400d:c01::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/tajawal/v3/Iurf6YBj_oCad4k1l4qkHrFpiQ.woff2 Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c01::5e Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Origin https://www.tirksgaming.online User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Tue, 06 Aug 2024 02:31:31 GMT x-content-type-options nosniff age 481430 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9988 x-xss-protection 0 last-modified Tue, 16 Jul 2019 03:34:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 06 Aug 2025 02:31:31 GMT
GET H2	200	AVvXsEhpEgC4jQSYoXVDzlpoYV9hNaPPNP-XEQyS_h890A3lhz3jIKyF4RFCIXgbpE3PFRAHsbsp5VVwc6nep0P2rY_2TcTszxGt8b1zyaN5gyTPoZv_5s36vQGP39BbsqGGdOzfjYs5emubGrGik2jAcCcAIwujBKNVaBSoobTzCDWiIGZ0Hq4D9WkCx4Dw564=s... blogger.googleusercontent.com/img/a/	322 KB 322 KB	762ms 491ms	Image image/jpeg	2607:f8b0:4004:c0b::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/a/AVvXsEhpEgC4jQSYoXVDzlpoYV9hNaPPNP-XEQyS_h890A3lhz3jIKyF4RFCIXgbpE3PFRAHsbsp5VVwc6nep0P2rY_2TcTszxGt8b1zyaN5gyTPoZv_5s36vQGP39BbsqGGdOzfjYs5emubGrGik2jAcCcAIwujBKNVaBSoobTzCDWiIGZ0Hq4D9WkCx4Dw564=s1600 Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 5beac3c6fdd32a5bb06eed95590fa6b94802d4020993738dbef182aa32ee7e61 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:21 GMT x-content-type-options nosniff server fife etag "vfa" vary Origin content-type image/jpeg access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="Picsart_24-07-15_15-27-06-985.jpg" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 329637 x-xss-protection 0 expires Mon, 12 Aug 2024 16:15:21 GMT
GET H2	200	Picsart_24-07-09_16-02-10-257.png blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguXPiN2OBdsKD4X2QO9tvgNF1bd4dWhco8TfqvhWNcmyMwczN9Y54wjenwhcnV0flHHBJmePgTKYf6b6bbKwjKXL6Dpn73Wkyf55P6mpUgKR7CuYmvysxOzRPeW6B-MNHnuyW8yKKxQraosdHE...	366 KB 366 KB	1183ms 996ms	Image image/webp	2607:f8b0:4004:c0b::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEguXPiN2OBdsKD4X2QO9tvgNF1bd4dWhco8TfqvhWNcmyMwczN9Y54wjenwhcnV0flHHBJmePgTKYf6b6bbKwjKXL6Dpn73Wkyf55P6mpUgKR7CuYmvysxOzRPeW6B-MNHnuyW8yKKxQraosdHElCB-BHmIByeFYhfAH_5Mrj04tDVZu-puRJa4wByUF89j/s800-rw-e360-l50/Picsart_24-07-09_16-02-10-257.png Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash f80c4eb30988b04583c4d4fe41ea73c2d0a141fc74c535797551b4c648331106 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:22 GMT x-content-type-options nosniff server fife etag "vd0" vary Origin content-type image/webp access-control-expose-headers Content-Length cache-control public, max-age=7776000, no-transform content-disposition inline;filename="Picsart_24-07-09_16-02-10-257.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 374302 x-xss-protection 0 expires Sat, 09 Nov 2024 16:15:22 GMT
GET H2	200	0794b4612acc3a07cef8997fd6846e3690751942r1-1280-720v2_hq.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgckrBd35uu8iyv60gb9wrVM_ZGyeEmVv7SPHzhN350yuzxEYWazLPmm0WzvREH9jmy3r3-7sUveTGILbghBDd1VTGgDIotE25wz2Nr3c4ZFcxjDsuRvsjefe2QDOXP2CbfZDzAkzpBkX6HhO7v...	19 KB 19 KB	852ms 665ms	Image image/webp	2607:f8b0:4004:c0b::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgckrBd35uu8iyv60gb9wrVM_ZGyeEmVv7SPHzhN350yuzxEYWazLPmm0WzvREH9jmy3r3-7sUveTGILbghBDd1VTGgDIotE25wz2Nr3c4ZFcxjDsuRvsjefe2QDOXP2CbfZDzAkzpBkX6HhO7vu1OJi7mW4w1KdDKUKzYAr3Jwzp64nvSrxPg9NmW6sLY/s800-rw-e360-l50/0794b4612acc3a07cef8997fd6846e3690751942r1-1280-720v2_hq.jpg Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash dc0c9724b620205651cbb39f9c8e969896bee420cd47ae2b6dfbf07fb3e35d55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:21 GMT x-content-type-options nosniff server fife etag "v10a" vary Origin content-type image/webp access-control-expose-headers Content-Length cache-control public, max-age=7776000, no-transform content-disposition inline;filename="0794b4612acc3a07cef8997fd6846e3690751942r1-1280-720v2_hq.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19502 x-xss-protection 0 expires Sat, 09 Nov 2024 16:15:21 GMT
GET H2	200	Picsart_24-06-18_11-43-02-434.jpg blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikKQM4XEn5hesZhFdw7S-Xcs8BdZ7E7RW-rA-vMnsbgSPqrY8EM9Hxu8M5V26mBOg6E1_Vd1iJKj4YqfcL-6ZapKBi1fcbG1pli0oSDPexIk3hFI2ys3YWRbToxWmjdOPka0hyphenhyphenZJ...	12 KB 12 KB	1156ms 970ms	Image image/webp	2607:f8b0:4004:c0b::84 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEikKQM4XEn5hesZhFdw7S-Xcs8BdZ7E7RW-rA-vMnsbgSPqrY8EM9Hxu8M5V26mBOg6E1_Vd1iJKj4YqfcL-6ZapKBi1fcbG1pli0oSDPexIk3hFI2ys3YWRbToxWmjdOPka0hyphenhyphenZJa95-M7bOvhpHNyhW-zWIrIIvF1IyQ7cDjMDIFYHVDqrVRRG4zN4o4U/s800-rw-e360-l50/Picsart_24-06-18_11-43-02-434.jpg Requested by Host: www.tirksgaming.online URL: https://www.tirksgaming.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c0b::84 Washington, United States, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash 39b661d991edeaa12b34f29bd12cc9e8f0f0f22058bc7a0ca768ec0cfbd2ded1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:21 GMT x-content-type-options nosniff server fife etag "vd8" vary Origin content-type image/webp access-control-expose-headers Content-Length cache-control public, max-age=7776000, no-transform content-disposition inline;filename="Picsart_24-06-18_11-43-02-434.webp" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11818 x-xss-protection 0 expires Sat, 09 Nov 2024 16:15:21 GMT
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/	423 KB 143 KB	465ms 223ms	Script text/javascript	173.194.68.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js?bust=31085975 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9579639375588913 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.68.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS qr-in-f154.1e100.net Software cafe / Resource Hash 0adcdd2327c28e8da9d121ddf81510aca4ea525bbc7946c048295d6da9d36d62 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:22 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 145920 x-xss-protection 0 server cafe etag 18168344769413870264 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 11 Aug 2024 16:15:22 GMT
GET H3	200	zrt_lookup_fy2021.html googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/ Frame ECF3	0 0	364ms 121ms	Document text/html	173.194.175.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240807/r20110914/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js?bust=31085975 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.175.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qs-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers age 54764 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4141 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 11 Aug 2024 01:02:38 GMT etag 3784890935487277381 expires Sun, 25 Aug 2024 01:02:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads googleads.g.doubleclick.net/pagead/ Frame 6EAA	0 0	354ms 137ms	Document text/html	173.194.175.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9579639375588913&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1722671757&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwww.tirksgaming.online%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aiael=32~27~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~30~34&aifxl=32_7~27_9~30_19&aiixl=32_9~27_3~30_6&aslmct=0.7&asamct=0.7&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1723392921713&bpp=4&bdt=728&idt=766&shv=r20240807&mjsv=m202408060101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7921638895430&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44795921%2C95331689%2C95334526%2C95334830%2C95337868%2C31085975%2C95336266%2C31078663%2C31078668%2C31078670&oid=2&pvsid=599544696436836&tmod=1259194591&uas=0&nvt=1&fsapi=1&fc=1920&brdim=80%2C80%2C80%2C80%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=799 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js?bust=31085975 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.175.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS qs-in-f157.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Sec-Browsing-Topics ();p=P0000000000000000000000000000000 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 46 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 11 Aug 2024 16:15:22 GMT expires Sun, 11 Aug 2024 16:15:22 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 13 KB	497ms 497ms	XHR application/json	173.194.68.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240807&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js?bust=31085975 Protocol H3 Security QUIC, , AES_128_GCM Server 173.194.68.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS qr-in-f154.1e100.net Software cafe / Resource Hash 245ae2dfbc8835635895e406a5b02596de528e83c7c2371609b06393c538ce60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:23 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12896 x-xss-protection 0
GET H2	200	favicon.ico www.tirksgaming.online/	9 KB 710 B	187ms 187ms	Other image/x-icon	2607:f8b0:400d:c00::79 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.tirksgaming.online/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c00::79 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash c2d80cacf77e177f2f6c11506f79159581b8b3664dbcae56f8a84f84c8c4bab2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:23 GMT content-encoding gzip x-content-type-options nosniff last-modified Sat, 03 Aug 2024 07:55:57 GMT server GSE etag W/"e733a3c2e2af3d5bd7b1483403e751481cf9a38909182b3508b7448556dc3f6c" content-type image/x-icon; charset=UTF-8 cache-control private, max-age=86400 content-length 582 x-xss-protection 1; mode=block expires Sun, 11 Aug 2024 16:15:23 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	389ms 124ms	Script text/javascript	2607:f8b0:400d:c01::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202408060101/show_ads_impl_fy2021.js?bust=31085975 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers date Sun, 11 Aug 2024 16:15:23 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 11 Aug 2024 16:15:23 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB5A	0 0	765ms 122ms	Document text/html	2607:f8b0:400d:c01::84 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:400d:c01::84 Morganton, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.tirksgaming.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers accept-ranges bytes age 479445 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 06 Aug 2024 03:04:39 GMT expires Wed, 06 Aug 2025 03:04:39 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe www.google.com/recaptcha/api2/ Frame F9A8	0 0	783ms 138ms	Document text/html	142.251.167.105 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.251.167.105 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS ww-in-f105.1e100.net Software GSE / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-CcZPvN-kuUx5QAig-VRKeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://www.tirksgaming.online/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-CcZPvN-kuUx5QAig-VRKeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 11 Aug 2024 16:15:24 GMT expires Sun, 11 Aug 2024 16:15:24 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240807&jk=599544696436836&bg=!NTalNnnNAAZjy5caQ8s7ADQBe5WfONR3dugWuFebJnc_A4DT68SbWNbydLMEQm8rt9tuy4-kwj3VLu12ZNLDn6PDRDazAgAAAFlSAAAABGgBB34ANteasenmii1vgU8B4iN0d1GwOQdgQWboQ_COlMD-rtVlGfrioHyvSFMIMP2JU3udexr3Woq-cwoANrGP2kFpRlB7sOE_M2THV8FYuZ6cM5t4T87E25SKouxU9obQyNI9WVJjtuThyU2cr5p-8S2qE5kCt8atWKlA5BEmbUf0jIZCxUNi6ckCtJKOBPfQLORkQAtAECbnyLSkoMdkLwjA_52j7EpyVYw29VndUPDndD4rwwUoDCeQhHy48x6PLpK3m4xu7t9iHK9P61lsiE5KCDsUtOixvRFXYTCMaGNBxCxRL7guK8u7xWyxLqO0FpWgZTsCPyXkIgzoCEi7QUYxk_HY9mq9AIXaVPivb8WTX_2A93ppZXd8K0XZQ9W4X8rvoyxEXXo-tpAlDWPd2AZ9_A4xhUXikMjBdV4Sr7wuYVF-rpS7XHG4H4r424v2EA2KT_OyKOK30caCQo8DQXOrkhOdZ5rUyG-kIt_Wv6mRkpajBIQqM3YLLoCB3SmZHB8yiZdnxoq-9LhoRpZqEs9Qz1uk8sYqj5xHDxp1NVRXHaHGEtf2w6WQiinsLY4rH2tlTpxtscADljezmIPI5Bxg3RRMFlZbGZ2ZfH_6O2fEuLhO40adgBHoBBDUr7urI9F4d-8jtgpjYcFXQm_YMEzNjaSiKLAohMrHejOcvsdDYwzLCu9s8c4krXxhcTyswedAIf1Cd2Vf3k699fJgtjPigG1UJ7_Ajt1uhgbEE22tjNczJyyFmRQym5RjmBrI5v8n2UQqEjZTomzn_TMy3UTGWMTIbkjrRXFTAg_6Z7ViACn2zNK4oXRfDFna8c7XiV_wmKAZTuuR84gmKObiO0wAWLpPNQuUVX0p0HWAYQCIuE34qEdpVXdoqPCetJ50NGYeD5GJfZ_tA4ExCTYGVbpm1teQ76edMlkKhxvhdGWLNXGALJ96djE-gE1iKeQ1ZMFnDSYX4F7O_BWTuoZwCrtVfW8IvD3czvPDnIkHAderd4jSdwGftshiXl3QUJoA_f2qhwzYAoz8iSOvHbs9yIC_bX0Q-a6rqM5uGvZoKvdRzEGKzUQC_J3fGpTP

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 function| Lazy function| $getScript function| GetAgo string| agminutes string| aghour string| aghours string| agday string| agdays string| agmonth string| agmonths string| agYear string| agYears string| ReadMore string| ReadMoreA string| ViewMore string| NextArticle string| PreviousArticle string| Direction string| page string| of string| shareText string| shareText2 string| configtxt string| redytxt string| errtxt string| nolapel string| minifun string| replyfun string| cmtdelet string| cmtShowMore string| BlogLang boolean| MaxTitle number| MaxTitleNum boolean| bjsif string| altImage string| imgfilter function| _$ function| _0x56a5 function| _0x58b6 function| openSidenav function| changeDS function| _0x2bbe function| sp_db number| z object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 22:43:13	Name: test_cookie Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blogger.googleusercontent.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google.com
www.tirksgaming.online
pagead2.googlesyndication.com
142.251.167.105
173.194.175.157
173.194.68.154
2607:f8b0:4004:c0b::84
2607:f8b0:400d:c00::79
2607:f8b0:400d:c01::5e
2607:f8b0:400d:c01::84
0adcdd2327c28e8da9d121ddf81510aca4ea525bbc7946c048295d6da9d36d62
245ae2dfbc8835635895e406a5b02596de528e83c7c2371609b06393c538ce60
39b661d991edeaa12b34f29bd12cc9e8f0f0f22058bc7a0ca768ec0cfbd2ded1
453a980367e2c76aacb9c48ddab4f0732175bd0f2aefc257cfaa75dfb4dc2ae2
4584c6421dfa1fd33b72506106ffb27471a692cfc031a4cd74e49928aeb8bf09
5beac3c6fdd32a5bb06eed95590fa6b94802d4020993738dbef182aa32ee7e61
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
773d39d817342d38ff8203ede93c2280d9f4e6cbeac425fe09bdb7decddc65aa
85c6c31436e74fc0354c63107c271de0788d81022ca03b38416d8e7070f0db4a
b0d3610919043227b56c8d5130e2ead271a067bb1b930678d5af24bbbae7c16f
c2d80cacf77e177f2f6c11506f79159581b8b3664dbcae56f8a84f84c8c4bab2
d5aa3e4c58493f8d3693be4962e94e08d14e178ef4f0be2a27369a8813498e54
dc0c9724b620205651cbb39f9c8e969896bee420cd47ae2b6dfbf07fb3e35d55
f80c4eb30988b04583c4d4fe41ea73c2d0a141fc74c535797551b4c648331106